Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our Security Team to enhance application security and mentor fellow engineers.
- Company: Funding Circle empowers small businesses with fast, hassle-free finance solutions.
- Benefits: Enjoy hybrid working, private medical insurance, and a dedicated learning allowance.
- Why this job: Make a real impact in FinTech while collaborating in a diverse and supportive environment.
- Qualifications: 3+ years in application security, AWS expertise, and experience with CI/CD integration required.
- Other info: We celebrate diversity and encourage all backgrounds to apply!
The predicted salary is between 48000 - 72000 £ per year.
We are seeking an experienced Senior Application Security Engineer to join our dynamic Security Team. This is a key role where you will be a primary contributor to Funding Circle's security posture, with a strong focus on Application Security. You will leverage your deep expertise in secure software development lifecycle (SSDLC) practices and CI/CD security to act as a subject matter expert and mentor, collaborating closely with engineering and product teams to embed security seamlessly into our development processes. You will also apply your knowledge of AWS to secure the underlying cloud infrastructure. Join us to protect our platform and customer data in a fast-paced FinTech environment.
Who are we? We're Funding Circle. We back small businesses to succeed. At Funding Circle, we believe the world needs small businesses. That's why we've made it our mission to help them get the finance they need to grow. With more than a decade of expertise under our belt, we've built a game-changer of a platform with cutting-edge data and technology that's reshaping the landscape of SME lending. Say goodbye to lengthy applications and hello to lightning-fast decisions! In just minutes, SMEs across the UK can get a decision, giving them access to competitive funding in a flash. We know that good business is about good people. So we pride ourselves on providing meaningful, human support as well as fast, hassle-free processes to deliver an unbeatable customer experience.
The role:
- Define, champion, and embed secure software development lifecycle (SSDLC) practices and secure coding standards across engineering teams through collaboration, training, and tooling.
- Perform threat modelling exercises for cloud-native applications, microservices, and infrastructure components.
- Manage internal and external penetration testing engagements for Funding Circle applications, services, and cloud infrastructure.
- Collaborate closely with Cloud Platform Engineers, DevX and Product Engineering to ensure security requirements are integrated into system designs and technology choices from the outset.
- Act as a subject matter expert on DevSecOps, and application security, cloud security (AWS), providing guidance and mentorship to other engineers.
- Contribute to drive implementation of security automation across cloud infrastructure configuration, vulnerability management, and compliance monitoring.
- Design, implement, and support the adoption of robust security architectures, controls, and best practices within our AWS cloud environment.
What we're looking for:
- Application & Cloud Security Expertise: Over 3 years of information security experience with a deep focus on application/product security, complemented by strong expertise in securing AWS environments and Infrastructure as Code (IaC).
- Champion for Secure Development: Proven track record of defining, implementing, and driving the adoption of secure software development lifecycle (SSDLC) practices and secure coding standards within engineering teams.
- Security Automation & CI/CD Integration: Hands-on experience architecting and integrating a suite of security tools (SAST, DAST, SCA, IAST, secrets management) and automated controls directly into CI/CD pipelines like GitLab CI, Jenkins, or GitHub Actions.
- Vulnerability Management & Threat Intelligence: Deep understanding of web application vulnerabilities (OWASP Top 10) and experience contributing to vulnerability management programs.
- Container & Orchestration Security: Solid knowledge of container security best practices and securing container orchestration platforms, specifically Kubernetes and AWS EKS.
- Frameworks & Compliance: Strong knowledge of key security frameworks (NIST CSF, MITRE ATT&CK) and standards (CIS Benchmarks, OWASP ASVS), with experience managing external penetration testing and coordinating remediation efforts.
Nice to have:
- Experience with specific security platforms/tools (e.g., Wiz, Snyk, Checkmarx, Veracode).
- Relevant advanced security certifications (e.g., AWS Certified Security - Specialty, CISSP, CCSP, OSCP/OSWE).
- Proficiency in security automation using scripting languages (e.g., Python).
- Experience working in FinTech or other highly regulated environments.
- Experience with mobile application security principles and testing.
At Funding Circle we are committed to building diverse teams so please apply even if your past experience doesn’t align perfectly with the requirements.
