Senior Product Security Engineer

2 Months ago • All levels • Product Management

Job Summary

Job Description

As a Senior Product Security Engineer, you will be passionate about security and software development. You will hunt for vulnerabilities in web and mobile applications, collaborate with engineering teams for remediation. You will explain security issues to stakeholders and apply new industry trends. You will be responsible for securing cloud-native applications, conducting threat modeling, and mentoring junior engineers. You'll integrate security into CI/CD pipelines. The role involves expertise in application security and ensuring secure development practices are followed.
Must have:
  • Knowledge across AppSec.
  • Experience with Burp Suite.
  • Excellent communication skills.
  • A blog, public speaking or Git repository showcasing work.
  • Experience with cloud-native applications.
Perks:
  • 25 days paid annual leave
  • 3 paid days off for volunteering or L&D activities
  • Family-Friendly Leave (according to statutory)
  • Personal L&D budget
  • Work from home budget to set up your space
  • Mental wellbeing platform Plum
  • WFH equipment allowance
  • Share options

Job Details

ABOUT TIDE

At Tide, we are building a business management  platform designed to save small businesses time and money. We provide our members with business accounts and related banking services, but also a comprehensive set of connected administrative solutions from invoicing to accounting.


Launched in 2017, Tide is now used by over 1 million small businesses across the world and is available to UK, Indian and German SMEs. Headquartered in central London, with offices in Sofia, Hyderabad, Delhi, Berlin and Belgrade, Tide employs over 2,000 employees.


Tide is rapidly growing, expanding into new products and markets and always looking for passionate and driven people. Join us in our mission to empower small businesses and help them save time and money.

ABOUT THE TEAM

The Tide Security Engineering team is made up of three core areas: Product Security, Threat Detection & Response, and Identity.

Product Security (this role!) consists of application and cloud security experts. Their mission is to protect the products we build, covering everything from secure design reviews to threat modelling and penetration testing, ensuring security is embedded from the ground up.

Threat Detection & Response (this role!) focuses on protecting the company by building a robust detection and automation platform. We’re proactive in our defence, constantly hacking ourselves to improve our security posture and staying ahead of emerging threats. Our goal is to make Tide resilient against the ever-evolving threat landscape.

Identity is responsible for managing Tide's staff identity platform, ensuring that access to systems and infrastructure is secure, seamless, and aligned with modern security practices. The team uses strategies like zero trust, multi-factor authentication, and granular role-based access controls to safeguard our internal operations.

While each area has its own focus, collaboration is key - it's why we share the same Slack channel and hold our standups together as one cohesive team, ensuring alignment and seamless communication across all security functions.

ABOUT THE ROLE

First and foremost you will be passionate about security and resilient software development processes. You will enjoy hunting for vulnerabilities in our web and mobile applications and working with our engineering teams to remediate them strategically. You will be comfortable explaining security issues and concerns to product owners, engineers, VPs and executives and love the feeling you get when this results in them releasing a more resilient product. You will be a keen follower of all things Infosec and constantly be on the lookout for ways to apply new industry trends, tools and automations to your day-to-day role.

As a Senior Product Security Engineer you’ll:

  • Regularly dive deep into mobile, web app technologies in order to understand feature development and proactively hunt for vulnerabilities
  • Be proficient in securing cloud-native applications, ensuring that security best practices are applied consistently across our cloud environment
  • Be proficient in threat modelling and guide developers in secure design principles to prevent vulnerabilities from being introduced in the first place
  • Help remediate vulnerabilities through strategic initiatives, writing patches, or creating understandable and actionable vulnerability tickets.
  • Be the subject matter expert across a wide range of security areas, particularly in Application Security.
  • Make security invisible when possible, believing that gatekeeping and blocking product teams should be avoided in favour of enabling secure development.
  • Mentor and coach junior engineers, sharing your knowledge to help raise the security bar across the organisation
  • Leverage automation and security tools to seamlessly integrate security into our CI/CD pipelines, ensuring vulnerabilities are caught early without disrupting development.

