Senior Security Engineer

Flagstone is many things. An online savings platform, reinventing how individuals, businesses, and charities manage, protect, and grow their cash. A diverse group of people, bound by a collaborative spirit, and shared purpose. And lastly, a thriving, profitable business – where smart people do their best work. Each definition shares a common thread: our unique culture. It’s our pride and joy. And our competitive advantage.

To revolutionise the savings market, we need to be at our best. But high performance takes more than talent – it takes a culture of kindness, respect, and growth. That’s why we’re building a diverse, inclusive community, where your voice is heard and valued. Where, with close support and room to develop, you can surpass even your own expectations and be rewarded for it. We may not change the world, but we can change the world of financial technology. All it takes is a winning mix of drive, talent, and empathy. Our culture celebrates all three.

About the Team

Security Engineering is a team of five covering cloud security, detection, and security operations. They work directly in the Azure estate and are close to the infrastructure, not abstracted behind a policy layer. The team runs Microsoft Sentinel, Defender XDR, and Defender for Cloud, and manages tooling through IaC. They run a quarterly penetration test programme and are continuously building out our detection and response capability. It’s a small team with broad scope, which means your work is visible, your opinions are heard, and there are meaningful problems for our engineers to work on.

Does this sound like you?

You're a Senior Security Engineer who operates credibly across cloud security, detection tooling, and incident response, without being narrowly specialised. You own meaningful parts of the security stack, contribute hands‑on to Azure cloud hardening, and show up reliably when incidents need investigating or pen test cycles need coordinating. You're energised by visible impact, your work matters and your voice is heard.

What you’ll do:

• Maintain and improve our Microsoft Sentinel deployment – writing and tuning detection rules, managing data connectors, and reducing alert noise.
• Operate and optimise Defender XDR and Defender for Cloud, including policy management and posture recommendations.
• Harden our Azure environment across identity, access management, networking, storage, WAF configuration, and logging pipelines.
• Contribute to infrastructure‑as‑code (Terraform or Bicep) for security tooling deployments and configuration drift management.
• Investigate suspicious activity surfaced through Sentinel and Defender – triage, elevate, or contain as appropriate.
• Support incident response activities including containment, evidence gathering, and post‑incident review.
• Participate in security risk assessments and threat modelling exercises across new and existing systems.
• Coordinate penetration test engagements (scope, logistics, findings review) and work with engineering teams to prioritise remediation.

What we’re looking for:

• Hands‑on SIEM experience, ideally Microsoft Sentinel; equivalent platforms (Splunk, Chronicle, QRadar) considered.
• Practical Azure security experience across Defender for Cloud, Entra ID, Azure networking, and cloud security posture management.
• Experience writing infrastructure‑as‑code using Terraform or Bicep in a security engineering context.
• Ability to contribute to threat modelling and communicate security risk clearly to engineering and product audiences.
• Experience supporting or coordinating penetration testing programmes, including managing remediation cycles.
• Familiarity with AI security considerations (securing AI workloads, data exposure risks) and/or using AI tooling to augment security engineering workflows.
• A growth mindset and genuine curiosity to keep learning.

Nice to Have:

• SC‑200 (Microsoft Security Operations Analyst) certification.
• KQL proficiency for detection rule authoring and threat hunting.
• Experience working in a similar fintech/financial services environment.

How we reward you:

At Flagstone, the benefits extend beyond false gifts like “fruit and snacks”. Instead, we invest in your health, wealth, and professional development. Here’s a selection of our benefits:

• Competitive bonus scheme – designed to reward and recognise high performance.
• Flexible benefits budget – a pot to fund meaningful benefits for you, whether it’s hormone or fertility testing, cancer screening, neuro‑diversity coaching or something that matters for you.
• A range of salary sacrifice options to help you make tax‑efficient savings on electric cars, nursery schemes, home and tech goods.
• Around the World scheme – 3 months work from anywhere scheme.
• Mental wellbeing support – access therapy and mental health sessions through Spill.
• Learning and development – £1,000 personal development budget to help you grow in your role.
• Private health care – enjoy all the benefits AXA has to offer, including reduced gym memberships and medical history disregarded.
• Medical cash plan – to help you with the costs of dental and optical expenses.
• Life insurance and Income Protection – four times your annual salary for peace of mind.
• Matched pension contributions up to 5%.
• 25 days holiday – plus bank holidays, well‑being days and volunteering days.
• Enhanced Parental Leave – enhanced maternity, paternity and adoption pay.

All are welcome:

At Flagstone, we’re assembling a diverse team that defies our industry’s norms. Think this role could suit you? We encourage you to apply, no matter your background.