Why join us? At Funding Circle, we celebrate and support the differences that make you, you. We're proud to be an equal-opportunity workplace and affirmative-action employer. We truly believe that diversity makes us better. As a flexible-first employer we offer hybrid working at Funding Circle, and we've long believed in a 'best of both' approach to in-office collaboration and non-office days. We expect our teams to be in our London office two times a week, where you can take advantage of our newly refurbished hybrid working space, barista made coffee and subsidised lunches (via JustEat) every day!
We back our Circlers to build their own incredible career, making a difference to small businesses every day. Our Circler proposition is designed to support employees both in and out of work, and it is anchored around four pillars: Health, Wealth, Development & Lifestyle.
A few highlights:
- Health: Private Medical Insurance through Aviva, Dental Insurance through Bupa, MediCash, access to free online therapy sessions and exclusive discounts with Hertility for reproductive health support.
- Wealth: Octopus Money Coach, free mortgage advisor partnership and discounts across numerous retailers through Perks at Work.
- Development: Dedicated annual learning allowance and full access to internal learning platform.
- Lifestyle: Wellhub (for fitness discounts), Electric Car Scheme and more!
And finally, we have award winning parental leave policies supporting parents through enhanced maternity, partner and adoption leave, as well as additional leave for parental bereavement and for fertility treatments.
Ready to make a difference? We’d love to hear from you.
Senior Security Engineer - Funding Circle employer: Funding Circle
Contact Detail:
Funding Circle Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Security Engineer - Funding Circle
✨Tip Number 1
Familiarise yourself with the specific security frameworks mentioned in the job description, such as NIST CSF and MITRE ATT&CK. Being able to discuss these frameworks in detail during your interview will demonstrate your expertise and alignment with Funding Circle's security needs.
✨Tip Number 2
Showcase your experience with AWS and secure coding practices by preparing examples of past projects where you successfully integrated security into the software development lifecycle. This will help you illustrate your hands-on experience and problem-solving skills.
✨Tip Number 3
Research Funding Circle’s mission and values thoroughly. Understanding their commitment to supporting small businesses will allow you to tailor your responses in interviews, showing that you are not just a fit for the role but also for the company culture.
✨Tip Number 4
Prepare to discuss your approach to security automation and CI/CD integration. Be ready to share insights on tools you've used and how you've implemented them in previous roles, as this is a key aspect of the position at Funding Circle.
We think you need these skills to ace Senior Security Engineer - Funding Circle
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in application security, AWS, and secure software development lifecycle (SSDLC) practices. Use specific examples that demonstrate your expertise and how you've contributed to security in previous roles.
Craft a Compelling Cover Letter: In your cover letter, express your passion for security and how it aligns with Funding Circle's mission. Mention your experience with CI/CD integration and security automation, and explain how you can contribute to their security posture.
Showcase Relevant Skills: Clearly list your skills related to application and cloud security, such as vulnerability management, threat modelling, and knowledge of security frameworks. Make sure to include any relevant certifications that could set you apart.
Highlight Collaboration Experience: Since the role involves working closely with engineering and product teams, provide examples of past collaborations where you successfully integrated security into development processes. This will show your ability to work in a team-oriented environment.
How to prepare for a job interview at Funding Circle
✨Showcase Your Application Security Expertise
Be prepared to discuss your experience with secure software development lifecycle (SSDLC) practices. Highlight specific projects where you successfully implemented security measures and how they improved the overall security posture.
✨Demonstrate Cloud Security Knowledge
Since the role focuses on AWS, ensure you can articulate your understanding of securing cloud environments. Discuss any hands-on experience you have with AWS services and how you've applied security best practices in those contexts.
✨Prepare for Technical Questions
Expect technical questions related to web application vulnerabilities, especially the OWASP Top 10. Brush up on your knowledge of vulnerability management and be ready to provide examples of how you've addressed these issues in past roles.
✨Emphasise Collaboration Skills
This role requires working closely with engineering and product teams. Be ready to share examples of how you've collaborated with cross-functional teams to integrate security into development processes, showcasing your ability to mentor and guide others.
