About the role
As our Cyber Security Engineer, you will be the bridge between Security and Engineering. You aren't here to block deployments; you’re here to ensure our code is resilient by design. You will empower our developers to ship fast without breaking the trust of our customers or regulators.
Tech Stack
Backend
Kotlin 1.7.20
AWS
GraphQL (it would be nice if you were familiar with this but it’s not a deal breaker)
Postgres
RabbitMQ
Docker
Kubernetes
Frontend
React & React Native, TypeScript, MobX, Redux, Stylus and SASS
Other
We build our Kotlin projects using Gradle and GitHub Actions, deploying to production as soon as we finish a feature
We use JUnit Jupiter, Kotest and TestContainers for automated testing
What you'll be doing
Secure the Pipeline: Integrate and automate SAST, DAST, and SCA tooling directly into our CI/CD pipelines to catch vulnerabilities before they reach production.
Harden the Product: Act as a Subject Matter Expert (SME) assisting engineers with the remediation of security vulnerabilities and bugs.
Safeguard AI: Design and implement security guardrails for AI-assisted development and LLM integrations, ensuring data privacy and preventing prompt injection or model leakage.
Threat Modelling: Partner with Product and Engineering teams to conduct threat modelling sessions for new features before they are built.
Security Architecture: Act as a consultant for infrastructure and application design, ensuring our AWS/GCP Kubernetes environments remain hardened.
Security Culture: Cultivate a Secure Development guild to level up our developers' secure coding skills.
What we’re looking for
Pragmatism: You understand the difference between partnering with Engineering and security being a blocker of progress.
Communication: You can translate a complex vulnerability into a business risk for a Product Manager and a technical fix for an Engineer.
AppSec Subject Matter Expertise: You have a strong understanding of critical security risks in applications, are able to identify them in code, and provide recommendations of how to remediate.
Cloud Native: Strong experience securing AWS/GCP environments and containerised workloads.
AI ready: You understand the unique risks of AI and have experience securing AI-driven workflows.
About Lendable
Lendable is on a mission to build the world's best technology to help people get credit and save money.
Founded in 2014
Profitable since 2017
Unicorn in 2021
£3.5bn valuation in 2022
Backed by Balderton, Goldman Sachs and Ontario Teachers' Pension Plan
Loved by customers & employees with top reviews on Glassdoor and Trustpilot
So far, we’ve rebuilt the big three consumer finance products from scratch: loans, credit cards and car finance. We get money into our customers’ hands in minutes instead of days. We’re growing fast, and there’s a lot more to do. We’re going after the two biggest Western markets (UK and US) where trillions are held by big banks with dated systems and painful processes.
Life at Lendable
The opportunity to scale up one of the world’s most successful fintech companies
Best-in-class compensation, including equity
You can work from home every Monday and Friday if you wish - on the other days we all come together IRL to be together, build and exchange ideas
Our in-house chefs prepare fresh, healthy lunches in the office every Tuesday-Thursday
We care for our Lendies’ well-being both physically and mentally, so we offer coverage when it comes to private health insurance
We're an equal opportunity employer and are keen to make Lendable the most inclusive and open workspace in London
Check out our Glassdoor Reviews