Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join a dynamic team to enhance security across innovative communication platforms.
- Company: Element, a leader in open, secure messaging solutions.
- Benefits: Enjoy 40 days of leave, private healthcare, and flexible remote work.
- Why this job: Make a real impact on global security standards with exciting projects.
- Qualifications: Strong security knowledge and experience in penetration testing required.
- Other info: Collaborate with top organisations like NATO and the UN.
The predicted salary is between 48000 - 84000 £ per year.
Element was originally created to hire the founding team behind the Matrix protocol - the leading project for open, secure, decentralised communication. Matrix's mission is to make messaging as open as email, allowing everyone to choose where their data is hosted, enjoy private conversations and ultimately be in control of their communications. Element helps large organisations run Matrix at scale. Customers include the French, German and British governments, not to mention NATO and the UN.
The Element Security Team raises security standards across Element and the wider Matrix ecosystem. We have a dual role: owning and delivering projects that materially improve infrastructure, products, and the Matrix protocol, while also acting as advisors and consultants to other teams to ensure security is built in everywhere. The team also serves as the Matrix.org Foundation Security Team with roughly a 50/50 split across activities. Reporting to the Head of Security, we operate with wide scope and high impact. We are a small, pragmatic group that biases to action and values ownership over titles.
Recent work
- Led a critical security release: protocol design input and impact analysis of foundational Matrix changes, embargo coordination.
- Built an SBOM pipeline using syft, grype, and Dependency-Track, plus custom tooling.
- Partnered with Compliance to achieve security certifications, prioritising controls that materially improve risk posture and avoiding boxticking.
- All this alongside 10-20% time for exploratory research and tooling.
Responsibilities
- Contribute to the continuous penetration testing programme for Element and Matrix.org infrastructure.
- Own vulnerability management: triage, prioritisation, and remediation guidance.
- Embed security into CI/CD and infrastructure-as-code workflows.
- Partner with engineering teams to raise security awareness and embed best practices.
- Conduct security research to identify novel vulnerabilities in infrastructure and code.
- Triage external vulnerability reports and coordinate responses/advisories.
- Deliver customer-facing security features (e.g. SBOMs, advisories).
- Review and support secure development in Python, Rust, TypeScript and Go.
- Support Compliance by implementing and evidencing security controls.
- Contribute to protocol analysis and development with Matrix.org Foundation staff.
Requirements
- Strong grasp of core security principles and common vulnerability classes (across infrastructure, cloud and applications).
- Strong knowledge of network and cloud security, particularly AWS.
- Demonstrable offensive security experience (pentest, bug bounty, or research). Tooling fluency in common pentesting tools (nmap, nuclei, mitmproxy, Burp, ffuf, etc); bonus points for the ability to script your own.
- Proficiency in at least one of Python, Rust, TypeScript, or Go.
- Experience working with software teams to help them embed security practices into their workflows.
- Comfortable working in a remote-first organisation.
- Based in Europe (including UK).
Nice to have
- Results of prior security research (write-ups, CVEs, exploits). We prefer demonstrated results over certificates.
- Familiarity with the Matrix protocol and/or cryptography.
- Customer-facing security docs or advisory experience.
- Participation in CTF competitions and similar security challenges.
- Knowledge of secure data handling, especially in the context of GDPR.
- Prior experience with achieving security certifications, ideally ISO 27001.
- Open-source security contributions. We are an open source company, an intuitive understanding of what it is to contribute to FOSS projects will be beneficial.
Benefits
- Meaningful, mission-driven work in open source.
- 40 days of annual leave (incl. local public holidays).
- Private healthcare (depending on location).
- Share options.
- Flexible hours and remote-first culture.
- Family-friendly environment.
- Annual bonus subject to individual and company performance.
Our Values
- We care about the greater good.
- We work together in the open.
- We are proud of how we serve our customers.
- We are ambitious and iterate rapidly.
Element does not discriminate on the basis of race, sex, colour, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.
Senior Security Engineer in London employer: Element - creators of Matrix
Contact Detail:
Element - creators of Matrix Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Security Engineer in London
✨Tip Number 1
Network like a pro! Reach out to current employees at Element on LinkedIn or other platforms. Ask them about their experiences and any tips they might have for the interview process. This insider info can give us a leg up!
✨Tip Number 2
Prepare for technical interviews by brushing up on your skills. Since this role involves security principles and coding, practice common pentesting tools and coding challenges in Python, Rust, TypeScript, or Go. We want to show off our expertise!
✨Tip Number 3
Showcase your passion for open source! If you've contributed to any projects or have relevant research, make sure to highlight that in your discussions. Element values contributions to FOSS, and we want to demonstrate that commitment.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen. Plus, it shows you’re genuinely interested in being part of the Element team. Let’s get that application in!
We think you need these skills to ace Senior Security Engineer in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV reflects the skills and experiences that align with the Senior Security Engineer role. Highlight your offensive security experience and any relevant projects you've worked on, especially those involving penetration testing or vulnerability management.
Craft a Compelling Cover Letter: Use your cover letter to tell us why you're passionate about security and how you can contribute to our mission at Element. Share specific examples of your work in security, particularly in relation to the Matrix protocol or similar projects.
Showcase Your Technical Skills: Don’t forget to mention your proficiency in programming languages like Python, Rust, TypeScript, or Go. If you’ve used common pentesting tools, make sure to list them and describe how you’ve applied them in real-world scenarios.
Apply Through Our Website: We encourage you to apply directly through our website for the best chance of getting noticed. It’s the easiest way for us to keep track of your application and ensure it reaches the right people!
How to prepare for a job interview at Element - creators of Matrix
✨Know Your Security Fundamentals
Make sure you have a solid grasp of core security principles and common vulnerability classes. Brush up on your knowledge of network and cloud security, especially AWS, as this will likely come up during the interview.
✨Showcase Your Offensive Security Experience
Be prepared to discuss your hands-on experience with penetration testing, bug bounties, or any relevant research. Bring examples of tools you've used, like nmap or Burp, and if you’ve scripted your own tools, definitely mention that!
✨Demonstrate Collaboration Skills
Since the role involves working closely with engineering teams, be ready to share examples of how you've successfully embedded security practices into workflows. Highlight any past experiences where you raised security awareness among your peers.
✨Familiarise Yourself with the Matrix Protocol
Understanding the Matrix protocol and its security implications can set you apart. If you have any prior experience or insights related to it, make sure to bring that up. It shows you're genuinely interested in the company's mission and values.
