Security Engineer

Excited to grow your career?

Our purpose is to empower people to save and invest with confidence. We are looking for great people to join us, so please come and invest in YOUR future at HL.

We know that sometimes people can be put off applying for a job if they don't tick every box. If you're excited about working for us and have most of the skills or experience we're looking for, please go ahead and apply. We'd love to hear from you!

About the role

Hargreaves Lansdown, a leading FinTech company, is undergoing an Agile transformation. Information Technology has underpinned Hargreaves Lansdown's success and will play an increasingly important role in HL's future strategy and growth as the company continues its digital journey. As part of this journey, we are working hard to increase security testing capabilities across all change. We are therefore looking for a Security Engineer with a proven track record in information security / security testing, who enjoys working with a variety of technologies and wishes to progress their career, assisting in security assurance across the business.

What you'll be doing

• Designing and implementing automated security testing solutions and vulnerability scanning within the SDLC.
• Supporting senior management in defining testing strategy, tools, and technologies.
• Conducting proof of concepts for new tools to support automated security assurance during agile sprints.
• Onboarding chosen automation solutions, collaborating with teams across the business to build and deploy.
• Integrating the use of security tooling into existing team and business processes.
• Maintaining and optimizing tools through configuration reviews and feature upgrades.
• Monitoring tool effectiveness, including cost/benefit analysis and performance against metrics.
• Producing dashboards to demonstrate effectiveness.
• Triage of vulnerabilities, identification of false positives, and providing mitigation and risk advice.
• Identifying improvements and shift left opportunities.
• Championing security testing as part of the delivery pipeline and promoting a secure by design culture.
• Cultivating strong working relationships across various business departments to ensure smooth and efficient processes.
• Adhering to deadlines, prioritizing work, and providing progress updates against the plan.

About you

• Experience with SAST/SCA/DAST toolsets such as Veracode, GitLab.
• Experience with API scanning toolsets such as Salt, Cequence, 42crunch.
• Understanding of CVSS, EPSS, or other vulnerability risk measurement frameworks.
• Proficiency in at least one programming or scripting language.
• Knowledge of various software development languages and deployment tools.
• Understanding of security vulnerabilities with a commitment to staying updated on emerging ones.
• Ability to replicate vulnerabilities to demonstrate risk to development teams.
• Experience working with Agile processes.
• Familiarity with cloud technologies such as AWS and Azure.
• Highly organized with advanced planning and organizing skills, as well as attention to detail.
• Experience in writing processes and optimizing them based on feedback.
• Experience in integrating security tooling into CI/CD pipelines.

Why us?

Here at HL, we're the UK's number 1 investment platform for private investors, based in Bristol. For more than 40 years we've helped investors save time, tax and money on their investments.

To achieve our mission, we believe we have a workplace like no other, with constant learning, dynamic teams, and a great ethos. We're steered by core values that promote service, quality, innovation, and opportunity in everything we do.

What's on offer?

• Discretionary annual bonus & annual pay review
• 25 days holiday plus bank holidays and 1-day additional Christmas closure time
• Option to purchase an additional 5 days holiday per year at annual enrolment
• Flexible working options available, including hybrid working
• Enhanced parental leave
• Pension scheme up to 11% employer contribution
• Sharesave scheme - have a real stake in HL's future
• Income Protection & Life insurance (4 x salary core level of cover)
• Private medical insurance
• Health care cash plans - including optical, dental, and out patientcare
• and an Employee Assistance Programme
• Gympass - gym memberships and wellbeing apps available
• Variety of travel to work schemes with free bike storage and shower facilities
• An inhouse barista serving subsidised coffee and snacks
• Join HL's sports, I&D networks and volunteering groups (two paid volunteering days per year)
• LifeWorks Discounts on services, restaurants and retailers

dependant on role level

Hargreaves Lansdown is an inclusive employer that values diversity in its workforce. We encourage applications from all individuals without regard to race, religion, gender, sexual orientation, national origin, disability or age.

This role may also be available on a flexible working or part time basis - please ask the Recruitment & Onboarding team for more information.

Please note, we are unable to provide employment sponsorship to candidates.