Senior Product Security Engineer
Financial Services | 6‑month Contract | Inside IR35
London - 2 days onsite per week
My client, a leading Payments company is looking for a Senior Product Security Engineer to join their evolving cyber security function. This is a key role focused on embedding security across the full product lifecycle and driving secure‑by‑design principles across engineering teams.
The Role
As a Senior Product Security Engineer, you will act as the primary security partner for product and engineering teams - ensuring applications are designed, built and maintained with robust security at their core. You will lead threat modelling, manage vulnerability backlogs, support incident response, and help uplift security maturity across development squads.
Key Responsibilities
Define and implement product security policies, tooling and standards across the SDLC
Lead threat modelling for new and existing applications
Own the product vulnerability backlog, prioritising and tracking remediation
Liaise on bug bounty findings and ensure timely fixes
Conduct root cause analysis for security incidents and systemic issues
Act as Incident Commander or Investigation Lead during security events
Partner with CI/CD teams to integrate SAST, DAST, SCA and other security controls
Collaborate with product, engineering and compliance stakeholders to deliver security initiativesWhat You'll Bring
Strong expertise in vulnerability management, threat modelling and secure SDLC
Solid incident response and root cause analysis experience
Background in bug bounty or coordinated disclosure processes
Strong stakeholder engagement and communication skills
Experience with CI/CD pipeline security tools
Knowledge of third‑party risk and regulatory considerationsPlease apply with your updated CV if the role is of interest