💳 Capital on Tap was founded with the mission to help small business owners and make their lives easier. Today, we provide an all-in-one business credit card & spend management platform that helps business owners save time and money. Capital on Tap proudly serves over 200,000 businesses across the world and our goal is to help 1 million small businesses by 2030.
🏡🏢This is a Hybrid role, the Security team work from our London Office 2 days per week.
The RoleAs a Senior Security Engineer, you will be on the frontline, securing our data, systems, and operations, shaping our security measures to deter threats and safeguard our valuable assets, playing a vital role in ensuring our security monitoring and alerting capabilities are functioning effectively. Joining an existing team covering all areas of IT and Application Security.
Taking an active role to feed into the cyber security strategy and supporting the Security Engineering Manager in ensuring the policies, practices and approach to enabling a top-class cyber security posture is fit for purpose and evolving to meet the needs of a rapidly expanding regulated business.
Responsibilities include management of the SIEM and SOC, identifying and implementing new log sources and use cases, maintaining and improving existing security tooling with the latest features, and understanding industry trends and how they apply to our business.
- Experience with the Microsoft security stack
- Experience or exposure to Application Security best practises
- Ability to manage and respond to security incidents effectively
- Communication and presentation skills, tailored to the correct audiences
- Ability to stand in for the Security Engineering Manager when required
- Able to mentor and guide junior engineers
- A strong understanding of securing cloud technologies
- Continual learner, staying updated on emerging threats, technologies and trends
- Loves to solve problems, capable of making decisions under pressure
- Understanding of ISO27001/NIST/SOC2 frameworks
This position is ideal for a skilled Security Engineer with a broad exposure across engineering, analysis, incident response and application security.
Already operating at a senior level or with enough experience looking to take a senior role whilst broadening their skillset.
Diversity & Inclusion 🌈We welcome, consider and encourage applications from anyone who shares our commitment to inclusivity. Join us in creating a space where authenticity thrives, and everyone can do their best work.
We try not to take ourselves too seriously (all the time) so we make sure our office is decked out with a pool table, arcade machine, beer tap, and a couple of office dogs thrown in for good measure. Check out our benefits: 🏥 Private Healthcare including dental and opticians services through Vitality ✈️ Worldwide travel insurance through Vitality 🎁 Anniversary Rewards (£250, £500, £750, 4-week fully paid sabbatical) 👛 Salary Sacrifice Pension Scheme up to 7% match 🚘 Octopus EV Salary Sacrifice Scheme 🏖️ 28 days holiday (plus bank holidays) 📖 Annual Learning and Wellbeing Budget 👪 Enhanced Parental Leave 🚲 Cycle to Work Scheme 🚂 Season Ticket Loan 💬 6 free therapy sessions per year 🐶 Dog Friendly Offices 🍫 Free drinks and snacks in our offices
Check out more of our benefits, values and mission here.
Required skills: * Experience with the Microsoft security stack, with specific focus on the following technologies: Defender for Endpoint, Defender for Identity, Defender for Cloud, Sentinel, Entra, Azure Policy, etc. * Experience working within the Security Incident Response Lifecycle, creating and reviewing plans and playbooks * Reviewing and ingesting new log sources into a SIEM * Working alongside a SOC to ensure alerts are managed effectively * Responding to security alerts and incidents * Carrying out post mortems and implementing lessons learned * Experience working with and securing cloud native technologies * Experience designing, building and maintaining security tooling * Experience with ‘defence in depth’ and ‘zero trust’ methodologies to cyber security * Experience with application and platform vulnerability management processes * Able to join an Out Of Hours emergency on-call rota
Nice to have skills: * Ability to feed into the Cyber Security Strategy * An understanding of Cybersecurity frameworks and compliance * Understanding of network security technologies and protocols * Ability to work collaboratively and independently depending on the current project * Experience or exposure to working in a regulated environment
