Security Engineer

Full-time - Permanent
About Us

For many, the process of getting a mortgage is hellish; hellishly complicated, hellishly costly and hellishly outdated. At Habito, we’re changing that. We believe people shouldn’t have to go through hell to get a mortgage.

Since our launch in 2016, we have made it our mission to fundamentally change the way people finance their homes. Whether buying for the first time, remortgaging, moving house or buying as an investment, we have developed an award-winning service that puts our customers back in the driving seat, giving them greater control over their finances. We deliver industry-leading expert advice in real time, cutting edge AI-driven technology that gives them access to the best possible deals, plain English conversations and absolutely no fees whatsoever.

We’re enormously proud of what we’ve achieved. Together, our 100-strong team has built great things to bring this mission to life. We’ve won numerous industry awards for our innovation, our talent and our service.  And our enviable roster of backers is testament to that hard work and vision: to date, we have raised £27.5million in funding from some of the biggest names in venture capital and FinTech – Atomico, Ribbit Capital and Mosaic Ventures as well as the founders of Funding Circle and TransferWise.

Most importantly, we’ve helped more than 160,000 people get the mortgage they deserve. Our proudest achievement yet is the love we get from our customers, borne out by consistently excellent TrustPilot reviews from more than 1,500 happy homeowners.

But our work never stops. The landscape continues to evolve and, because we believe in financial products that put the customer’s interests first by design, we have ambitious plans to continue innovating, improving and disrupting in this space. As our business scales up, to extend beyond brokerage and insurance into becoming a mortgage marketplace, our focus on pioneering product and best-in-class delivery is greater than ever.

We offer a highly-autonomous working environment

Our engineers work in cross-functional crews alongside product owners, designers and other contributors as appropriate. As a security engineer you’ll be helping build a crew focussed on constantly improving Habito’s security, which will involve (but not be limited to):

Testing and assessing the security posture of our codebase and systems with a view to continuous improvement, either through direct fixes or by furnishing other crews with reports and information that they can use to fix issues.

Working with other crews to build a culture in which our systems are secure by design and construction, driving best practices and standards throughout the wider organisation.

Responding to security incidents -- helping the business to understand impact, learn from experience and evolve to prevent future occurrences.

We use lots of exciting technology

We’re big believers in functional programming and tenets commonly associated with it such as immutability, declarative specification and static typing and make heavy use of the following:

    • Haskell for our back-end application code (much of which exposes JSON APIs) and some of our infrastructure.
    • PureScript for our front-end application code.
    • Hakyll and other generation tools for static site generation.
    • Bazel and Nix for hermetic, reproducible builds and package management.
    • PostgreSQL, event sourcing/CQRS and Elasticsearch for persistence and data management.
    • Docker and Kubernetes for running and deploying code in production.
    • AWS for our infrastructure.

You should apply if

    • You’re interested in understanding a complex industry and using that knowledge to build products that improve customers’ lives by supporting and enabling the massive financial decisions that accompany mortgages.
    • You enjoy finding weaknesses in systems, be they unexpected use cases, race conditions, design defects or something else, and are constantly on the hunt for them.
    • You’re keen to learn more about some of the technologies we use and concepts we believe in (functional programming, static type systems, event sourcing).
    • You have some experience with security concepts, protocols and technologies, e.g. developing and contributing to a SOC, key management and exchange, encryption, NIST and other frameworks, etc.
    • You have some experience with typed, functional programming (PureScript, Haskell, F#, Scala/Cats/Scalaz, Elm, TypeScript, Flow, ML).
The Benefits

Competitive salary & share options
Career development, coaching & training
Free catered lunches, snacks & team bonding
Free Healthcare & Life Assurance
Contributory pension scheme
Bi-weekly massages with Urban Massage
Unlimited Holiday
Cycle to Work Scheme