Senior Security Engineer - Manchester

As a leading, global financial information services provider, Fitch Group delivers vital credit and risk insights, robust data, and dynamic tools to champion more efficient, transparent financial markets. With over 100 years of experience and colleagues in over 30 countries, Fitch Group’s culture of credibility, independence, and transparency is embedded throughout its structure, which includes Fitch Ratings, one of the world’s top three credit ratings agencies, and Fitch Solutions, a leading provider of insights, data and analytics. With dual headquarters in London and New York, Fitch Group is owned by Hearst.

Fitch's Technology & Data Team is a dynamic department where innovation meets impact. Our team includes the Chief Data Office, Chief Software Office, Chief Technology Office, Emerging Technology, Shared Technology Services, Technology, Risk and the Executive Program Management Office (EPMO). Driven by our investment in cutting-edge technologies like AI and cloud solutions, we’re home to a diverse range of roles and backgrounds united by a shared passion for leveraging modern technology to drive projects that matter to our organization and clients. We are also proud to be recognized by Built In as a Best Place to Work in Technology 3 years in a row. Whether you're an experienced professional or just starting your career, we offer an exciting and supportive environment where you can grow, innovate, and make a difference.

Fitch Group is currently seeking a Security Engineer based out of our Manchester or Warsaw office. We are looking for an Associate Director level security engineer to join our Information Security team. The successful candidate will be capable of taking on complex, multi-faceted security issues, and independently lead in correcting control posture.

• Lead in tactical and strategic design and implementation of control sets for emerging technologies. Delegating action and keeping senior stakeholders aligned.
• Scope and own execution of assessments performed by third party consultants, ensuring remediation is adequately negotiated and ultimately enacted by other technology teams.
• Reviewing target architecture designs, ensuring any security risks are understood and documented. These changes include application updates, and modifications to network and identity provider configurations.
• Reviewing security policies, standards, procedures, and metrics, and participating in security monitoring use case design.
• Owning the continuous optimization of team workflows with the help of agentic technology and scrum tooling.

• A minimum of 5 years of effective experience building and assessing enterprise systems.
• Deep conceptual understanding of AWS and Azure, and their identity platforms.
• Strong understanding of OAuth, OIDC, and modern access control. Fluidity in designing and reviewing authorization flows.
• Strong familiarity with adversary tradecraft, including identity and network perimeter attack primitives. Able to produce PoC attack sequences, for controls testing. Prior offensive security experience, or hands on offensive security certification strongly preferred.
• Ability to accurately, and pragmatically threat model business workflow, identifying the areas of control required, and documenting them.
• AI-first mindset; able to identify and act upon opportunities to automate analysis and administrative tasks, while improving the quality of assessment output.

• Hybrid Work Environment : 2 to 3 days a week in office required based on your line of business and location
• A Culture of Learning & Mobility : Dedicated trainings, leadership development and mentorship programs designed to ensure that your time at Fitch will be a continuous learning opportunity
• Investing in Your Future : Retirement planning, financial wellness and tuition reimbursement programs that empower you to achieve your short and long-term goals
• Promoting Health & Wellness : Comprehensive healthcare offerings that prioritize a healthy body & mind
• Supportive Parenting Policies : Family-first policies, including a generous global parental leave plan, designed to help you balance career and family life effectively
• Dedication to Giving Back : Paid volunteer days and support for community engagement initiatives