Security Engineer

Sling Money

  • Amsterdam, Noord-Holland
  • Vast
  • Voltijds
  • 13 dagen geleden
About SlingWe aim to create a world where sending and receiving money is effortless. Our app allows users to pay people, not numbers - no IBAN, account numbers, or sort code required. All you need is the recipient's name to send money.Sling leverages blockchain technology to transfer in any currency almost instantaneously for a negligible fee. We’re in 150 countries and the app is available in the Android and iOS app stores. Sling is from Avian Labs, Inc., created by product builders and engineers from Monzo, Square, and Cash App.About the RoleWe are seeking a Security Engineer to develop and operationalise Sling’s security strategy. In this role, you’ll work with our engineering and compliance teams to design, build, and maintain key security infrastructure and practices to ensure compliance with global security and operational resilience regulations. Being a regulated entity, customer data is vital to our success and you’ll play a defining role to ensure it’s kept safe – and to ensure that our regulators and stakeholders are confident in our security posture.Key Responsibilities
  • Ensure that the Sling Money platform, services and company are appropriately secured in both practical terms and in compliance with global security and resilience regulations including DORA, SOC2, ISO27001, CCPA, and related standards
  • Help develop a strong risk and security culture and practice across the company
  • Design, build, and maintain security services, hardening the security of our platform
  • Create a robust program of vulnerability testing, penetration testing, and security reviews
  • Manage security-related infrastructure across AWS, GCP, Google Workspace, and other related platforms
  • Lead threat modeling exercises with the product engineering teams
  • Manage and lead our pentesters and engineering audits
  • Lead security- and privacy-related incident response
  • Develop security policies, implement tools, and continuously improve our security posture, collaborating with engineering, operations, risk and compliance
  • Implement ICT, cybersecurity, and data privacy policies in line with DORA, GDPR, and other regulatory requirements
  • Lead and document risk assessments and testing programs, including BIAs, PRAs, penetration testing, and resilience exercises.
  • Monitor the effectiveness of controls through clear KPIs, regular reviews, and post-incident learnings
  • Report on risk and compliance posture to management and regulators, supporting ongoing assurance and improvement
About You
  • 5+ years’ experience in a scaled engineering environment
  • 3+ years’ direct experience securing applications and infrastructure
  • Direct experience working in a regulatory environment in the finance industry, and with standards such as SOC2, DORA, and GDPR
  • Familiarity and proficiency with the programming language Go
  • Experience with AWS and GCP infrastructure management and security
  • Some familiarity with iOS, Android and Web development and security practice
  • Experience in supply chain and third-party risk management, vulnerability management, securing data at risk and in-transit and associated risk management
  • Ability to collaborate with teams and external stakeholders, communicating technical topics clearly
Compensation, Perks & Benefits
  • Competitive salary and equity package
  • Opportunity to be a core part of a fast-growing fintech startup
  • Collaborative and innovative work environment with autonomy
  • Free lunch in the office and flexible working arrangements
  • Professional growth opportunities, team offsites, and events

Sling Money