Markets Product Security Engineer - UK

Social network you want to login/join with:

Client: ION

Location: London, United Kingdom

Job Category: -

EU work permit required: Yes

Job Reference: fa5fc5bc22af

Job Views: 11

Posted: 26.04.2025

Expiry Date: 10.06.2025

The Role: This is an exciting opportunity to work with the Information Security and Compliance Team at ION. As a Product Security Engineer, you will be a key enabler of secure and compliant products. You should have knowledge of attack paths across the technology stack, including tactics, techniques, and procedures (TTPs) used by adversaries to exploit vulnerabilities. You will serve as a trusted advisor throughout the product development lifecycle, incorporating knowledge of emerging threats, business goals, and system design to enhance platform security. Your responsibilities include aligning the Markets security strategy, security design, and controls engineering with the product roadmap, as well as providing transparency to leadership on product control performance and associated risks.

• Monitor and identify security events and emerging threats related to your managed product line and dependencies.
• Act as the interface between CSIRT and Product teams during security incident activities.
• Conduct threat modeling and hunting to identify vulnerabilities in product design and recommend controls to mitigate risks.
• Participate in architecture and design reviews to ensure alignment with security strategies and industry best practices.
• Stay updated on industry trends, best practices, and regulatory standards impacting product implementation.
• Support the engineering of control solutions where existing offerings are unavailable.
• Provide security expertise during incident and problem management.
• Produce threat intelligence briefings and share information across the organization.
• Respond to ad-hoc requests for platform security guidance.
• This role may involve overnight, weekend, and on-call activities.

• Experience working within the financial services or other highly regulated industries in a technical role.
• Knowledge of information security management, governance, compliance principles, laws, regulations, NIST, ISO, NIS, DORA, GDPR.
• Understanding of IT systems, network infrastructure, data architecture, and protocols.
• Familiarity with cyber and cloud security standards, architecture, controls, and solutions (e.g., CIS, CSF).
• Skills in security tooling: SIEMs, vulnerability scanners, firewalls, EDR products.
• Scripting proficiency in Python, BASH, or PowerShell.
• Experience in security incident management, risk assessment, and providing security expertise.
• Strong communication skills to explain security issues to technical and non-technical audiences.

• Communicate technical issues effectively.
• Handle sensitive and confidential information.
• Follow complex instructions.
• Analyze and write clearly in technical language.
• Work independently, prioritize tasks, and adapt to change.
• Remain calm under pressure.

• GCIH
• CSEC
• CSSLP
• CISSP
• CASP+

We’re a diverse group of innovators providing trading and workflow automation software, analytics, and consulting to financial institutions and governments. Founded in 1999, we have grown significantly, serving over 2,000 leading corporations, including 50% of the Fortune 500 and 30% of the world’s central banks. Our solutions are trusted globally, with offices in over 40 cities and a dynamic, expanding team of 13,000 employees. We offer an unparalleled career experience for those aligned with our vision.