Overview

Join to apply for the Threat Operations Security Engineer role at Thought Machine.

Thought Machine’s mission is bold – to properly and permanently rid the world’s banks of legacy technology. To achieve this, we have developed the foundations of modern banking and built core and payments technology which runs natively in the cloud. We have grown rapidly in the past few years, with offices in London, New York, Singapore and Sydney, more than 500 team members, and strong funding and growth recognition.

A Threat Operations Security Engineer is an individual contributor within the Threat Operations team. We seek engineers who can think creatively about security threats, how to detect them, and how to respond. We encourage exploration and the sharing of unique ideas or perspectives.

The Threat Operations security team focuses on identifying threats, security events, event analysis, incident response, and monitoring the security state of Thought Machine environments.

Duties

• Contribute to a programme of continuous threat assessment, intrusion detection and vulnerability review
• Develop, integrate, and operate security event detection and incident management services using Elasticsearch
• Automate repeatable incident response workflows to minimise manual work during incidents
• Maintain documentation to ensure repeatability and standardisation of incident response procedures
• Respond to security incidents as they occur as part of an incident response rotation, managing incident response throughout the lifecycle
• Perform investigation and analysis of security incidents in collaboration with engineers across the company
• Perform threat intelligence research to provide proactive insight into new threat vectors
• Develop, integrate, and operate data and metric reporting on relevant security measures
• Participate in the team on-call rotation (compensated)

Requirements

• Experience with logging and incident detection platforms, creating detections, triaging alerts and conducting security investigations
• Understanding of security incident management and vulnerability management processes
• Coding experience in Python or Go
• Comfortable using the command line in Linux and macOS environments
• Familiar with investigation and evidence handling techniques
• Creative thinking and analytical skills focused on incident and threat investigations, with ability to communicate data and findings to stakeholders
• Strong interpersonal and communication skills to support collaboration during investigations
• Familiarity with Cloud and container technologies (AWS, GCP, Kubernetes, Docker)
• Contributions to the security community (open source tools, public research, blogging, presentations, etc.)

Benefits

• Competitive salary
• Pension plan (match up to 7%)
• Life insurance - three times annual salary
• Parental leave policies (maternity, paternity, and shared parental leave)
• 25 days holiday and bank holidays
• Private health insurance with Bupa for you and your family
• Health cash plan (including dental and optical)
• Electric car scheme
• Season ticket loan
• Learning resources and courses
• Wellbeing and team activities, snacks and refreshments
• Learning-focused environment and opportunities for progression
• Two charity days per year