Future Tech Jobs Future Tech Jobs

Senior Security Engineer - Automation

MoonPay
London, England
11 months ago
Applications closed

Related Jobs

View all jobs

Senior Security Engineer

Bridewell Cardiff, United Kingdom
Hybrid

Senior Security Engineer, Vulnerability Management and Remediation Operations

Amazon London, United Kingdom
Permanent

Senior Security Engineering Consultant - Fully

Ex-Mil Recruitment Ltd Basingstoke, Hampshire, United Kingdom
£90,000 – £100,000 pa Remote Clearance Required

Sr. Security Engineer, Amazon Stores Security AppSec

Amazon London, United Kingdom
On-site

Senior OT Security Engineer

Bridewell Cardiff, United Kingdom
Hybrid

Senior Cyber Security Engineer

Morgan Law London, United Kingdom
£500 pd
Posted
18 Jun 2025 (11 months ago)
Share
Save job
Create job alert

About MoonPay


Hi, we’re MoonPay. We’re here to onboard the world to Web3.


Why?Because we think Web3 is a unique and democratising technology. It gives people back control of their money, digital identity, data, and property like nothing else before it.


What We Do


We’re the leading infrastructure company in Web3. This means we offer our partners everything from payment solutions (we call them 'Ramps') to minting software for digital collectibles, like NFTs. And over30 millionpeople around the world now trust our products — just take a look on Trustpilot.


We’re also big on collaborations. And we've worked on stunts, drops, and partnerships with some of the world's most prestigious and forward-thinking brands.


But that’s not all. We have also built our own consumer app because we wanted to see if we could build a better Web3 account. It’s taken off in a big way, and we're working hard to continually improve it and to strive for perfection.


So whatever your background, we’re sure there’s something for you here.


Come help us build the future of Web3 and digital ownership.


About the Opportunity

Our Product Security Squad is a dynamic blend of proactive defenders and inquisitive problem-solvers. We're dedicated to fortifying our systems through rigorous security reviews, hands-on penetration testing, and proactive threat modelling. We actively manage our Bug Bounty program, ensuring swift response and remediation, and leverage cutting-edge tools like Cloudflare's WAF to build robust defenses. We offer an extensive number of security services to our Engineering teams including cloud security, tailored security advice, threat modelling and penetration testing. Collaboration is key, as we embed security best practices throughout the SDLC. Crucially, we are expanding our capabilities in security automation and vulnerability management, integrating tooling directly into development workflows and driving efficient vulnerability resolution across the organization. We are constantly researching emerging threats, crafting effective mitigation strategies, empowering our engineering teams with comprehensive training, maintaining up-to-date security standards, and leading incident response with precision. We are passionate about fostering a secure environment and contributing to the wider security community.


What you will do


  • Design, implement, and manage the integration of security tooling (SAST, DAST, SCA, Secrets Scanning) into our CI/CD pipelines
  • Develop and maintain automation scripts and platforms to streamline security processes and workflows
  • Own and operate the end-to-end vulnerability management lifecycle: identification, triage, prioritization, distribution, tracking, and reporting
  • Collaborate closely with engineering teams to ensure timely remediation of identified vulnerabilities and provide guidance on secure coding practices
  • Drive the adoption and implementation of the SLSA framework to enhance supply chain security
  • Continuously evaluate and improve existing security automation and vulnerability management workflows, bringing innovation and ownership to the process
  • Research emerging threats and vulnerabilities, particularly those relevant to our tech stack and development practices, translating findings into actionable detection or prevention mechanisms
  • Develop and maintain documentation for security automation tools, processes, and vulnerability management procedures
  • Assist in triaging and validating findings from various sources, including automated scanners, penetration tests, and bug bounty programs
  • Contribute to security training materials focused on secure development practices and the tools you implement
  • Support incident response activities, particularly where automation or vulnerability data can aid investigation and remediation


What you'll be working on

As a key member of our Product Security squad specifically in the Automation and Vulnerability Management Team, you will focus on embedding security seamlessly into our Software Development Lifecycle (SDLC). You'll be hands-on in building, integrating, and optimizing security automation pipelines, incorporating tools for static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), and secrets detection directly into our CI/CD processes. You will champion and manage our vulnerability management program, ensuring vulnerabilities are identified, prioritized, tracked, and remediated efficiently. You'll drive improvements in our supply chain security through initiatives like the SLSA framework. Collaborating closely with engineering teams, you'll automate security workflows, enhance our security posture through innovation, and play a vital role in protecting MoonPay's infrastructure and applications.


About You


  • You have a solid background in software development with demonstrable experience, ideally using languages common in backend or infrastructure development (e.g., Go, Python, Node.js)
  • You possess a strong passion for cybersecurity and have transitioned or are keen to focus your career on security automation and vulnerability management
  • You have understanding on security tools like SAST, DAST, SCA, and secrets scanning solutions within a CI/CD environment (here at MoonPay we use Github)
  • You understand the principles of vulnerability management, including prioritization frameworks (e.g., CVSS) and remediation tracking
  • You are familiar with the concepts and goals of the SLSA framework or similar supply chain security initiatives
  • You excel at collaborating with technical teams, explaining security concepts and tooling requirements clearly, and driving adoption of new processes
  • You possess strong analytical and problem-solving skills, with an ability to identify inefficiencies and propose automated solutions
  • You are self-motivated, innovative, take ownership of your work, and can operate effectively in a remote, fast-paced environment
  • You will collaborate closely with Application Security and Cloud Security teams to translate their operational needs into actionable automation requirements, taking ownership of implementing related security initiatives
  • Experience working in disruptive technology, FinTech, SaaS, or Crypto sectors is a plus
  • Familiarity with cloud security principles (AWS, GCP) is beneficial


