60 jobs found

Dunnhumby is the global leader in Customer Data Science, partnering with the world's most ambitious retailers and brands to put the customer at the heart of every decision. We combine deep insight, advanced technology, and close collaboration to help our clients grow, innovate, and deliver measurable value for their customers. Dunnhumby employs nearly 2,500 experts in offices throughout Europe, Asia, Africa, and the Americas working for transformative, iconic brands such as Tesco, Coca Cola, Nestlé, Unilever and Metro. Overview We are looking for an Application Security Engineer with a strong engineering mindset-someone who has built and maintained technical systems and understands how products are developed end to end. The ideal candidate may come from a security or product background, but must be deeply familiar with the SDLC, CI/CD pipelines, Git workflows, and modern software engineering practices. This role combines hands on security engineering with enablement, governance, and cross team collaboration. The Security Engineer will drive application vulnerability management, embed security into development pipelines, and guide engineering teams in building secure by design applications. Strong communication skills and the ability to build trusted relationships across both technical and non technical stakeholders is essential. Key Responsibilities Application Security Integrate security best practices into the SDLC and operate, tune, and maintain AppSec tooling (SAST, DAST, SCA). Provide secure design guidance, perform secure code reviews, reproduce issues, propose fixes, and validate remediations with developers. Cloud & Kubernetes Security Embed security checks in CI/CD for container images, IaC, and Helm charts & contribute to runtime protections such as admission controls, policy as code, scanning, and drift detection. Promote secure infrastructure configurations and Kubernetes defaults (RBAC, network policies, PodSecurity, secrets handling, image provenance). Vulnerability Management & Reporting Ensure CI/CD pipelines have robust, effective security coverage and manage exceptions & risk workflows. Maintain a consolidated vulnerability backlog with clear ownership and SLA tracking and build automated reporting using tools like Power BI or Excel/Pandas. Enablement & Governance Develop secure coding standards and practical developer guidance. Run secure development forums, build and maintain strong relationship with engineering teams and drive application vulnerability management through engagements and reporting. Act as a trusted advisor to both engineers and leadership - identifying and communicating risk clearly and persuasively. What You Can Expect From Us We won't just meet your expectations. We'll defy them. So you'll enjoy the comprehensive rewards package you'd expect from a leading technology company. We also offer personal flexibility, thoughtful perks such as flexible working hours and your birthday off. You'll benefit from an investment in cutting edge technology that reflects our global ambition while maintaining a nimble, small business feel that gives you freedom to play, experiment and learn. Diversity & Inclusion We don't just talk about diversity and inclusion. We live it every day - with thriving networks including dh Gender Equality Network, dh Proud, dh Family, dh One, dh Enabled and dh Thrive as the living proof. We want everyone to have the opportunity to shine and perform at your best throughout our recruitment process. Please let us know how we can make this process work best for you. Flexible Working We value and respect difference and are committed to building an inclusive culture by creating an environment where you can balance a successful career with your commitments and interests outside of work. Some roles lend themselves to flexible options more than others, so if this is important to you, please raise this with your recruiter.

