Application Security Specialist

  • TransferWise
  • London, United Kingdom
  • Jul 28, 2017
Full time Security

Job Description

TransferWise is an international money transfer startup with over 1 million customers worldwide. Co-founded by Skype’s first employee, the innovative platform is backed by Andreessen Horowitz, Sir Richard Branson, and PayPal founder Max Levchin. It is led by an experienced team, including Paypal’s former Director of Product and Google Europe’s former Head of Finance. We're disrupting the world of international money transfers with transparency and low fees.

 

What you will be working on:


Working with the Information Security Officer, Privacy Specialist and the rest of the Security Guild you will often be expected to take the lead in security matters as they arise.
You will be the go-to person for all things application security. Our engineers will expect you to draw on your previous knowledge, self-learning and formal training to advise them on new projects, and improvements to the existing code base and infrastructure.
You know what it means to build software that needs to be secure and scaled. You constantly think about security, risks, data integrity, and bulletproof processes.
Embedding security in the development and operational lifecycle, and showing continued security value by presenting risk from the customer and business perspective.
You will be proactive and will be responsible for implementing, maintaining and administering the tools required to ensure the security of our internal and public facing applications.
Although the primary focus of the role is on application security, and the ability to work closely with our engineers, it also requires a good general knowledge of security across all disciplines.
Acting as security evangelist and ‘mentor’ to the product development teams

More details on the TransferWise tech stack - http://tech.transferwise.com/the-transferwise-stack-heartbeat-of-our-little-revolution/

 

Your Background:

You will be from a development background
Security Paranoid
Solid and demonstrable comprehension of cyber and information security including secure coding, security in the SDLC, hacking techniques and the evolving threat landscape
Experience or working knowledge of a variety of security tools
Experience managing and directing the work of third party security testing and service providers

Security Domain Knowledge:

Working knowledge of secure development practices such as OWASP and BSIMM
Knowledge of current information security standards and regulations such as PCI-DSS, NIST, ISO27000 series, and the DPA
Security relevant certification(s) (CISSP, CEH, SSCP, CISM, MCSE, CCNA) etc. would be advantageous

Bonus Points:

Experience working within a finance business

 

Some important stuff we would like you to know
To meet our regulatory obligations as a licensed financial services company, TransferWise needs to take background checks on all new hires, which may include Criminal and Credit checks. Please discuss with the Recruiter if you have any concerns regarding this process.

We want to make sure that our recruitment process is accessible to everyone. So if you need any reasonable adjustments – at any point in the process – we’ll do our best to help. Just let us know what you need on your application form, or drop us an email at adjustments@transferwise.com. You might need a reasonable adjustment if you’ve got a disability. Or maybe you live overseas, and you’d prefer to meet us over Skype.

Please don’t send anything to the adjustments address if you’re a recruiter, or if you’re making a speculative application. We do work with recruiters from time to time – but only through LinkedIn. And we only accept job applications when a position is actually open. So you’re better off just checking the recruitment pages regularly.