Offensive Security Engineer

About Tide

At Tide, we are building a finance & admin platform designed to save small businesses time and money. We provide our members with business accounts and related banking services, but also a comprehensive set of connected administrative solutions from invoicing to accounting.

Launched in 2017, Tide is now the leading business financial platform in the UK with 575,000 SME members (10% market share) and more than 250,000 SMEs in India. Headquartered in London, Tide has over 1,600 Tideans across the UK, Bulgaria, India, Serbia, Romania, Ukraine and Germany. 

Tide is rapidly growing, expanding into new markets and always looking for passionate and driven people. Join us in our mission to empower small businesses and help them save time and money.  

About the team

As a Senior Offensive Security Engineer at Tide, you’ll join the Threat Detection and Response team who are highly motivated, talented Tideans who love to collaborate, and are driven by helping people achieve their business ambitions. We live and breathe our values, which are to put our members first, work as one team and be data-driven. As part of our team, they’ll matter to you too. You'll also help take our security processes to the next level. Our scaling security team is responsible for securing Tide, our Tideans and our Members

About the role 

As a Senior Offensive Security Engineer you will be,

• Reviewing web/mobile applications, source code, operating systems, and network security architectures; finding vulnerabilities and defining effective strategies for remediation and hardening.
• Identifying gaps in controls and vulnerabilities in our Cloud infrastructure with containerised environments and GitOps deployment pipelines.
• Ability to think critically and identify areas of technical and non-technical risk.
• Research and develop tools, techniques and exploits specific to Tide.
• Help with the triaging and perform validations of external security submissions whenever required.
• Communicate effectively findings and remediation actions with both technical and non-technical teams.
• Coaching engineers across both Security and broader technical teams in the principles and practices of offensive security.
• Partner with internal security and engineering teams on collaborative engagements that uncover vulnerability and detection opportunities across systems.
• Identify weaknesses in product security controls - including vulnerabilities, misconfigurations, and gaps in processes and procedures
• Work with the Tide engineering teams to plan and scope internal/external pen-testing.
• Bring your red team hat to support Incident Response

What we are looking for

• First and foremost you will be passionate about security and secure application design. You will love helping engineers create more secure web and mobile applications.
• You will be comfortable explaining security issues and concerns to product owners, engineers, area VPs and executives and love the feeling you get when this results in them releasing a more resilient product.
• You have experience working within the Fintech or tech sector
• You have worked within a fast-scaling business
• You have experience in attack simulation and vulnerability research
• You are comfortable with writing tooling in Python, Java, go etc.
• You have strong Experience in performing security assessments on the following:
• Cloud technologies (AWS, Azure, Kubernetes, containers etc)
• Mobile/Web applications and APIs
• Mac /Windows
• Have exposure to LLM testing.

Our Tech Stack

AWS, Azure, GitOps, Kubernetes, microservices, Distroless, Angular, Flutter

What you’ll get in return

• A competitive salary
• 25 days holiday with the option to take 5 extra days of unpaid leave per year
• 3 days paid volunteering or L&D time off per year
• Personal L&D budget of £1,000 professional L&D budget per year 
• Group Life Insurance, Vitality Health and Dental Insurance
• Spacious brand-new office by Old Street station with an all-day snacks bar
• Enhanced family-friendly leave
• Access to a global mental wellbeing platform that provides 1:1 video therapy sessions with accredited therapists and unlimited chat therapy sessions
• Work from home budget
• Team socials - virtual and physical events
• Sabbatical leave

Tidean Ways of Working

At Tide, we champion a flexible workplace model that supports both in-person and remote work to cater to the specific needs of our different teams. While remote work is supported, we believe in the power of face-to-face interactions to foster team spirit and collaboration. Our offices are designed as hubs for innovation and team-building, where we encourage regular in-person gatherings to foster a strong sense of community. 

Tide is a place for everyone

At Tide, we believe that we can only succeed if we let our differences enrich our culture. Our Tideans come from a variety of backgrounds and experience levels. We consider everyone irrespective of their ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity or differently-abled status. We celebrate diversity in our workforce as a cornerstone of our success. Our commitment to a broad spectrum of ideas and backgrounds is what enables us to build products that resonate with our members’ diverse needs and lives. 

We are One Team and foster a transparent and inclusive environment, where everyone’s voice is heard.

#LI-EP1 #LI-Hybrid #LI-Remote