Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our team to enhance security across innovative communication platforms.
- Company: Element, a leader in open, secure communication technology.
- Benefits: Enjoy 40 days of leave, private healthcare, and flexible remote work.
- Why this job: Make a real impact on global security standards with cutting-edge technology.
- Qualifications: Strong security knowledge and experience in penetration testing required.
- Other info: Be part of a mission-driven, diverse, and inclusive team.
The predicted salary is between 48000 - 72000 £ per year.
Element was originally created to hire the founding team behind the Matrix protocol - the leading project for open, secure, decentralised communication. Matrix's mission is to make messaging as open as email, allowing everyone to choose where their data is hosted, enjoy private conversations and ultimately be in control of their communications. Element helps large organisations run Matrix at scale. Customers include the French, German and British governments, not to mention NATO and the UN.
The Element Security Team raises security standards across Element and the wider Matrix ecosystem. We have a dual role: owning and delivering projects that materially improve infrastructure, products, and the Matrix protocol, while also acting as advisors and consultants to other teams to ensure security is built in everywhere. The team also serves as the Matrix.org Foundation Security Team with roughly a 50/50 split across activities. Reporting to the Head of Security, we operate with wide scope and high impact. We are a small, pragmatic group that biases to action and values ownership over titles.
Recent work
- Led a critical security release: protocol design input and impact analysis of foundational Matrix changes, embargo coordination.
- Built an SBOM pipeline using syft, grype, and Dependency-Track, plus custom tooling.
- Partnered with Compliance to achieve security certifications, prioritising controls that materially improve risk posture and avoiding boxticking.
- All this alongside 10-20% time for exploratory research and tooling.
Responsibilities
- Contribute to the continuous penetration testing programme for Element and Matrix.org infrastructure.
- Own vulnerability management: triage, prioritisation, and remediation guidance.
- Embed security into CI/CD and infrastructure-as-code workflows.
- Partner with engineering teams to raise security awareness and embed best practices.
- Conduct security research to identify novel vulnerabilities in infrastructure and code.
- Triage external vulnerability reports and coordinate responses/advisories.
- Deliver customer-facing security features (e.g. SBOMs, advisories).
- Review and support secure development in Python, Rust, TypeScript and Go.
- Support Compliance by implementing and evidencing security controls.
- Contribute to protocol analysis and development with Matrix.org Foundation staff.
Requirements
- Strong grasp of core security principles and common vulnerability classes (across infrastructure, cloud and applications).
- Strong knowledge of network and cloud security, particularly AWS.
- Demonstrable offensive security experience (pentest, bug bounty, or research). Tooling fluency in common pentesting tools (nmap, nuclei, mitmproxy, Burp, ffuf, etc); bonus points for the ability to script your own.
- Proficiency in at least one of Python, Rust, TypeScript, or Go.
- Experience working with software teams to help them embed security practices into their workflows.
- Comfortable working in a remote-first organisation. Based in Europe (including UK).
Nice to have
- Results of prior security research (write-ups, CVEs, exploits). We prefer demonstrated results over certificates.
- Familiarity with the Matrix protocol and/or cryptography.
- Customer-facing security docs or advisory experience.
- Participation in CTF competitions and similar security challenges.
- Knowledge of secure data handling, especially in the context of GDPR.
- Prior experience with achieving security certifications, ideally ISO 27001.
- Open-source security contributions. We are an open source company, an intuitive understanding of what it is to contribute to FOSS projects will be beneficial.
Benefits
- Meaningful, mission-driven work in open source.
- 40 days of annual leave (incl. local public holidays).
- Private healthcare (depending on location).
- Share options.
- Flexible hours and remote-first culture.
- Family-friendly environment.
- Annual bonus subject to individual and company performance.
Our Values
- We care about the greater good.
- We work together in the open.
- We are proud of how we serve our customers.
- We are ambitious and iterate rapidly.
Element does not discriminate on the basis of race, sex, colour, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.
Senior Security Engineer employer: Element - creators of Matrix
Contact Detail:
Element - creators of Matrix Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Security Engineer
✨Tip Number 1
Network like a pro! Reach out to current or former employees on LinkedIn and ask about their experiences. A friendly chat can give you insider info and might even lead to a referral.
✨Tip Number 2
Prepare for the interview by researching the company culture and values. Element is all about open communication and collaboration, so be ready to share how you embody these principles in your work.
✨Tip Number 3
Show off your skills! If you have any relevant projects or contributions to open-source security, make sure to highlight them during your interview. It’s a great way to demonstrate your passion and expertise.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, you’ll get access to AI-powered advice tailored just for you.
We think you need these skills to ace Senior Security Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Senior Security Engineer role. Highlight your relevant experience, especially in security principles and vulnerability management. We want to see how your skills align with our mission at Element!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about security and how you can contribute to our team. We love seeing genuine enthusiasm for open-source projects and the Matrix protocol.
Showcase Your Projects: If you've worked on any notable security projects or have results from prior research, make sure to include them. We appreciate candidates who can demonstrate their impact through tangible results, so don’t hold back!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team!
How to prepare for a job interview at Element - creators of Matrix
✨Know Your Security Fundamentals
Make sure you have a solid grasp of core security principles and common vulnerability classes. Brush up on your knowledge of network and cloud security, especially AWS, as this will likely come up during the interview.
✨Showcase Your Offensive Security Experience
Be prepared to discuss your hands-on experience with penetration testing, bug bounties, or any relevant research. Bring examples of tools you've used, like nmap or Burp, and if you’ve scripted your own tools, definitely mention that!
✨Demonstrate Collaboration Skills
Element values teamwork, so be ready to talk about how you've partnered with engineering teams in the past. Highlight specific instances where you helped embed security practices into their workflows, showing that you can communicate effectively across departments.
✨Familiarise Yourself with the Matrix Protocol
Since Element is deeply involved with the Matrix protocol, it’s a good idea to do some homework on it. Understanding its principles and how it relates to security will show your genuine interest in the role and the company’s mission.