WHAT WE ARE LOOKING FOR

  • You have a breadth and depth of knowledge across AppSec; you’re expected to understand topics like why private keys should be stored in the Secure Enclave, the differences between URL Schemes and Universal Links, what presigned URLs are in the context of S3 and the safest storage mechanisms for modern browsers.
  • You know Burp Suite (or your favourite attack proxy) inside and out; bonus points if you’ve written or contributed to an extension that enhances its functionality.
  • You have excellent spoken and written communication skills to articulate vulnerabilities clearly and persuasively, advocating for their remediation even when faced with competing production pressures.
  • As a passionate senior security engineer, you have a blog, public speaking engagements, bug bounty profile, or a Git repository showcasing your work.
  • You’re comfortable writing proof-of-concept (POC) scripts to demonstrate your findings and their potential impact, as needed.
  • You have hands-on experience with securing cloud-native applications, ensuring that best practices are consistently applied.

WHAT YOU WILL GET IN RETURN

  • 25 days paid annual leave
  • 3 paid days off for volunteering or L&D activities
  • Family-Friendly Leave (according to statutory)
  • Personal L&D budget in the amount of 500 EUR per year
  • Work from home budget to set up your space
  • Mental wellbeing platform Plum
  • WFH equipment allowance
  • Share options

TIDEAN WAYS OF WORKING

At Tide, we champion a flexible workplace model that supports both in-person and remote work to cater to the specific needs of our different teams. 

While remote work is supported, we believe in the power of face-to-face interactions to foster team spirit and collaboration. Our offices are designed as hubs for innovation and team-building, where we encourage regular in-person gatherings to foster a strong sense of community.

#LI-CC1 #LI-Remote

TIDE IS A PLACE FOR EVERYONE

At Tide, we believe that we can only succeed if we let our differences enrich our culture. Our Tideans come from a variety of backgrounds and experience levels. We consider everyone irrespective of their ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity or differently-abled status. We celebrate diversity in our workforce as a cornerstone of our success. Our commitment to a broad spectrum of ideas and backgrounds is what enables us to build products that resonate with our members’ diverse needs and lives. 

We are One Team and foster a transparent and inclusive environment, where everyone’s voice is heard.

 

At Tide, we thrive on diversity, embracing various backgrounds and experiences. We welcome all individuals regardless of ethnicity, religion, sexual orientation, gender identity, or disability. Our inclusive culture is key to our success, helping us build products that meet our members' diverse needs. We are One Team, committed to transparency and ensuring everyone’s voice is heard.

 

You personal data will be processed by Tide for recruitment purposes and in accordance with Tide's Recruitment Privacy Notice.

Similar Jobs

binance - PR Lead - MENAP

binance

Dubai, Dubai, United Arab Emirates (Hybrid)
5 Months ago
Palo Alto Networks - Principal Consultant, Offensive Security

Palo Alto Networks

Fort Meade, Maryland, United States (On-Site)
1 Month ago
elephant games - Business Development Manager

elephant games

(Remote)
2 Months ago
arrowhead games - Chief Technical Officer

arrowhead games

Stockholm, Stockholm County, Sweden (Hybrid)
6 Months ago
UPF Industries  - VP of International

UPF Industries

Grand Rapids, Michigan, United States (On-Site)
1 Month ago
bytedance - Product Manager - Real Estate Hardware - Singapore

bytedance

Singapore (On-Site)
8 Months ago
Moloco - Senior Product Manager

Moloco

Redwood City, California, United States (On-Site)
1 Month ago
The Walt Disney Company - Executive Producer, Digital

The Walt Disney Company

Durham, North Carolina, United States (On-Site)
3 Months ago
Razer - Product Management Intern

Razer

Singapore (On-Site)
1 Month ago
Red star 3d - Senior Production Manager

Red star 3d

Sheffield, England, United Kingdom (Remote)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Eccentric - Head Of Human Resources

Eccentric

Mumbai, Maharashtra, India (On-Site)
2 Months ago
version 1 - Digital Advisor for Financial Services

version 1

London, England, United Kingdom (On-Site)
2 Months ago
PPfa - Manager, State Advocacy Communications

PPfa

Washington, District Of Columbia, United States (Hybrid)
2 Months ago
CAE - On-Call Ground School Instructor

CAE

Dallas, Texas, United States (On-Site)
1 Month ago
Palo Alto Networks - Consulting Director, Proactive Services - Cloud and AI (Unit 42)

