Security Engineer – Sustainability Fintech

  • Full Time
  • Bristol

Website WTHBristol WTHub Client


Salary: £24k – £50k – we are open to all levels for this role and welcome applications from both experienced and graduate-level candidates

Start date: ASAP

Location: Remote/Bristol.  At the moment we are only able to accept candidates based in the UK.

Who are we?

We’re is a venture-backed, impact-led financial technology firm. We believe every investor should be empowered to use their shareholder voice to create change on issues like climate, gender and human rights at companies where their money is invested. Our mission is to build and scale the technology to make that possible.

We’re a close-knit, fun and dynamic team. We champion autonomy and flexibility. We get stuck in and act strategically. We love food, rounders, board games… and having fun together, from canvas painting to cliff jumping in Devon!

We partner with the UK’s largest investment and pension platforms; empowering them to provide their investors with transparency over the companies they own and a shareholder voice on issues they care about. Big change takes time but we are patient and ambitious in equal measure; influencing the system, building a movement, empowering the world.

The Role

We’re looking for a security engineer to support our internal security ambitions and empower other team members to do their best work while staying secure. We are looking for someone to come into our modern cloud-based tech stack of MDM, cloud technologies (AWS/Google/Kubernetes), cloud IT (Office 365/Intune) to make us secure and agile.

You will be responsible for:

  • Developing and improving a set of security standards and practices
  • Helping plan and implement our information security strategy
  • Creating new ways to solve existing production security issues
  • Recommending security enhancements to management and modifications in legal, technical, and regulatory areas
  • Supporting more product-focused engineers with tools and guidance to create secure products
  • Support and develop our internal IT infrastructure
  • Empower other team members to work efficiently while doing so securely
  • Configuring software, such as MDMs, data encryption programs, and access tools to protect us effectively
  • Assisting with installation or processing of new security products and procedures
  • Where possible automating security processes for example in CI systems
  • Support our ambition of moving security left in its engineering
  • Conducting scans of software, networks, and infrastructure to find vulnerabilities
  • Conducting internal penetration testing as well as supporting external tests
  • Monitor networks and systems and build tools to help with breaches or intrusions
  • Supervising security changes in software, hardware, and user needs
  • Supporting on incident response activities
  • Investigating security incidents
  • Reporting findings to management
  • Educating staff members on information security through training and awareness

Desirable Experience

You should have a strong understanding of networks/systems that is wanting to grow their scope and responsibilities. If you are analytical, enjoy mucking in and problem-solving and have a strong enough understanding of the basics,

These are desirable rather than essential criteria. We welcome applications from people who do not have all the listed criteria but think they have what it takes and a willingness to learn by doing:

  • An understanding of operating systems, Linux, security protocols
  • Experience applying an information governance program to IT
  • Experience communicating security processes to other engineers as well as non-technical people
  • Experience in automating processes with bash
  • Understanding of basic developer tools such as git to automate processes
  • A strong enough understanding of networks suitable to aid in securing them
  • Understanding and experience in implementing security best practices
  • An understanding of how to conduct a penetration test and how to look for vulnerabilities in a system.
  • Exposure to security certifications such Cyber Essentials, ISO 27001,
  • Very much a nice to have: Security certifications

What we offer:

  • £24k – £50k – we are open to all levels for this role and welcome applications from both experienced and graduate-level candidates
  • Generous company share scheme – we are all owners of the company and beneficiaries of our collective success.
  • Flexible times with core communication hours of 10-3.
  • We’re remote-first but we have an office in Bristol you are welcome to use, and we get together once a month as a team to strategise, build on our culture and have some fun.
  • 5% employer pension contribution.
  • Flexible holiday policy of 33 days incl bank holidays.
  • As we continue to grow, we intend to increase our employee benefits package so expect more in future!

Working here, you’ll grow more than you would anywhere else; you will join a team who will appreciate you every day; your contributions will genuinely change our business outcome; and you will be proud to make a lasting, positive impact on the global investment system.

Recruitment Process

  • Technical interview (1hr)
  • Technical Task (~3 hours)
  • 2nd Interview (1hr)
  • Meet our CEO (30mins)

To apply for this job email your details to