Offensive Security Engineer

At Tide we help SMEs save time (and money) in the running of their businesses by not only offering business accounts and related banking services, but also a comprehensive set of highly usable and connected administrative solutions from invoicing to accounting.

Tide is transforming the small business banking market with over 1.6 million members globally across the UK, India, Germany and France. Using advanced technology, all solutions are designed with SMEs in mind. With quick onboarding, low fees and innovative features, we thrive on making data-driven decisions to help SMEs save both time and money.

Tide facts:

• Tide is available for UK, Indian, German and French SMEs
• Over 1.6 million members: 800,000 UK and 800,000 in India and growing rapidly
• Over $200 million raised in funding
• Over 2500 Tideans globally - we're diversity champions
• We have offices in Central London, with a member support and technology centre in Sofia, Bulgaria, technology centres in Serbia, Romania, Lithuania and Hyderabad and offices in Gurugram and New Delhi, India

ABOUT THE TEAM:

As an Offensive Security Engineer at Tide, you'll join the Threat Detection and Response team a highly motivated and talented team of Tideans who love to collaborate, and are driven by helping people achieve their business ambitions. We live and breathe our values, which are to put our members first, work as one team and be data-driven. As part of our team, they'll matter to you too. You'll also help take our security processes to the next level. Our scaling security team is responsible for securing Tide, our Tideans and our Members.

ABOUT THE ROLE:

As an Offensive Security Engineer you will be:

• Reviewing web/mobile applications, source code, operating systems, and network security architectures; finding vulnerabilities and defining effective strategies for remediation and hardening.
• Identifying gaps in controls and vulnerabilities in our Cloud infrastructure with containerised environments and GitOps deployment pipelines.
• Ability to think critically and identify areas of technical and non-technical risk.
• Research and develop tools, techniques and exploits specific to Tide.
• Help with the triaging and perform validations of external security submissions whenever required.
• Communicate effectively findings and remediation actions with both technical and non-technical teams.
• Coaching engineers across both Security and broader technical teams in the principles and practices of offensive security.
• Partner with internal security and engineering teams on collaborative engagements that uncover vulnerability and detection opportunities across systems.
• Identify weaknesses in product security controls – including vulnerabilities, misconfigurations, and gaps in processes and procedures
• Work with the Tide engineering teams to plan and scope internal/external pen-testing.
• Bring your red team hat to support Incident Response

WHAT WE ARE LOOKING FOR:

• First and foremost you will be passionate about security and secure application design. You will love helping engineers create more secure web and mobile applications.
• You will be comfortable explaining security issues and concerns to product owners, engineers, area VPs and executives and love the feeling you get when this results in them releasing a more resilient product.
• You have experience working within the Fintech or tech sector.
• You have worked within a fast-scaling business.
• You have experience in attack simulation and vulnerability research.
• You are comfortable with writing tooling in Python, Java, go etc.
• You have strong Experience in performing security assessments on the following:
  • Cloud technologies (AWS, Azure, Kubernetes, containers etc).
  • Mobile/Web applications and APIs.
  • Mac /Windows.
• You have exposure to LLM testing.

OUR TECH STACK:

AWS, Azure, GitOps, Kubernetes, microservices, Distroless, Angular, Flutter

• Competitive salary
• Self & Family Health Insurance
• Term & Life Insurance
• OPD Benefits
• Mental wellbeing through Plumm
• Learning & Development Budget
• WFH Setup allowance
• 15 days of Privilege leaves
• 12 days of Casual leaves
• 12 days of Sick leaves
• 3 paid days off for volunteering or L&D activities
• Stock Options

TIDEAN WAYS OF WORKING:

At Tide, we champion a flexible workplace model that supports both in-person and remote work to cater to the specific needs of our different teams. 
While remote work is supported, we believe in the power of face-to-face interactions to foster team spirit and collaboration. Our offices are designed     as hubs for innovation and team-building, where we encourage regular in-person gatherings to foster a strong sense of community.
#LI-NN1

At Tide, we believe that we can only succeed if we let our differences enrich our culture. Our Tideans come from a variety of backgrounds and experience levels. We consider everyone irrespective of their ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity or differently-abled status. We celebrate diversity in our workforce as a cornerstone of our success. Our commitment to a broad spectrum of ideas and backgrounds is what enables us to build products that resonate with our members' diverse needs and lives. 

We are One Team and foster a transparent and inclusive environment, where everyone's voice is heard.

At Tide, we thrive on diversity, embracing various backgrounds and experiences. We welcome all individuals regardless of ethnicity, religion, sexual orientation, gender identity, or disability. Our inclusive culture is key to our success, helping us build products that meet our members' diverse needs. We are One Team, committed to transparency and ensuring everyone's voice is heard.

• Tide does not charge any fees at any stage of the recruitment process.
• All official Tide job opportunities are listed exclusively on our Careers Page and applications should be submitted through this channel.
• Communication from Tide will only come from an official  email address.
• Tide does not work with agencies or recruiters without prior formal engagement, and we do not authorize third parties to make job offers on our behalf.

If you are contacted by anyone misrepresenting Tide or requesting payment, please treat it as fraudulent and report it to us immediately at
Your safety and trust are important to us, and we are committed to ensuring a fair and transparent recruitment process.

You personal data will be processed by Tide for recruitment purposes and in accordance with Tide's Recruitment Privacy Notice.