Security Engineer - Security Platform

Wise is a global technology company, building the best way to move and manage the world’s money.
Min fees. Max ease. Full speed.

Whether people and businesses are sending money to another country, spending abroad, or making and receiving international payments, Wise is on a mission to make their lives easier and save them money.

As part of our team, you will be helping us create an entirely new network for the world's money.
For everyone, everywhere.

More about our mission and what we offer.

About the role 

We are looking for a Cloud or GRC Engineer with experience or a strong interest in Cyber Security. If you are a Cyber Security Engineer with a strong interest in Cloud Engineering we also want to hear from you!

Our team: Security Platform

The team was founded initially to be responsible for the Protect function of the NIST Cyber Security framework. We continuously reevaluate how we can deliver the most impact to the business which means the teams’ responsibilities are developing over time.

In the Security Platform team, you will be working to advance our service offerings which focuses on providing a runtime platform for security services, vulnerability management for all platform teams, ensuring compliance of our digital assets and proving this to auditors, and other exciting domains.

How we work

We operate on a strong belief in automation, programmatic implementation, and reusable design. We’re looking for people who can step back and think holistically about the ecosystem, but also follow through and help implement the design; drawing on the resources across the rest of the platform tribe.

As the company grows, the requirement for a reliable security infrastructure becomes more and more critical. As teams are getting larger they need to focus on scaling our infrastructure to ensure Wise can provide a secure platform for our continuously growing customer base. We need to sustain this growth by continuously iterating on the services we run, with a focus on availability, security, and ease of use. We’re looking for an engineer with relevant experience who can analyse complex requirements and deliver simple solutions to help our teams achieve our mission with speed and confidence. 

What will you be working on?

We own multiple different domains with different stakeholders and varying degrees of technological depth. Which domain is currently of high priority varies based on the current needs of the business but engineers in our team usually have 1 or 2 core domains out of the following.

• Vulnerability Management and Cloud Security Posture Management: Maintain and extend our current vulnerability management program which is used by every platform engineering team. Develop and maintain a Cloud Security Posture Management program

• Maintain and improve our Security Cluster: We provide other security teams with a dedicated kubernetes cluster running in AWS to host their tools and applications in which needs to be maintained and kept compliant

• System and Endpoint hardening: Providing and maintaining hardened base images. Supporting other teams with guidelines and processes around hardening

• Compliance evidencing: Create automations and processes that improve accuracy and efficiency when providing evidence to auditors about the security and configuration of our systems

• Infrastructure Threat Modelling

• Further extending our Data Loss Prevention program

• Maintaining firewalls and connection filters

What do you need?

We are fully aware that it is uncommon for a candidate to be an expert in every domain listed above and we fully support everyone in learning new skills with us. If you have experience in some of these domains and are eager to learn more we do want to hear from you!

• We collaborate closely with other teams and sometimes also external stakeholders. Being able to communicate with team members as well as others on various technical levels in a clear and efficient way is important to us

• Many of our initiatives require to be broken down into more digestible sub-tasks and intermediate goals. Being able to take a step back and outline milestones for a larger project either alone or in collaboration with the team is essential for our way of working.

• We value every initiative taken by all team members. We welcome the ability to take on small to large sized projects and propose solutions that can be discussed with the team

• Basic understanding of cloud concepts and use cases for different cloud resources

• Experience in cyber security domains or a strong interest in learning relevant skills. Particular interesting domains are for example vulnerability management, methods of securing data at rest or in transit, risk management, and compliance.

• Programming experience e.g. in Java, Golang, Python, etc. Being able to share previous projects that involved the usage of any of these languages is a plus.

• Familiarity with Unix systems

• Have a good understanding of networking protocols such as, but not limited to IP, TCP, and HTTP.

Nice to have:

• Kubernetes and containerization (e.g. Docker) experience

• Experience with the cloud, such as AWS or comparable

• Have worked in Cyber Security related projects

• Sysadmin background

• Experience with vulnerability scanning and management

• Infrastructure as code, e.g. Terraform

• Experience with version controls, e.g. GitHub

#LI-AT1 #LI-Hybrid

For everyone, everywhere. We're people building money without borders  — without judgement or prejudice, too. We believe teams are strongest when they are diverse, equitable and inclusive.

We're proud to have a truly international team, and we celebrate our differences.
Inclusive teams help us live our values and make sure every Wiser feels respected, empowered to contribute towards our mission and able to progress in their careers.

If you want to find out more about what it's like to work at Wise visit Wise.Jobs.

Keep up to date with life at Wise by following us on LinkedIn and Instagram.