Any company can tell you about how they are a multi award winning, market leading business and yes, we are both of those things in the world of IoT connectivity! But we're more than that. Our mission? To make IoT management a breeze for any device, anywhere. With over18 million IoT subscriptionsactive in165 countriesand direct partnerships with50 mobile networks, we connect you to more than750 networks worldwide, delivering unmatched value across the IoT connectivity chain. Innovation is in our DNA, and we have an insatiable hunger to 'wow'! While we may not always get it right, our drive to collaborate, innovate, and achieve top-notch customer satisfaction never wavers. We offer industry expertise, stellar service support, and the most flexible, resilient, and secure connectivity solutions on the market. Our expertise spans across various sectors, including industry, agriculture, healthcare, security, transport, utilities, and smart cities. IoT a fancy acronym or a secret code? TheInternet of Things (IoT)is like the magical glue that keeps the world connected! From ordering your favourite takeaway to the ANPR technology that helps you find a parking spot, IoT is everywhere-even if you don't realize it. AtWireless Logic, we provide cutting-edge connectivity solutions and technologies to ensure a vast array of devices stay seamlessly connected. The Opportunity: We are seeking a highly experienced VP Technology Operations to lead the safe, secure and resilient operation of all production platforms and services across Wireless Logic. This role is accountable for delivering five nines (99.999%) availability across critical services, ensuring that our platforms operate predictably, recover rapidly, and scale effectively under demand. You will act as the executive owner of live platform performance, leading incident response, operational governance, resilience engineering and production risk management. This role plays a critical part in ensuring that our technology estate supports a high availability, regulated and globally distributed business. Working closely with Engineering, Architecture, Security and Operations leadership, you will ensure that platform reliability is continuously improved and that all change is introduced safely into production. Key Responsibilities Include But Not Limited To: Production Reliability & Availability Own end to end production availability across all platforms and services Deliver sustained 99.999% availability for critical services Define and operate: SLAs, SLOs and error budgets RTO/RPO aligned to resilience objectives Drive improvements in: Observability and monitoring maturity Capacity management and performance optimisation Act as executive owner for: Major incidents Systemic production risk Customer impacting outages (technical resolution) Incident & Recovery Management Own the technology incident management framework Lead technical restoration during major incidents Coordinate cross functional engineering response Ensure rapid containment and recovery while managing systemic risk Conduct structured post incident reviews with: Engineering (permanent fixes) Architecture (design improvements) CISO (security implications) Service Operations (customer impact feedback) Drive elimination of repeat and systemic incidents Disaster Recovery & Resilience Engineering Own disaster recovery (DR) and resilience capability across all platforms Ensure: Failover capabilities are tested and proven Resilience is validated through regular exercises (e.g. chaos testing) Single points of failure are identified and removed Failure domains and blast radius are clearly defined and controlled Ensure resilience is engineered and evidenced, not assumed Production Change & Release Governance Own production change governance and release risk control Act as final authority on production release readiness Define and enforce safe deployment practices, including: Canary releases Phased rollouts Feature flagging Rapid rollback mechanisms Ensure all changes entering production: Are observable Have recovery mechanisms Minimise operational risk exposure Balance delivery velocity with platform stability Technology Operations & Platform Run Own operation of all production environments, including: Core platforms and shared services Cloud, network and hybrid infrastructure Observability and monitoring tooling 24x7 operational and on call capability Automation of operational processes Ensure platforms are: Secure and compliant Scalable and performant Cost efficient and optimised Operated in line with architectural standards Security Operations (SEC Ops) Operate Security Operations within Technology Operations under CISO governance Accountable for: SOC operations and monitoring Security event detection and triage Runtime vulnerability remediation Operational access controls Execution of containment actions during live incidents Partner with the CISO on: Security incident response Risk based decision making Escalate major trade offs between availability and security appropriately Operational Compliance & Audit Own operational control effectiveness within live environments Ensure readiness for: Regulatory compliance External audits Evidence collection and reporting Partner with: CISO (security controls) Risk, Quality & Compliance (assurance) MD Operations (enterprise governance) Ensure no material audit findings related to operational execution Reliability Engineering Influence Define production readiness standards for all services entering live environments Provide structured input into Engineering for: Reliability improvements Technical debt impacting availability Removal of operational toil Simplification of fragile dependencies Drive adoption of: Site Reliability Engineering (SRE) principles Automation first operations Error budget discipline Ensure