Palo Alto Networks

Drenthe, Netherlands (Remote)
1 Month ago
Polygon Labs - Governance Program Manager

Polygon Labs

United States (Remote)
3 Months ago
Haleon - E-commerce Content & Livestream Intern

Haleon

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
1 Year ago
Single Store - Developer Advocate

Single Store

India (Remote)
1 Month ago
Ion - Lead UI Developer, New York

Ion

New York, New York, United States (Hybrid)
9 Months ago
Rackspace Technology - BFSI Sales Executive VI - Remote

Rackspace Technology

United States (Remote)
1 Month ago

Get notifed when new similar jobs are uploaded

Jobs in Serbia

Sperasoft - 3D Character Artist

Sperasoft

Belgrade, Serbia (On-Site)
1 Month ago
Dentsu - Senior Java Engineer

Dentsu

Belgrade, Serbia (On-Site)
1 Month ago
Wargaming - Head of QA (World of Warships, PC)

Wargaming

Belgrade, Serbia (On-Site)
3 Months ago
playrix  - Feature Owner (LiveOps)

playrix

Serbia (Remote)
8 Months ago
Tide - Staff Engineer, Backend

Tide

Belgrade, Serbia (Hybrid)
2 Months ago
Wargaming - Lead Environment Artist

Wargaming

Belgrade, Serbia (On-Site)
1 Month ago
playrix  - Lead C++ Software Engineer (Gameplay)

playrix

Serbia (Remote)
8 Months ago
Social Discovery Group - User Acquisition Manager

Social Discovery Group

Belgrade, Serbia (Remote)
2 Months ago
playrix  - Senior Release Engineer

playrix

Serbia (Remote)
8 Months ago
Sperasoft - 2D Artist (Environment and Weapon)

Sperasoft

Vojvodina, Serbia (On-Site)
3 Months ago

Get notifed when new similar jobs are uploaded

Product Management Jobs

upstox - Product Analyst Intern

upstox

Mumbai, Maharashtra, India (On-Site)
1 Month ago
PayPal - Product Manager

PayPal

San Jose, California, United States (Hybrid)
1 Month ago
AccelData - Product Support Engineer / Product Specialist - "Hadoop SME"

AccelData

Bengaluru, Karnataka, India (On-Site)
1 Year ago
Aristocrat - Product Manager

Aristocrat

Sofia, Sofia City Province, Bulgaria (On-Site)
3 Months ago
Lytx,  Inc  - Senior Product Manager

Lytx, Inc

India (On-Site)
1 Month ago
Universal Music Group - Manager, Production

Universal Music Group

New York, United States (On-Site)
1 Month ago
Meta - Product Technical Program Manager

Meta

New York, New York, United States (Remote)
8 Months ago
Brillio - Product Manager with Aruba

Brillio

Bernards, New Jersey, United States (Hybrid)
1 Month ago
Marks, part of SGS & Co - Production Artist 2

Marks, part of SGS & Co

Manila, Metro Manila, Philippines (On-Site)
4 Weeks ago
binance - Senior Product Manager, Options Trading (Frontend)

binance

Taipei City, Taiwan (Remote)
1 Year ago

Get notifed when new similar jobs are uploaded

About The Company

Tide is the leading provider of UK small business (SMEs) accounts and one of the fastest-growing fintechs in the UK. Tide is live in the UK and India with over 650,000 members in the UK and more than 350,000 in India.


Tide is transforming the small business banking market. Our platform not only offers business accounts and related banking services, but also a comprehensive set of highly connected admin tools for businesses, such as full integration with accounting systems (live for our UK members, many are live in India, and coming soon to Germany). Using advanced technology, all solutions are designed with SMEs in mind.


With quick onboarding, low fees and innovative features, we thrive on making data-driven decisions to help SMEs save both time and money.

Hyderabad, Telangana, India (On-Site)

Hyderabad, Telangana, India (Remote)

Hyderabad, Telangana, India (Remote)

Delhi, India (Remote)

Delhi, India (On-Site)

Delhi, India (On-Site)

United Kingdom (Hybrid)

Delhi, India (On-Site)

View All Jobs

Get notified when new jobs are added by Tide

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug