Security Engineer

Company Description

Wise is a global technology company, building the best way to move and manage the world’s money.
Min fees. Max ease. Full speed.

Whether people and businesses are sending money to another country, spending abroad, or making and receiving international payments, Wise is on a mission to make their lives easier and save them money.

As part of our team, you will be helping us create an entirely new network for the worlds money.
For everyone, everywhere.

We are looking for a cloud or GRC engineer with experience or a strong interest in cyber security. If you are a cyber security engineer with a strong interest in cloud engineering, we also want to hear from you!

Our team: Security Platform

The team was founded initially to be responsible for the protect function of the NIST cyber security framework.
We continuously reevaluate how we can deliver the most impact to the business, meaning the team’s responsibilities develop over time.

In the Security Platform team, you will be working to advance our service offerings, which focus on:

1. Providing a runtime platform for security services
2. Vulnerability management for all platform teams
3. Ensuring compliance of our digital assets and proving this to auditors
4. Other exciting security domains

How we work

We operate on a strong belief in automation, programmatic implementation, and reusable design. We’re looking for people who can step back and think holistically about the ecosystem while also following through to implement designs effectively.

As Wise grows, security infrastructure becomes more critical. Our teams must focus on scaling our infrastructure to ensure Wise provides a secure platform for our continuously growing customer base. We need to sustain this growth by iterating on our services with a focus on availability, security, and ease of use.

We’re looking for an engineer with relevant experience who can analyze complex requirements and deliver simple solutions to help our teams achieve our mission with speed and confidence.

What will you be working on?

We own multiple security domains with different stakeholders and varying levels of technological depth. Priorities shift based on business needs, but engineers in our team typically focus on one or two of the following:

1. Vulnerability Management and Cloud Security Posture Management
   Maintain and enhance our Vulnerability Management Program, ensuring effective use across platform engineering teams.
   Develop and maintain a Cloud Security Posture Management (CSPM) Program.
   Develop and support a company wide adoption of a DLP program.
2. System and endpoint hardening
   Provide and maintain hardened base images.
   Establish guidelines and processes for system and endpoint hardening.
   Develop automations and processes to enhance accuracy and efficiency in providing security and configuration evidence to auditors.
3. Infrastructure security
   Maintain and improve our security cluster, a dedicated Kubernetes cluster in AWS that hosts security tools and applications, ensuring compliance.
   Conduct infrastructure threat modeling to identify and mitigate security risks.
   Maintain firewalls and connection filters to ensure secure network configurations.

What do you need?

We understand that candidates may not be experts in every domain listed above. If you have experience in some of these areas and are eager to learn more, we want to hear from you!

Core skills & qualities:

1. Ability to collaborate with teams and external stakeholders, communicating technical topics clearly.
2. Capability to break down initiatives into digestible sub-tasks and milestones.
3. Ability to take ownership of projects and propose well-reasoned solutions.
4. Basic understanding of cloud concepts and cloud resource use cases.
5. Experience in cyber security domains or a strong interest in learning, such as:

• Vulnerability management
• Securing data at rest/in transit
• Risk management and compliance
• Programming experience (e.g., Java, Golang, Python). Ability to showcase previous projects is a plus.
• Familiarity with Unix systems.
• Understanding of networking protocols (e.g., IP, TCP, HTTP).

Nice to have:

1. Experience with Kubernetes and containerization (e.g., Docker).
2. Cloud experience (AWS or similar platforms).
3. Cyber security project experience.
4. Sysadmin background.
5. Experience with vulnerability scanning and management.
6. Infrastructure as code (e.g., Terraform).
7. Experience with version control systems (e.g., GitHub).

Freedom to define your own path to success
Real impact in shaping security infrastructure
Opportunity to inspire teams
Fun work environment with social activities and events
Opportunity to visit our major offices multiple times a year
1 fully paid volunteering day per year
Opportunity to work remotely (within and outside of the UK, restrictions apply)
Active coaching from senior team members

Qualifications

Additional Information

For everyone, everywhere. Were people building money without borders — without judgement or prejudice, too. We believe teams are strongest when they are diverse, equitable and inclusive.

Were proud to have a truly international team, and we celebrate our differences.
Inclusive teams help us live our values and make sure every Wiser feels respected, empowered to contribute towards our mission and able to progress in their careers.

If you want to find out more about what its like to work at Wise visitWise.Jobs.

Find out more about our team, how we work and other open roles.

Find out more about what we offer our employees.

From me days to mission days, sabbaticals to stock, and everything in between. For everyone, everywhere. We’re people building money without borders. Find out what youll get if you join us.

J-18808-Ljbffr