reliability is treated as a shared outcome, with clear production accountability Own operational supplier performance and service levels Ensure: Vendors meet availability and response commitments Contracts support five nines objectives Cost efficiency does not compromise resilience Partner with Finance and Architecture on: Capacity planning Infrastructure lifecycle management Decommissioning legacy environments Measures of Success Sustained 99.999% availability for critical services Continuous reduction in MTTR and incident frequency Elimination of repeat and systemic failures Improved change success rate and reduced release risk Proven disaster recovery and resilience outcomes Effective containment of security incidents without customer impact No material audit findings in operational controls Increased automation and observability maturity Predictable and cost efficient platform operations Required Experience & Attributes Proven experience in a senior technology operations, SRE or platform leadership role Strong background in high availability, cloud based or distributed systems environments Experience delivering five nines availability or equivalent reliability targets Deep expertise in: Incident management and recovery Production operations and change governance Observability and monitoring frameworks Experience operating in regulated or compliance heavy environments Strong understanding of security operations in production environments Experience working in private equity backed or high growth organisations is desirable Wireless Logic Group unites and brings people together. We accomplish this when we lead with a lens of diversity, equity, and inclusion in everything we do. As a global company that drives culture we aim to reflect the world's diverse voices both internally and externally to ensure success in our mission. By applying for this role, you are consenting for us to hold and process your data in compliance with the General Data Protection Regulations. If you have any questions or wish to exercise your right to access, erase or restrict the holding or processing of your data please contact us () and we will respond to your query as soon as possible.

About the Role As an experienced Penetration Tester at Starling, you'll be joining an established team, working with talented cyber security professionals to ensure our services are designed, developed and operated securely. This is a collaborative role - you'll directly interact with multiple areas of the business to understand requirements, conduct research, perform security testing, and report issues aligned to our risk framework. Being an internal tester, you'll gain a strong understanding of how technology works at Starling to enable in depth testing. You'll also support remediation processes, seeing your findings lead to tangible security improvements. We understand the importance of knowledge and expertise remaining current, so we'll actively support your advancement through research and training. In turn, you'll help us continuously improve our processes, methodologies and tools to maintain the highest standard of testing. We're open minded when it comes to hiring and we care more about aptitude and attitude than specific experience or qualifications. Responsibilities Scoping and performing mobile, web application, cloud and infrastructure penetration tests. Collaborating with engineering teams to facilitate secure development, including: Reviewing and analysing proposed technical solutions to identify appropriate security controls. Conducting code reviews of features and critical security components. Performing in depth practical security testing. Advising on the remediation of security issues and identifying solutions to address root causes. Automating security testing and developing internal tooling to achieve continuous assurance. Identifying and implementing improvements to the team's internal processes and procedures. Mentoring less experienced team members, leading by example in technical assessments, and promoting a collaborative approach to security across Starling. Qualifications 5+ years technical information security experience. Experience in mobile, web application, cloud and infrastructure penetration testing. Technical knowledge - a good foundation in mobile security (iOS and Android), web application security, networking and associated protocols, cloud security (AWS and GCP), containers and Kubernetes. A desire to learn, and the ability to apply technical security knowledge to new and unfamiliar areas. Penetration testing qualifications (e.g. CREST Certified Tester, OSCP) or equivalent industry experience. Experience performing code reviews or code assisted testing, particularly in Java and Go. Experience in automation of security testing (e.g. using Python or Go). Excellent verbal and written communication skills. Interview Process First stage with the Penetration Testing Team Lead. Second stage with additional members of the Penetration Testing team. Final stage with Infosec Director and CISO. Benefits 25 days holiday (plus public holiday allowance). Extra day's holiday for your birthday. Annual leave increased with length of service, and you can choose to buy or sell up to five extra days off. 16 hours paid volunteering time a year. Salary sacrifice, company enhanced pension scheme. Life insurance at 4 your salary & group income protection. Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr & Mrs Smith and Peloton. Generous family friendly policies. Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks. Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing. Equal Opportunities Starling is an equal opportunity employer, and we're proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling Bank are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law.

