Skip to main contentA logo with &quat;the muse&quat; in dark blue text.
Thought Machine

Threat Operations Security Engineer

London, United Kingdom

Thought Machine's mission is bold - to properly and permanently rid the world's banks of legacy technology. To achieve this, we have developed the foundations of modern banking through core and payments technology which run natively in the cloud. What we are attempting is hard and means we need great people working together to build great technology.

We have grown rapidly in the past few years - growing our team to more than 550 individuals across offices in London, New York, Singapore and Sydney. We have raised more than $500m in funding and are now valued at $2.7bn. Our investors include Molten Ventures, Eurazeo, Intesa Sanpaolo, Temasek, Nyca Partners, JPMorgan Chase Strategic Investments, Standard Chartered Ventures, and more.

Want more jobs like this?

Get Software Engineering jobs in London, United Kingdom delivered to your inbox every week.

By signing up, you agree to our Terms of Service & Privacy Policy.

We have created a culture that enables our team to produce the best work in the industry while ensuring we have fun along the way. We're regularly cited as having a fantastic workplace culture and have been recognised by Sifted magazine as having one of the highest Glassdoor ratings for a UK fintech company and the industry's most generous employee share package. Global Finance Magazine named us one of the world's most innovative fintechs, and the Financial Times recognised us as one of Europe's fastest-growing companies in 2023 and 2024.

A Threat Operations Security Engineer plays a vital role in the Threat Operations team. We seek engineers who are proficient in creating solutions (often in code), who can approach security threat operations with creativity. It's essential they can effectively manage and leverage our large datasets of telemetry to help us identify, investigate, and defend against threats. We value a culture of exploration and collaboration, where sharing unique ideas and perspectives enriches the team's collective efforts.

The Threat Operations security team is focused on having a diverse team of people who are passionate about identifying threats, identifying security events, performing event analysis, responding to security incidents, and monitoring the security state of the environments at Thought Machine. The team builds and maintains specific technology stacks to collect and examines large datasets, and maintains continuous operations to support its endeavours.

A large part of the Thought Machine security function is a greenfield; we are building the bank of tomorrow with cutting-edge technology. To achieve this we need innovative thinking to create security solutions in our products and our infrastructure. We look for people who think outside the box, and outside of traditional silos to find unique solutions and approaches to security that lead the industry.

Duties

  • Continuously develop, integrate, and operate highly available log collection, event monitoring, alert generation, and incident management tooling and services for security using Elastisearch on Kubernetes.
  • Drive standardisation, efficiency, and consistency across our Threat Operations solutions and security technology stack.
  • Mentor members of the team in the use of Elasticsearch, its deployment and operation, and supporting infrastructure.
  • Define the vision and provide technical designs for the effective maintenance and use of Elasticsearch as its capabilities evolve.
  • Automate processes and procedures to continuously reduce the manual work associated with the operation of the Threat Operations solutions and security technology stack.
  • Maintain documentation to ensure the repeatability and standardisation of Threat Operations procedures
  • Participate in the response to incidents as they occur as part of our security incident response rotation, and manage security incidents throughout their lifecycle.
  • Perform investigation and analysis of security incidents in collaboration with engineers across the company.
  • Contribute to a programme of continuous improvement in threat assessment, incident management, and security posture.
  • Develop, integrate, and operate data and metric reporting on relevant security measures.
  • Participate in the security on-call rotation (compensated).

Requirements

Essential

  • Experience with building, operating, and maintaining the Elasticsearch stack and supporting infrastructure as a security logging and incident detection platform at scale.
  • Familiarity with functional and non-functional requirements for operating Elasticsearch as a security logging and incident detection platform.
  • Experience with continuous integration / continuous deployment tooling and processes.
  • Comfortable using the command line in Linux and MacOS environments.
  • Creative thinking in the areas of security detection and data collection.
  • Strong interpersonal and communication skills to support collaboration with other personnel and teams. and an ability to assemble thoughts and data for communication to stakeholders.

Desirable

  • Familiarity with Cloud and container technology (AWS, GCP, Kubernetes, Docker).
  • Familiarity with infrastructure as code tooling such as Terraform.
  • Familiarity with the broader Elastic stack of tools and their uses.
  • Experience creating new detections, triaging alerts and conducting security investigations.
  • Experience in threat detection, threat intelligence, or incident response activities.
  • Familiarity with requirements for good incident response, investigation, and evidence-handling techniques and procedures.
  • Experience with coding in common languages such as Python or Go.
  • Elastic certified engineer certification.
  • Contributions to the security community (open source tools, public research, blogging, presentations, etc).

Benefits

  • Highly competitive salary
  • Pension plan (match up to 7%)
  • Life insurance - three times annual salary
  • Competitive maternity (six months fully paid) and paternity leave (four weeks fully paid)
  • Shared parental leave (matched to our maternity leave for the same point in time)
  • 25 days holiday and bank holidays
  • Private health insurance with Bupa for you and your family
  • Health cash plan (including dental and optical)
  • Flexible working hours
  • Cycle-to-work scheme
  • Electric car scheme
  • Season ticket loan
  • Access to outstanding learning materials and courses
  • Sports and hobby clubs, subsidised by Thought Machine
  • All the latest tech you need
  • Start the day properly with fresh fruit and cereals
  • Huge range of healthy (and not-so-healthy) snacks, smoothies and drinks
  • A talented and experienced team as your colleagues
  • An environment where we encourage learning and progress
  • Two charity days a year
  • Weekly food pop-up

Client-provided location(s): London, UK
Job ID: Thought_Machine-286
Employment Type: Other

Perks and Benefits

  • Health and Wellness

    • Health Insurance
    • Dental Insurance
    • Vision Insurance
    • Life Insurance
    • Short-Term Disability

  • Work Flexibility

    • Flexible Work Hours
    • Hybrid Work Opportunities

  • Office Life and Perks

    • Casual Dress
    • Snacks
    • Some Meals Provided

  • Vacation and Time Off

    • Personal/Sick Days
    • Paid Vacation
    • Paid Holidays

  • Financial and Retirement

    • Company Equity
    • 401(K) With Company Matching

  • Professional Development

    • Access to Online Courses
    • Lunch and Learns

  • Diversity and Inclusion

    • Diversity, Equity, and Inclusion Program

Search Additional Jobs

Threat Operations Security Engineer Jobs in London, United KingdomJobs in London, United KingdomSoftware Engineering Jobs in London, United Kingdom