Senior Product Security Engineer

at Tide
  • Remote - Romania

Remote

Cybersecurity

Senior

Job description

ABOUT TIDE

At Tide, we are building a business management  platform designed to save small businesses time and money. We provide our members with business accounts and related banking services, but also a comprehensive set of connected administrative solutions from invoicing to accounting.

Launched in 2017, Tide is now used by over 1 million small businesses across the world and is available to UK, Indian and German SMEs. Headquartered in central London, with offices in Sofia, Hyderabad, Delhi, Berlin and Belgrade, Tide employs over 2,000 employees.

Tide is rapidly growing, expanding into new products and markets and always looking for passionate and driven people. Join us in our mission to empower small businesses and help them save time and money.

ABOUT THE TEAM

The Tide Security Engineering team is made up of three core areas: Product Security, Threat Detection & Response, and Identity.

Product Security(this role!) consists of application and cloud security experts. Their mission is to protect the products we build, covering everything from secure design reviews to threat modelling and penetration testing, ensuring security is embedded from the ground up.

Threat Detection & Response (this role!) focuses on protecting the company by building a robust detection and automation platform. We’re proactive in our defence, constantly hacking ourselves to improve our security posture and staying ahead of emerging threats. Our goal is to make Tide resilient against the ever-evolving threat landscape.

Identity is responsible for managing Tide’s staff identity platform, ensuring that access to systems and infrastructure is secure, seamless, and aligned with modern security practices. The team uses strategies like zero trust, multi-factor authentication, and granular role-based access controls to safeguard our internal operations.

While each area has its own focus, collaboration is key - it’s why we share the same Slack channel and hold our standups together as one cohesive team, ensuring alignment and seamless communication across all security functions.

ABOUT THE ROLE

First and foremost you will be passionate about security and resilient software development processes. You will enjoy hunting for vulnerabilities in our web and mobile applications and working with our engineering teams to remediate them strategically. You will be comfortable explaining security issues and concerns to product owners, engineers, VPs and executives and love the feeling you get when this results in them releasing a more resilient product. You will be a keen follower of all things Infosec and constantly be on the lookout for ways to apply new industry trends, tools and automations to your day-to-day role.

As a Senior Product Security Engineer you’ll:

  • Regularly dive deep into mobile, web app technologies in order to understand feature development and proactively hunt for vulnerabilities
  • Be proficient in securing cloud-native applications, ensuring that security best practices are applied consistently across our cloud environment
  • Be proficient in threat modelling and guide developers in secure design principles to prevent vulnerabilities from being introduced in the first place
  • Help remediate vulnerabilities through strategic initiatives, writing patches, or creating understandable and actionable vulnerability tickets.
  • Be the subject matter expert across a wide range of security areas, particularly in Application Security.
  • Make security invisible when possible, believing that gatekeeping and blocking product teams should be avoided in favour of enabling secure development.
  • Mentor and coach junior engineers, sharing your knowledge to help raise the security bar across the organisation
  • Leverage automation and security tools to seamlessly integrate security into our CI/CD pipelines, ensuring vulnerabilities are caught early without disrupting development.

WHAT WE ARE LOOKING FOR

  • You have a breadth and depth of knowledge across AppSec; you’re expected to understand topics like why private keys should be stored in the Secure Enclave, the differences between URL Schemes and Universal Links, what presigned URLs are in the context of S3 and the safest storage mechanisms for modern browsers.
  • You know Burp Suite (or your favourite attack proxy) inside and out; bonus points if you’ve written or contributed to an extension that enhances its functionality.
  • You have excellent spoken and written communication skills to articulate vulnerabilities clearly and persuasively, advocating for their remediation even when faced with competing production pressures.
  • As a passionate senior security engineer, you have a blog, public speaking engagements, bug bounty profile, or a Git repository showcasing your work.
  • You’re comfortable writing proof-of-concept (POC) scripts to demonstrate your findings and their potential impact, as needed.
  • You have hands-on experience with securing cloud-native applications, ensuring that best practices are consistently applied.

TIDEAN WAYS OF WORKING

At Tide, we champion a flexible workplace model thatsupports both in-person and remote work to cater to the specific needs of our different teams.

While remote work is supported, we believe in the power of face-to-face interactions to foster team spirit and collaboration. Our offices are designed as hubs for innovation and team-building, where we encourage regular in-person gatherings to foster a strong sense of community.

#LI-CC1 #LI-Remote

TIDE IS A PLACE FOR EVERYONE

At Tide, we believe that we can only succeed if we let our differences enrich our culture. Our Tideans come from a variety of backgrounds and experience levels. We consider everyone irrespective of their ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity or differently-abled status. We celebrate diversity in our workforce as a cornerstone of our success. Our commitment to a broad spectrum of ideas and backgrounds is what enables us to build products that resonate with our members’ diverse needs and lives.

We are One Team and foster a transparent and inclusive environment, where everyone’s voice is heard.

At Tide, we thrive on diversity, embracing various backgrounds and experiences. We welcome all individuals regardless of ethnicity, religion, sexual orientation, gender identity, or disability. Our inclusive culture is key to our success, helping us build products that meet our members’ diverse needs. We are One Team, committed to transparency and ensuring everyone’s voice is heard.

You personal data will be processed by Tide for recruitment purposes and in accordance with Tide’s Recruitment Privacy Notice .

Share this job:
Please let Tide know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Tide logo

Tide

Transforming SME banking

  • 501-1000 employees
  • Founded in 2015
  • 68 remote jobs
View all jobs

Latest Jobs at Tide

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply