Product Security Specialist

Excited to grow your career? Our purpose is to make it easy for people to save and invest for a better future. We are looking for great people to join us, so please come and invest in YOUR future at Hargreaves Lansdown.

We know that sometimes people can be put off applying for a job if they don't tick every box. If you're excited about working for us and have most of the skills or experience we're looking for, please go ahead and apply. We’d love to hear from you!

As a Product Security Specialist (PSS) at HL, you will be a key member of a collaborative team of security professionals dedicated to safeguarding HL's products and services.

In this role, you will serve as the primary security contact for assigned product teams/squads, providing expert guidance on security issues and requirements.

You will champion secure development practices throughout the software development lifecycle, with a strong emphasis on "shift-left" principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO organisation, including Application Security, Offensive Security, and others to continuously improve HL's overall security posture.

This position offers the opportunity to work with modern technologies and influence the security of innovative products, while fostering a culture of security awareness and resilience across the organisation.

• Oversee security related issues across multiple product teams/squads.
• Working within Product teams, you will be the single point of contact for security related matters ranging from daily significant change to complex Cloud serverless transformation projects.
• You will have the ability to work with infrastructure as code and understand complex architectures.
• You will Lead/facilitate threat modelling workshops with SMEs. Engage with key stakeholders to identify threats and recommend countermeasures. Participate in architectural reviews of Product cloud implementations against security best practice, relevant threats, and acceptable risks.
• Support in the creation and implementation of architecture blueprints and proof of concepts on Cloud platforms supporting best practice, secure by design.

• Demonstrable experience in a Security related role.
• A proven track record, of working with one or more of the main cloud vendor platforms, specifically AWS.
• Certifications such as AWS Solutions/ Security Engineer, Azure Solutions/ Security Engineer are preferred.
• Excellent communication skills, including communicating complex technical concepts to non-technical stakeholders.
• Technical background across multiple security domains and familiarity with cloud security standards.
• Experience within an Agile ways of working and DevSecOps context.
• Problem solving skills - with the ability to use own experience to develop pragmatic solutions and resolve complex issues.
• Certifications such as CISSP, CEH, OSCP, or GSEC are preferred. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO.
• Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS.
• Experience in conducting threat modelling and risk assessments.

The interview process for this role is two stages including a technical competency-based question and a task.

This role is based in Bristol head office, BS1 5HL. This role is permanent, full time, 37.5 hours per week, Monday to Friday. We have returned to the office, however for this role we offer a hybrid flexible working pattern.

Here at HL, we’re the UK’s number 1 investment platform for private investors, based in Bristol. For more than 40 years we’ve helped investors save time, tax and money on their investments.

To achieve our mission, we believe we have a workplace like no other, with constant learning, dynamic teams, and a great ethos. We're steered by core values that promote service, quality, innovation, and opportunity in everything we do.

• Discretionary annual bonus * and annual pay review
• 25 days * holiday plus bank holidays and 1-day additional Christmas closure
• Option to purchase an additional 5 days holiday **
• Flexible working options available, including hybrid working
• Enhanced parental leave
• Pension scheme up to 11% employer contribution
• Income Protection and Life insurance (4 x salary core level of cover)
• Private medical insurance*
• Health care cash plans - including optical, dental, and out patient care
• Health screening programme
• Help@hand - confidential support including mental health counselling and remote GP
• Wellhub - unlimited access to fitness provider s and w ellness c oach sessions
• Variety of travel to work schemes with bike storage and shower facilities
• Inhouse barista and deli serving subsidised coffee and sandwiches
• T wo paid volunteering days per year

* dependant on role level

** only available to select during our annual benefits window, in November each year

Hargreaves Lansdown is an inclusive employer that values diversity in its workforce. We encourage applications from all individuals without regard to race, religion, gender, sexual orientation, national origin, disability or age.

This role may also be available on a flexible working or part time basis – please ask the Recruitment & Onboarding team for more information.

Please note, we are unable to provide employment sponsorship to candidates.