Locations 4 John Carpenter St, London, Greater London, EC4Y 0JP, GB Job Schedule Full time Job Description JPMorgan Chase & Co. (NYSE: JPM) is a top financial services firm with over $2 trillion in assets, operating in more than 60 countries. As a leader in investment banking and various financial services, the firm's Cybersecurity & Technology Controls (CTC) group partners with all business lines to enhance cybersecurity, access management, and controls. The CTC group focuses on enabling business operations while ensuring protection and resilience. As a Cloud Security Engineer at JPMorgan Chase within the Cybersecurity & Technology Controls (CTC) group, your primary responsibility will be to ensure that Public Cloud is adopted in a secure and compliant manner. You will play an important role in identifying and managing risk related issues and actions with respective technology. You will have an eye for detail and an ability to see the big picture across security issues. Job Responsibilities Support the execution and enhancement of a long term information risk and control strategy designed to keep the information assets of the public cloud secure. Deliver risk based assessments of secure technology controls relating to cloud services, cloud platforms and architectural components. Support business technology teams to understand firm control requirements and implementations across a broad range of cloud architectures. Perform security reviews of infrastructure-as-code for cloud platform development and participating in threat modelling activities. Contribute to documentation and agile processes in support of security programs. Interface with wider CTC teams ensuring platform integration with security operations, threat intelligence, IAM and network security. Required Qualifications, Capabilities and Skills Formal training or certification on Information Security concepts and expanding applied experience. Eagerness to collaborate in a team, and comfortable in both virtual and office environments. Self-disciplined, self managed, self motivated and strong sense of ownership, urgency, and drive. Proficient verbal and written communication skills, including the ability to effectively participate in discussions and meetings with internal management, peer groups, regulators and senior stakeholders. Ability to prioritize and work under stringent timelines. Preferred Qualifications, Capabilities and Skills Keen desire to understand and secure public cloud technology. AWS, Azure or Google Cloud certifications would be an advantage. Hands on experience of developing, engineering or architecting within a public cloud environment would be an advantage. Experience engineering with Terraform or infrastructure-as-code would be an advantage. Understanding of DevOps or CI/CD concepts would be an advantage. About Us J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first class business in a first class way approach to serving clients drives everything we do. We strive to build trusted, long term partnerships to help our clients achieve their business objectives. We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit ourFAQs for more information about requesting an accommodation. About the Team Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.

Payments platform that focuses on iGaming, video gaming, e-commerce, retail, travel and hospitality. Paysafe has 30 years of expertise in payment technology, supporting card payments, digital wallets such as Skrill, eCash solutions like PaysafeCard, and local payment methods. Approximately 2,900 employees across 12 countries and an annualized transaction volume of $167 billion in 2025 connect businesses and consumers worldwide through innovative payment experiences. It starts here. Have a global impact on the world of payments. We are seeking a senior, strategic Principal Architect - Risk Platform to define and drive the architectural vision of Paysafe's global Risk capabilities. This is not a narrow solution role. Risk at Paysafe does not operate with traditional product teams. As such, this architect will: Act as the architectural authority and product-level thought partner for Risk Translate regulatory and commercial objectives into scalable platform capabilities Define the long-term Risk technology roadmap Shape how we build, integrate, orchestrate, and evolve risk engines globally You will operate at the intersection of architecture, regulation, platform engineering, and product strategy. What Paysafe stands for Being open and honest. Keeping focused. Operating with Courage. Pioneering the future. Our values and culture are driven by Equality, Development, Social Responsibility and Wellbeing. If you want to find out more about life at Paysafe, check out our careers page. How we work We follow a hybrid working model, spending an average of three days per week at our office location in Gresham Street next to St Paul's Cathedral with easy access via St Paul's, Bank, Cannon Street, City Thameslink, Liverpool Street, Farringdon, and Mansion House. What