Most importantly, though, you will embody the core principles that everyone here at the MoonPay lives by. Our“BLOCK Values”are at the heart of everything we do - and they are…



  • B- Be Hungry
  • L- Level Up
  • O- Own It
  • C- Crypto Curious
  • K- Kaizen


MoonPay Perks



  • Equity package
  • Unlimited holidays
  • Paid parental leave
  • Annual training budget
  • Home office setup allowance
  • Monthly budget to spend on our products
  • Working in a disruptive and fast-growing industry where the possibilities are endless
  • Freedom, autonomy and responsibility


Research has shown that women are less likely than men to apply for this role if they do not have experience in 100% of these areas. Please know that this list is indicative, and that we would still love to hear from you even if you feel that you are only a 75% match. Skills can be learnt, diversity cannot.


Please let us know if you require any accommodations for the interview process, and we’ll do our best to provide assistance.


Commitment To Diversity


At MoonPay we believe that every voice matters. We strive to create a mindful and respectful environment where everyone can bring their authentic self to work, and experience a culture that is free of harassment, racism, and discrimination. That’s why we are committed to diversity and inclusion in the workplace and are a proud equal opportunity employer. We prohibit discrimination and harassment of any kind based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or any other characteristic protected by law. This policy applies to all employment practices within our organization, including, but not limited to, hiring, recruiting, promotion, termination, layoff, and leave of absence.


MoonPay is also committed to providing reasonable accommodations in our job application procedures for qualified individuals with disabilities. Please inform our Talent Team if you need any assistance completing any forms or to otherwise participate in the application process.


Please be aware that MoonPay does not request an AI-led interview without seeing a recruiter or team member from MoonPay on video call. We won't ask for your personal identification documents or any money from you during your interview process with us. Be fraud smart! If you receive an email - claiming to be from MoonPay - but from an email address ending in anything other than @moonpay.com, please be aware that this is not us.


#J-18808-Ljbffr

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Products

Where to Advertise Cyber Security Jobs in the UK (2026 Guide)

Where to advertise cyber security jobs UK in 2026: the specialist boards, communities and channels that reach offensive, defensive and GRC security talent. The candidate pool is small, heavily vetted and in high demand across government, financial services, critical national infrastructure and the private sector simultaneously. Many of the strongest candidates hold active security clearances, are not actively job-searching through general platforms, and move primarily through specialist networks and trusted referrals. General job boards reach a broad audience but lack the specificity that security professionals expect. Specialist platforms, government-affiliated channels and cleared candidate networks each serve a different part of the market. This guide, published by CybersecurityJobs.tech, covers where to advertise cyber security roles in the UK in 2026, how the main platforms compare, what employers should expect to pay, and what the data says about hiring across different role types.

Jobs

Cyber Security Jobs UK 2026: What to Expect Over the Next 3 Years

Cyber Security Jobs UK 2026: roles, salaries and the threat intelligence, cloud security and zero-trust hiring trends shaping UK cyber careers. Cyber security is one of the few sectors where demand for talent has never once dipped. Every major technological shift of the past decade — cloud migration, remote working, AI adoption, the proliferation of connected devices — has expanded the attack surface that security professionals are expected to defend. And every expansion of that attack surface has generated more jobs. But the cyber security jobs market of 2026 is not simply a larger version of what it was three years ago. It is a structurally different market. The threats have evolved, the technologies used to combat them have changed, the regulatory environment has tightened considerably, and the roles being created reflect all of that. A job seeker who understands only the cyber security landscape of 2023 is already working with an outdated map. The candidates who will thrive over the next three years are those who understand where the sector is heading — which specialisms are attracting the most investment, which technologies are reshaping defensive and offensive security practice, and how the definition of a cyber security professional is broadening well beyond the traditional image of a network defender in a SOC. This article breaks down what the UK cyber security jobs market is likely to look like through to 2028 — covering the titles emerging right now, the technologies driving employer demand, the skills that will matter most, and how to position your career ahead of the curve.

Jobs

Penetration Tester Jobs in the UK: What Employers Actually Want in 2026

Penetration Tester Jobs UK 2026: the skills, certifications (OSCP, CREST, CEH) and experience UK employers actually want from ethical hackers this year. The demand for skilled professionals in cyber security has never been higher, and penetration testers sit at the very heart of this rapidly evolving industry. As organisations across the UK continue to digitise their operations, protect sensitive data, and defend against increasingly sophisticated threats, the need for ethical hackers has grown dramatically. If you are considering a career in this field—or looking to advance within it—it is essential to understand what employers are really looking for in 2026. This guide breaks down the current expectations, required skills, certifications, and practical experience that can help you stand out in a competitive job market.

🍪 Basic, anonymous analytics (aggregate counts only, never shared) are always on. Accept to also enable third-party tools — Google Analytics, Microsoft Clarity, Mixpanel, Leadfeeder — which help us match you with relevant Cyber Security roles. We never sell your data or use it for cross-site advertising. See our Cookie Policy.