Nov 15, 2022
In order to join and contribute to the development of a top-tier offensive security team, we are seeking a motivated and skilled offensive security engineer. A person who is passionate about security testing and can adopt an attacker's perspective is the perfect candidate. You will be proficient at communicating threats to the business both verbally and in writing and have at least three years of experience conducting penetration tests. We can help you relocate to the UK. Also, we can sponsor visas.
In addition to performing penetration tests on some of the newest and most exciting technologies, the role also reserves 30%-40% of your time for research and development, which is actively encouraged. You’ll be keen to present the new and exciting things you have discovered during your R&D time by writing blog posts and white papers.
As part of this role you’ll:
Help scope and execute internal penetration tests
Offer technically sound and considered remediation advice
Effectively communicate findings and remediation advice to the business
Work with the owning squads to triage identified vulnerabilities
Research and develop cutting-edge tools, techniques and exploits specific to our environments and services
Produce blog posts and white papers as an output for the time spent on research and development
Work collaboratively and independently on specialized engagements
Help Monzo meet and surpass regulatory requirements for information security
Help manage the validation and triage of vulnerabilities from our HackerOne platform
Be a technical point of contact for squads outside the security collective who need advice on penetration testing or offensive security
3+ years experience in security testing or penetration testing
An industry-recognized qualification such as CREST CRT, OSCP or another equivalent
Experience performing security assessments on the following:
Mobile Applications
Web Applications
APIs
Infrastructure
Experience using and testing remotely managed MacOS environments
Experience working in microservices architecture environments
Experience researching security topics and publishing your findings
Experience with Programming/Scripting languages: GoLang, Bash, Python
A bachelor's degree in computer science or equivalent work experience
Experience working in a regulated environment
The ability to think outside the box and apply creative thinking to problem solving
An inquisitive and curious nature
A passion and enthusiasm for security research/testing with a flair for presentation and communication.
💰 £35,000 - £75,000 ➕ plus stock options & benefits
✈️ We can help you relocate to the UK.
✅ We can sponsor visas.
📍This role can be based in our London office, but we're open to distributed working within the UK (with ad hoc meetings in London).
⏰ We offer flexible working hours and trust you to work enough hours to do your job well, at times that suit you and your team.
📚Learning budget of £1,000 a year for books, training courses and conferences
➕And much more, see our full list of benefits here
If you prefer to work part-time, we'll make this happen whenever we can - whether this is to help you meet other commitments or strike a great work-life balance.
Equal Opportunity Statement
We are actively creating an equitable environment for every Monzonaut to thrive.
The Interview Process:
After an initial chat with one of the Hiring Team, our interview process involves three main stages:
Initial interview with one of the team
Technical interview
Values and Collaboration interview
Our average process takes around 2-3 weeks but we will always work around your availability. You will have the chance to speak to our recruitment team at various points during your process but if you do have any specific questions ahead of this please contact us at techhiring@monzo.com