You Will Own Risk Platform Vision & Architecture Define and evolve the target architecture for the global Risk Platform Design end-to-end architectures for: Merchant underwriting and KYB PEP & sanctions screening Identity verification & device intelligence Ongoing due diligence and regulatory reporting Establish domain boundaries and service decomposition for risk capabilities Define scalable API contracts and event-driven flows for decisioning and reporting Regulatory Translation into Architecture Lead structured discovery sessions with: Risk Compliance Legal Regulatory KYC / AML Sanctions Translate AML, CDD/EDD, PSD2/PSD3, EMI licensing, and regional regulatory obligations into: Platform capabilities Regulatory explainability Audit trails Reporting obligations across UK, EU, and US Real-Time Risk & Event-Driven Decisioning Define integration patterns for: Real-time scoring Kafka / streaming frameworks Orchestration and fallback strategies Ensure deterministic and observable decision pipelines Architect integrations with external risk/compliance vendors such as: LexisNexis Ekata AML engines Sanctions screening services Define: Data mapping strategies Orchestration patterns Fallback and resilience patterns Reduce lock-in while preserving regulatory robustness Design cloud-native, horizontally scalable risk services in AWS/Azure Define: API gateway strategies Identity and access control models Data partitioning and sovereignty controls Architect for: Multi-region resiliency Regulatory data residency constraints Observability Infrastructure as Code Design structured, semi-structured, and event-based data persistence strategies Support: Batch AML monitoring Regulatory reporting Merchants Transactions Case management Ensure compatibility with enterprise data lake and analytics platforms Act as trusted adviser to Risk leadership Influence roadmap prioritization and capability sequencing Mentor engineers and domain architects Drive architecture standards and review forums Collaborate across Merchant, Consumer, and Platform engineering groups Technical Expertise Required 10+ years in architecture and engineering roles Deep experience in risk and compliance systems within fintech or payments Sanctions & PEP screening expertise Strong hands-on knowledge of: Event-driven architectures Kafka / streaming systems Experience designing structured and event-based data models Cloud-native architecture experience (AWS or Azure; multi-region preferred) Strong background in integrating third-party risk vendors Domain & Regulatory Knowledge Strong understanding of: AMLD requirements PSD2 / PSD3 PCI DSS EMI / E-money licensing constraints Familiarity with explainable AI in risk decisioning Audit and regulatory inspection readiness What Makes This Role Different Shape the Risk Platform as a product Influence regulatory readiness at architectural level Design systems that protect Paysafe's balance sheet Enable commercial growth while reducing fraud and regulatory exposure Ideal Profile Systems thinker with regulatory fluency Commercially aware Able to operate at board-level discussions and deep technical reviews A snippet of what you'll get in return Make your day work for you with our flexible working hours You decide what your holiday looks like with the option to buy or sell your holiday and carry over up to 5 days into the next year Enjoy social events on our rooftop terrace with views onto St Paul's Cathedral Our fully equipped facilities include showers, hairdryers and straighteners and fresh towels Start your day with a free breakfast, fresh fruit and snacks Take a breather in our dedicated wellbeing room Spend time with those important to you with our enhanced paid family policies Test our products Skrill and Neteller. Upon joining we will award you £50 into each wallet Enjoy our discounts on memberships via vitality including gyms, leisure centres, yoga/Pilates across the country Need a new Laptop or TV? We offer support purchasing Apple and LG products via Stormfront technology Join our six employee-led equality communities and help foster a workplace that celebrates diversity and creates opportunities to collaborate and learn Give back to the community with four paid charity days Kickstart your weekend early with our summer hours during the months of June, July and August with a 3pm finish every Friday We also offer private health insurance (pre-existing conditions are included), dental insurance, income protection, life assurance and more What to expect next Phone screen with Talent Acquisition Video introduction with the Hiring Manager Technical interviews with members of the team Business interview with key stakeholder Invited into the office for HR interview and to meet the team Paysafe is an equal opportunity employer. We value diversity and are committed to providing a work environment of mutual respect to everyone without regard to race, color, religion, national origin, age, gender identity or expression, or any other characteristic protected by applicable laws, regulations and ordinances.