Security Software Engineer (SecOps)

OakNorth Analytical Intelligence ,
London, Greater London

Overview

Job Description

With offices in London, New York, Manchester, Istanbul, Gurgaon, Bengaluru, Shanghai, Singapore and Hong Kong, OakNorth is the next-generation credit platform that's redefining lending to small and medium-sized businesses globally. OakNorth was set up in 2015 by Rishi Khosla and Joel Perlman, who previously co-founded Copal Amba and grew it to 3,000 employees over 12 years, before selling it to Moody's (NYSE: MCO) in 2014, returning 125 times capital to seed investors. Since its inception, OakNorth has secured over $1bn from several investors, including: Clermont Group, Coltrane, EDBI of Singapore, GIC, Indiabulls, NIBC, Toscafund, and SoftBank's Vision Fund. In the UK, the platform has helped us build a profitable loan book (via OakNorth Bank) of over 4bn and secure over 600m of repayments. In terms of the impact this has had on the economy, OakNorth Bank's loans have directly helped with the creation of 10,000 new homes and 13,000 new jobs in the UK, as well as adding several billion pounds to the economy. Globally, the platform has been deployed at various banks across North America, Europe, and Asia. Today, the global team is made up of almost 730 people. OakNorth AI has a small core product team in London which has built out the first version of its product. We are now ready to increase the size of our team, whilst keeping our focus on delivery and efficiency. As we add customers, security becomes more and more important, and we are therefore setting up a dedicated SecOps team. We're looking for strong SecOps engineers to be founding members of a blue team within OakNorth AI. Our current stack consists of Python, PostgreSQL,ElasticSearch, Kafka, GraphQL and React. We deploy into K8s on AWS using Docker and Terraform. You will: * Help implement and select OakNorth's security tooling * Use the tooling to monitor and identify security threats * Monitor for suspicious traffic patterns * Rapidly shutting down any form of compromise * Undertaking analysis and forensic testing on the entire OakNorth AI software base including our dependencies and partners * Handle 1st line of defence activities (e.g. vulnerability assessments of cloud based assets) and deliver subsequent remediation activities during or outside of business hours * Influence peers from other teams on secure coding, best practices and proactive security * Develop, maintain and document relevant security documentation including security runbooks and response SoPs You have: * Fintech experience ideal but not required * Experience of securing AWS environments ideally under Kubernetes * Deep security tooling experience in one or more areas * Good scripting knowledge and experience in Python * AWS Certified Cloud Practitioner or similar * Good understanding of cyber threat intelligence and management programmes. * Knowledge of security standards and frameworks; ISO 27001/2, NIST, PCI DSS, etc. * Ideally security related qualifications such as CISSP, CISM, CISMP, CISA, ISSMP, ISO27001 lead implementer or auditor, MBCI, IAPP * AWS Security Specialist Certified Thank you very much for your interest in OakNorth. We are happy to consider you for roles within our group of companies. If we can identify a match between your skill set and our immediate recruiting needs, please expect to hear from us very soon. If we are unable to identify a fit in the near term, please note that we intend to retain the data you send to us so we may contact you in the future. For more information regarding our Privacy Policy and practices, please visit: