Who are we?
Want to work for one of the UK’s fastest growing fintechs, that’s powering some of the most innovative and well-known consumer investment platforms around today? You might have heard of companies like Crowdcube, and Chip – did you know that they use our technology?
At Seccl, we’re rebuilding the infrastructure of investments and advice. Our software allows ambitious fintechs to quickly get to market with innovative investment or advice products – and helps financial advisers and investment managers to build stronger, more valuable businesses, by operating their own investment platform.
If this sounds exciting to you, then Seccl could be the perfect fit. It doesn’t matter if you have no experience in financial services or technology – we welcome unique and diverse talent from all backgrounds.
About the role
We have grown our new Cloud Ops and Developer Enablement (CODE) team and are now looking for an enthusiastic and experienced DevSecOps Engineer to drive forward improvements in our security posture by integrating “security by design” into the full software development, release and hosting process.
Who are we looking for?
You’ll be someone who…
- Has a background in cloud security
- Can demonstrate AWS security knowledge to a level required by the AWS Security Specialty certification
- Understands tenets of application security, secure code architecture and development practices
- Has used a major CI tool such as Jenkins, CircleCI, GitLab, TeamCity etc
- Has experience using Terraform, Ansible or equivalent IAC/CAC tools
- Has experience in Devops and Site Reliability Engineering principles– CI/CD pipelines, monitoring and alerting, containers, automation etc
- Is collaborative and can see the bigger picture at a systems level as well as the detail
- Is comfortable is a fast paced, ever changing and improving development environment
- Relentlessly pursues and supports improvement and enablement in themselves, their team and their systems
It would be nice to find someone who…
- Has AWS certifications under their belt, including the AWS Security Specialty
- Has CISSP, CISM, CISA, CCP IA, or similar certifications
- Has experience around ISO27001 certification
- Has a working knowledge of Typescript and MongoDB
What will you be doing?
- Ensuring our product environments are secure
- Own the Security Incident Management process together with our DevOps lead and ensure best practice and tooling are in place
- Implementing SAST, DAST and SCA testing using tools like StackHawk, Snyk, Codescan, Codacy or Veracode
- Building security into the entire software lifecycle and championing it with engineering, product and the wider business
- Working with CI/CD pipelines and tools to automate and “shift left” security.
- Cloud and cyber security compliance, gap analysis, threat modelling, vulnerability scanning and remediation
- AWS cloud design and infrastructure as code based deployment experience – Terraform, Ansible
- Threat modelling based on industry standard frameworks – OWASP, NIST, CIS
Culture & benefits
We truly value diversity in our workforce, and we’re actively working becoming a more diverse and inclusive organisation. We write quite a lot about what it’s like to work here at Seccl – genuine flexibility, an inclusive and friendly team, a beautiful Bath office, great perks and benefits… we could go on.
But you don’t have to take our word for it. We were recently voted one of the top 100 places to work in the UK by Escape the City.
And if you need further persuading, our current eNPS score of 59 shows that 78% of people who work at Seccl selected 9 or 10 out of 10 on how likely they would be to recommend us as a place to work.
Some of this is down to our generous benefits, that include…
- All the usual stuff – 27 days’ holiday (plus bank holidays and religious holidays), cycle to work scheme, an extra day off for your birthday, and pension and life assurance policies
- Genuinely flexible working. Come into the office as much or as little as you choose
- Truly inclusive culture where diversity is a top-level objective
- Heavy focus on mental health and wellbeing. Take the time off you need, and make use of our mental health breakout room in the office, as well as free access to therapists and a Headspace subscription
- Strong commitment to continuous learning. We encourage everyone to spend 10% of their time learning new things, and provide free access to over 10,000 online learning courses via Udemy, which you can use for anything you want (whether professionally useful or not)
- Generous freebies and discounts through Perkbox (which includes Perkbox Medical, giving access to GP appointments), and a subscription to Rakuten for free movie downloads
- A genuine commitment to delegated team ownership, a flat structure and massive quest for openness and transparency in how we work and share from the Board all the way down
- Beautiful office in the centre of the stunning city of Bath. A stone’s throw (literally!) from the train and bus station
We’re also part of the Octopus Group – an innovative, £10bn+ group of companies including Octopus Energy, Octopus Ventures and Octopus Investments. Octopus are on a mission to breathe new life into energy and financial services, and improve the lives of millions of people, so it’s great to be under their umbrella.
Our recruitment process has moved to ‘virtual hiring’ only – and we don’t see this changing anytime soon. This will include video interviews and virtual onboarding… stuff that we’ve all become pretty used to over the past eighteen months.
Like what you see?
Just send your CV to email@example.com and a member of our People Team will be in touch.