Description
Thought Machine’s mission is bold – to properly and permanently rid the world’s banks of legacy technology. To achieve this, we have developed the foundations of modern banking and built core and payments technology which runs natively in the cloud. What we are attempting is hard and means we need great people working together to build great technology.We have grown rapidly in the past few years – growing our team to more than 500 individuals across offices in London, New York, Singapore and Sydney. We have raised more than $500m in funding and are now valued at $2.7bn. Our investors include Molten Ventures, Eurazeo, Intesa Sanpaolo, Temasek, Nyca Partners, JPMorgan Chase, Standard Chartered, and more. We have created a culture enabling our team to produce the best work in the industry, ensuring we have fun along the way. We're regularly cited as having a fantastic workplace culture and have been recognised by Sifted magazine as having one of the highest Glassdoor ratings for a UK fintech company and the most generous employee share package in the industry. We've been named AltFi's B2B Fintech of the Year, placed in the FinTech50, and named one of Europe’s fastest-growing companies by the Financial Times in 2023.A Cloud Security Engineer is an individual contributor to the larger Security Engineering team. We desire engineers who are architects and designers, can create solutions (often in code), and think creatively about security challenges and threats. We for a passion for unique solutions and the exploration of unique ideas and perspective that you can bring to a challenge.The Security Engineering team is a cross-functional team made up of individuals who bring their own unique expertise in either (or both) application security and infrastructure (cloud) security. We allow team members to move from project to project, subject to subject based on their skills, experience, and interests. Each team member brings their own expertise to bear in ways that are collaborative and designed to find the best solutions to complex problems.The team covers the following areas, and individuals contribute to any of them based on their own expertise:
1. Designs and reviews to build a secure product and platform
2. Threat modelling to identify relevant areas of focus
3. Define the best in class protective and detective security controls
4. Development of automation tooling
5. Implement cutting-edge tooling and measures
6. Code review and assessment to minimise exposures and vulnerabilities
A large part of Thought Machine product security function is a greenfield challenge; we are building the bank of tomorrow with cutting edge technology. To achieve this we need innovative thinking to create security solutions in our products and our infrastructure. We look for people who think outside the box, and outside of traditional silos to find unique solutions and approaches to security that lead the industry. Duties
7. Provide security expertise and mentorship to Thought Machine engineering teams through the stages of planning, design, and testing of new solutions.
8. Co-develop threat models with engineering teams that identify relevant threats and relevant strategies for mitigation
9. Design and build cloud native preventative and detective controls that operate at scale
10. Build and maintain automation to actively audit and assess infrastructure-as-code and in-place infrastructure
11. Develop (in code) security tooling, contribute to third-party security products, and develop updates for existing tooling that is in use in our environment
12. Work with cloud engineering and operations teams to develop tooling that maintains our secure operating state in production
13. Perform security reviews and security testing
14. Contribute to the overall security strategy, security tooling selection and creation
15. Operate collaboratively with other Thought Machine teams with autonomy, trust, and influence
Requirements
Essential
16. Familiarity with building and deploying containerised applications in public cloud using CI/CD frameworks and infrastructure automation
17. Knowledge of cloud networking architecture, cloud operations, security, automation and orchestration
18. Familiarity with identifying and enumerating security threats and contributing to design reviews
19. Knowledge of security in distributed systems at scale
20. Familiarity with good security practices with containers and Kubernetes
21. Experience with languages such as Go, Python, or other modern programming languages
22. Coding experience in the creation, automation, and integration of security tools
23. Experience in version control systems such as Git
24. Experience with designing, developing, and maintaining security in public cloud environments such as AWS and GCP
25. A desire to collaborate and communicate with team members on projects
Desirable
26. Existing experience building and operating distributed systems at scale
27. Awareness and experience with “well-architected” cloud security frameworks or CSA-CCM
28. Contributions to the security community (public research, blogging, presentations, etc)
29. Experience in performing web application penetration testing and security tooling
30. Experience developing tools and interacting with cloud provider APIs.
Benefits
31. Highly competitive salary
32. Pension plan (match up to 7%)
33. Life insurance - three times annual salary
34. Competitive maternity (6 months fully paid) and paternity leave (4 week fully paid)
35. Shared parental leave (matched to our maternity leave for the same point in time)
36. 25 days holiday and bank holidays
37. Private health insurance with Bupa for you and your family
38. Health cash plan (including dental and optical)
39. Flexible working hours
40. Cycle-to-work scheme
41. Electric car scheme
42. Season ticket loan
43. Access to outstanding learning materials and courses
44. Sports and hobby clubs, subsidised by Thought Machine
45. All the latest tech you need
46. Start the day properly with fresh fruit and cereals
47. Huge range of healthy (and not-so-healthy) snacks, smoothies and drinks
48. A talented and experienced team as your colleagues
49. An environment where we encourage learning and progress
50. Two charity days a year
51. Weekly food pop up
Thought Machine are committed to making a measurable positive impact on people's everyday lives. We are an equal opportunity employer and value diversity at our company. We actively hire for cultural growth. We welcome people of all ages, backgrounds and value people who take a journey unique to them. We provide everyone with equal access to professional development. You are encouraged to apply even if your experience doesn't precisely match the job description.