Ebury is a global fintech firm dedicated to empowering businesses to expand internationally through tailored and forward-thinking financial solutions. Since our founding in 2009, we’ve grown to a diverse team of over 1,700 professionals across 40+ offices and 29+ markets worldwide. Joining Ebury means becoming part of a collaborative and innovative environment where your contributions are valued. You’ll play a key role in shaping the future of cross-border finance, while advancing your own career in a dynamic, high-growth industry.

SECURITY DOMAIN KNOWLEDGE

• Expert knowledge of OWASP standards (Top 10, ASVS, SAMM, MASVS)
• Understanding of cryptographic principles and secure implementations
• Experience with threat modeling methodologies
• Knowledge of authentication standards (OAuth2, OIDC, WebAuthn)
• Familiarity with PCI-DSS, PSD2, and Strong Customer Authentication requirements
• Understanding of cloud-native security patterns

CODE REVIEW & ANALYSIS SKILLS

• Ability to identify security vulnerabilities through manual code review
• Experience with static and dynamic analysis tools
• Understanding of common vulnerability patterns across languages
• Knowledge of secure architecture patterns and anti-patterns
• Ability to provide actionable remediation guidance

PROFESSIONAL REQUIREMENTS

• Experience in financial services or high-security environments
• Strong communication skills to explain security risks to developers
• Ability to balance security requirements with development velocity
• Collaborative approach to working with engineering teams
• Technical writing skills for documentation and guidelines

PREFERRED QUALIFICATIONS

• Experience with payment systems and transaction security
• Knowledge of mobile app protection
• Experience building security champions programs
• Background in penetration testing or security research

ROLE OVERVIEW

We are seeking a Senior Security Engineer to embed security throughout our product development lifecycle. You’ll work directly with engineering teams to identify and mitigate security risks through threat modeling, secure code reviews, and integrated security tooling across our web and mobile applications. This role is critical to establishing our secure development practices, implementing industry-standard SSDLC processes, and ensuring our financial products are resilient against evolving threats.