Security Engineer (Application Security)
Technology – InfoSec
We’re empowering people to FeelGood about their money.
We’re been on this journey since 2004, when we built the first ever peer-to-peer lending company to give people access to simpler, better-value loans and investments. When it comes to money, we think everyone deserves a fair deal, so since we launched, we’ve helped hundreds of thousands of customers to take the stress out of money by building our business on honesty, transparency and trust.
Our journey’s always evolving and we’re now launching a bank. But a different type of bank – one that empowers its customers to take control of their finances and FeelGood about their money.
If you embrace being challenged beyond the norm, aren’t afraid to think differently and are motivated by working somewhere you can really make an impact, you’ll love life here at Zopa.
Job Title: Security Engineer
Location: London Bridge
Start Date: Friday 28th June 2019
Closing Date: Friday 26th July 2019
Zopa is looking for an Application Security Engineer, focusing on application security and internal security tools, to be part of a growing Information Security team. We are in the process of building a comprehensive set of cutting-edge security practices for Zopa, involving both building our own tools and using the best external tools where necessary. You will have the ability to help define what this set of practices should look like. This role will also provide exposure to a wide range of areas such as infrastructure, development and compliance.
On a day to day basis, the Application Security Engineer would be expected to:
- Collaborate with development teams, providing consultation and guidance on good security practices
- Design, develop and implement new tools, processes and support systems
- Work to find new and emerging threats, and automate identification and prioritisation
- Promote the importance of Information Security throughout the organisation
- A thorough knowledge of standard application security practices and technologies
- Experience in application security testing, using more than one of the following: Burp, ZAP, SQLMap
- Knowledge of at least one programming language and the willingness to dabble in others (Java, Go, Python, .NET)
- Threat modelling techniques and methodologies.
- Experience with version control and unit testing
- Some experience with Linux containers and orchestration (like Docker, Kubernetes and Terraform)
- An active interest in the latest developments in security, architecture, and server automation technologies
- Hold strong knowledge of Knowledge of OWASP Top 10
- Desire to learn and improve
- Hold some mobile application development experience
- Hold experience working in or with Banking / Financial Services industry
- Hold minimum diploma level education in Computer Science, Engineering, or IT related subject
If possible, we’d also love you to have experience with:
- Security Information and Event Management (SIEM) tools like Splunk
- Vulnerability scanning technologies (Infrastructure and Application)
- Networking protocols and technologies
- Cloud infrastructure (AWS)
- IT security certifications
To thrive here, you’ll need to:
Champion our customers. Whatever your role, you’ll be close to our customers. We care passionately about doing the best for them.
Help us make fearless choices. Our environment is fast-paced, agile and open. You’ll solve interesting and challenging problems, and be trusted and empowered to bring your ideas to life.
Walk the talk. Like us, you’ll be honest, stick to your promises and face the tough moments head-on.
Win smarter. You’ll be always on the lookout for a better way of doing things, going beyond ‘good enough’ and welcoming different points of view.
Be in it together. You’ll join an ambitious, diverse and all-round approachable team with a mix of ideas and talents who inspire each other to be better every day.
Zopa is proud to offer a workplace free from discrimination. Diversity of experience, perspectives, and backgrounds leads to great products and unique company culture. We simply can’t expect to empower our customers to better manage their money without challenging the current status quo. Creating the best place for money is no easy task, which is why we need talent from all walks of life.