Senior Product Security Engineer
Financial Services | 6-month Contract | Inside IR35
London - 2 days onsite per week
My client, a leading Payments company is looking for a Senior Product Security Engineer to join their evolving cyber security function. This is a key role focused on embedding security across the full product life cycle and driving secure-by-design principles across engineering teams.
The Role
As a Senior Product Security Engineer, you will act as the primary security partner for product and engineering teams - ensuring applications are designed, built and maintained with robust security at their core. You will lead threat modelling, manage vulnerability backlogs, support incident response, and help uplift security maturity across development squads.
Key Responsibilities
* Define and implement product security policies, tooling and standards across the SDLC
* Lead threat modelling for new and existing applications
* Own the product vulnerability backlog, prioritising and tracking remediation
* Liaise on bug bounty findings and ensure timely fixes
* Conduct root cause analysis for security incidents and systemic issues
* Act as Incident Commander or Investigation Lead during security events
* Partner with CI/CD teams to integrate SAST, DAST, SCA and other security controls
* Collaborate with product, engineering and compliance stakeholders to deliver security initiatives
What You'll Bring
* Strong expertise in vulnerability management, threat modelling and secure SDLC
* Solid incident response and root cause analysis experience
* Background in bug bounty or coordinated disclosure processes
* Strong stakeholder engagement and communication skills
* Experience with CI/CD pipeline security tools
* Knowledge of third-party risk and regulatory considerations
Please apply with your updated CV if the role is of interest