Security Engineer London, England
Job description
We're a well-funded Tech scaleup in Europe and Asia with a mission to make the world fairer and more productive. We are doing this by making assets more transparent, trustworthy and accessible - starting with real estate. Incomes have stagnated, so more access to high value assets like real estate = less wealth inequality. We have first mover advantage!
Our CEO and co-founder Moubin had a successful career at McKinsey and private equity firm, APAX. Our CTO and co-founder Misrab is a Stanford Computer Scientist and scaled the data team at Gojek, a Tech unicorn in Asia.
Our values sit at the core of GetGround - no BS, pursuit of excellence, feedback obsession and healthy egos.
GetGround in numbers:
- 85 colleagues (ex Google, Meta, Deliveroo, Feedzai etc)
- £1Bn+ of assets on our platform
- 15,000+ users across 70 countries, with a 10% market share already
- Global hubs (UK, Portugal, Hong Kong, Singapore)
Security Engineer (hybrid working with 3 functional days a week in our new co-working Hammersmith office - free daily breakfast and gym membership is provided)
You will join the SRE team led by Pedro (check out Pedro's blog post), part of an Engineering function of ~20 engineers headed up by CTO and co-founder Misrab, a Stanford Computer Scientist and former VP Data at the Asian tech unicorn Gojek. The GetGround engineering team is split across 3 cross-functional Tech squads in London and Portugal.
Our tech stack includes a handful of Golang microservices on the backend and React.js on the frontend, all deployed over GCP.
We are passionate about technical rigour through collaborative, multi-disciplinary and thorough refinement processes. We believe in a challenger mindset - to implement new patterns and libraries including improving readability and efficiency.
Your responsibilities in this role:
1. Application level security
- Own security related CI, such as code vulnerability scanning for our Golang and React.js codebases. Work with engineering teams to remedy any issues
- Participate in a security review of major architectural decisions
- White knight hacking of existing codebases, and any new features being deployed. You'll enjoy thinking of attack vectors, proving them, and mitigating them
2. Infrastructure level security
- This includes a thorough review of our Google Cloud deployments and databases. Primary area of concern will be network security, and a CI to routinely scan for vulnerabilities
- Setting up key security events monitoring, and responding to alerts
- Manage automated scanning of all major infrastructure
3. Organisation wide security best practices
- Aligning the org on things like what passwords/secrets exist in the infrastructure and codebase, and creating a system for regular rotation of secrets in a secure manner. Coordinating with internal third-party relationship managers (e.g. Product Managers) to ensure we're in sync with our third parties on key rotation
- Coming up with simple best practices within the organisation e.g. basic guidance on phishing attacks. This can be done with our Operations and Compliance team, who will be glad to support
Essential experience:
- Experience in a similar role
- Security CI stack knowledge at application and infrastructure level (you can cite industry standard tooling and practices)
- Cloud networking and security best practices (GCP, AWS or other)
- CI/CD, deployment techniques and CI toolchain
- Identifying and mitigating attack vectors e.g. through penetration testing
Nice to haves, though not essential:
- Containerisation - docker and/or kubernetes
- Database technologies like SQL, noSQL, key-value stores
- Infrastructure automation via tools like Terraform, Ansible, Chef
Our benefits
- Competitive salary + stock options
- Private health + dental benefits
- Flexible/hybrid working (check details with your recruiter)
- 12 mental health days off annually (1 per month) PLUS holidays and public days off
- Mental health support - 24/7 access to mental health support, counselling, therapy & coaching through Spectrum.Life for all employees and their immediate family
- Team and company-wide events
- 360° performance reviews to promote a culture of growth and development
- Support for conferences and professional learning & development
[+ other localised benefits depending on your office location e.g. free breakfast daily and free gym ️ membership in London)
What we are building
The first end-to-end real estate investment offering - making the dream of owning real estate more accessible to everyone globally.
Diversity & inclusion at GetGround
We encourage applications from all sections of society and we believe in the criticality of an inclusive culture. We are committed to equal employment opportunity regardless of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity or any other basis as protected by law.
- 42% of our employees identify as female or non-specified, 58% as male
- 19 nationalities represented across offices in 5 countries
- Our work on Design Accessibility
- Inclusion is at the heart of our culture - we celebrate and reflect on key D&I and cultural events such as: Black History Month, International Women's Day and Pride
#LI-Hybrid
