Tide is hiring a
Offensive Security Engineer

Summary

Join Tide, a finance & admin platform designed to save small businesses time and money, as an Offensive Security Engineer. You'll review web/mobile applications, source code, operating systems, and network security architectures; find vulnerabilities and define effective strategies for remediation and hardening.

Requirements

• First and foremost you will be passionate about security and secure application design. You will love helping engineers create more secure web and mobile applications
• You will be comfortable explaining security issues and concerns to product owners, engineers, area VPs and executives and love the feeling you get when this results in them releasing a more resilient product
• You have experience working within the Fintech or tech sector
• You have worked within a fast-scaling business
• You have experience in attack simulation and vulnerability research
• You are comfortable with writing tooling in Python, Java, go etc
• You have strong Experience in performing security assessments on the following
• Cloud technologies (AWS, Azure, Kubernetes, containers etc)
• Mobile/Web applications and APIs
• Mac /Windows
• Have exposure to LLM testing

Responsibilities

• Reviewing web/mobile applications, source code, operating systems, and network security architectures; finding vulnerabilities and defining effective strategies for remediation and hardening
• Identifying gaps in controls and vulnerabilities in our Cloud infrastructure with containerised environments and GitOps deployment pipelines
• Ability to think critically and identify areas of technical and non-technical risk
• Research and develop tools, techniques and exploits specific to Tide
• Help with the triaging and perform validations of external security submissions whenever required
• Communicate effectively findings and remediation actions with both technical and non-technical teams
• Coaching engineers across both Security and broader technical teams in the principles and practices of offensive security
• Partner with internal security and engineering teams on collaborative engagements that uncover vulnerability and detection opportunities across systems
• Identify weaknesses in product security controls - including vulnerabilities, misconfigurations, and gaps in processes and procedures
• Work with the Tide engineering teams to plan and scope internal/external pen-testing
• Bring your red team hat to support Incident Response

Benefits

• A competitive salary
• 25 days holiday with the option to take 5 extra days of unpaid leave per year
• 3 days paid volunteering or L&D time off per year
• Personal L&D budget of £1,000 professional L&D budget per year
• Group Life Insurance, Vitality Health and Dental Insurance
• Spacious brand-new office by Old Street station with an all-day snacks bar
• Enhanced family-friendly leave
• Access to a global mental wellbeing platform that provides 1:1 video therapy sessions with accredited therapists and unlimited chat therapy sessions
• Work from home budget
• Team socials - virtual and physical events
• Sabbatical leave