Associate Application Security Engineer
Department: Risk & Compliance
Here at Tide we are the UK’s leading provider of smart, digital SME current accounts. We’re on a mission to save business owners time (and money) on their business banking and admin, so they can get back to doing what they love.
As an Associate Application Security Engineer at Tide you’ll join an ambitious team of highly motivated, talented Tideans who love to collaborate and are driven by helping people achieve their business ambitions. We live and breathe our values, which are to put our members first, work as one team and be data-driven, as part of our team, they’ll matter to you too.
As part of this team, you would be working on taking our security processes to the next level. Our application security team is responsible for securing our product. This includes our backend systems, web platform and mobile applications. Our Security Engineers work with cross-functional teams dedicated to areas of the product. They also work with product owners, engineers and DevOps to solve shared problems, find bugs and design and build mitigations for broad bug classes. Working alongside our delivery teams you’ll assess the security of new features and capabilities. This could include the development of security programs, the introduction of tooling or evangelism of security best practises. The Security team leads initiatives across Tide that relate to the improvement of our overall security, because of the nature of Tide’s product, nearly every system interacts with sensitive financial and personal data, making the security team an extremely dynamic environment to join.
Some of the things you’ll be doing will include performing application security design, threat modelling and code reviews. Acting as a security architecture advocate to help software engineers build secure products and services, improving engineering standards, tooling, and processes. As an Associate Security Engineer at Tide, you will also develop security guidance documentation along with defining, implementing, and monitoring security measures to protect Tide. You will be responsible for correctly balancing security risk with product advancement.
About the Tech
We’re security leaders working tirelessly in the automation and orchestration of security process. Working cloud-native within AWS and driving Zero Trust concepts throughout both corporate and production platform environments.
- Software engineering experience
- A knack for finding flaws in software and can effectively communicate how to fix them
- The ability to think like an attacker and use that context to develop threat models
- Enable other engineering teams to find flaws before they are introduced into production
- Technical knowledge in one of the following: cloud security, web application security, mobile security
- Knowledge of secure coding best practices
- Hands-on attitude and the ability to drive solutions to completion
- Experience with OWASP frameworks, static & dynamic analysis, and common exploitation methods
- Knowledge of OWASP SAMM
- Experience working within the Fintech or tech sector
- Worked within a fast scaling business
- Familiarity with fuzzing as a way to find bugs
- Experience with Automation
Tide is the leading provider of UK SME business accounts and one of the fastest growing FinTechs in the UK. That’s not an unfounded boast – we have over 200,000 members (what we like to call our customers, over two percent market share, and have raised over £120m in funding.
SMEs have been underserved and overlooked by traditional banks for years. In an entrepreneurial age where everyone is expected to take a shot, traditional banks have not evolved with the needs of the market. That’s where Tide comes in. With quick on-boarding, low fees and innovative features, we thrive on making data driven decisions to help SMEs save both time and money.
We’re also one of LinkedIn’s top 10 hottest UK companies to work for, winner of Best Use of Technology (Growth Finance Awards); Best Banking Provider (Contracting Awards); Innovative Product of the Year (Growth Finance Awards) and we’re listed in the Top 100 FinTech Disruptors and The Startups 100. And that’s just for 2019.
Here at Tide, not only do we love what we do, but we love the people who do it. That’s why we look after our Tideans with:
- 25 days holiday
- Flexible working
- Vitality Healthcare, including discounted gym and even free cinema tickets!
- Mental wellbeing – we take this seriously. You will have access to unlimited access to CBT and a 24/7 Employee Assistance Programme
- Personal learning and training allowance for your continued development
- Enhanced family friendly leave so you can spend more time with the little ones
- Paid volunteering and charity work days – get paid for giving back with organisations of your choice
- Salary sacrifice options
- Sabbatical leave
- Extra holiday buy-ins
Here’s what we think about diversity and inclusion…
Diversity is what makes our world interesting. We don’t build our product for one type of person, Tide is here for everyone. And that’s how we build our teams. We’re a melting pot of different cultures, races, and religions. We’re proud of the fact that we represent society and it will always be our mission to do so. Everyone here is given a voice, and if you like the sound of that, we’d encourage you to come and find your voice here, too.