DevSecOps Lead Engineer

Our mission is to give the world access to the best products by empowering great brands to reach their growth potential.

Today's consumer brands need a capital provider that keeps pace with their growth ambitions. Traditional financing options are slow, cumbersome, and often out of reach. That's why we built Wayflyer.

Our unique technology allows us to assess businesses in minutes, generate financing offers that reflect their growth potential, and send funds in as little as 24 hours.

Since launching in April 2020, we've deployed over $4.5bn to thousands of brands worldwide, backed by Tier 1 banks like J.P. Morgan. We've become a trusted financing partner for some amazing brands, such as True Classic, Little Words Project, and Kekoa Foods.

Teams at Wayflyer are truly cross-functional. You'll collaborate with ambitious colleagues from around the world—all striving to deliver on a huge opportunity. Check out this video to hear directly from them.

• Collaborate in the design and development of products and systems, balancing security best practices with customer experience and developer friction.
• Design and implement proactive security measures through automated vulnerability detection and prevention pipelines early in the development lifecycle.
• Lead threat hunting initiatives and conduct in-depth security investigations using advanced analytics.
• Review code security using static analysis tools, focusing on high-confidence findings to identify and address vulnerabilities early in the development lifecycle without creating unnecessary developer friction.
• Build and maintain automated security testing frameworks to catch security issues early.
• Develop and implement real-time threat detection mechanisms using AWS security services.
• Create automated incident response playbooks and security orchestration workflows.
• Research and implement cutting-edge security tools and techniques for proactive defense.
• Mentor development teams on secure coding practices and threat modeling.

• Strong experience with Python and TypeScript ecosystems, and deep familiarity with GitHub's security features and workflows.
• Proven track record implementing proactive security measures and vulnerability detection pipelines.
• Deep understanding of AWS security services to develop real-time threat detection.
• Hands-on experience with modern security tools and automated testing frameworks.
• Strong background in CI/CD security and automated security testing.
• Working knowledge of security compliance and frameworks.
• Demonstrated ability to build and maintain security automation.
• Experience leading security investigations and incident response.
• Track record of successfully mentoring teams on security best practices.
• Strong communicator who can effectively collaborate across teams.

It's important that you can do most or all of the above and can point to real experience doing it. Experience in financial services, fintech, and B2B organizations is particularly interesting to us.

Additionally, you excel at prioritization, ensuring you're not spread too thin while supporting teams. You make balanced decisions between security needs and developer productivity, communicating clearly.

As a person, you're helpful, generous with your time and knowledge, and approachable. You’re always eager to learn and grow, both personally and professionally, and to help others do the same. You understand the importance of diversity, equality, inclusion, and belonging, and speak up when improvements are possible.

We’ll review every application we receive. If we're interested in progressing your application, we will contact you to learn more about you and your aspirations.

• Work remotely abroad for up to 60 days a year.
• Employee assistance program.
• Private healthcare, life, and critical illness cover.
• Pension plan.
• Generous parental and adoptive leave policies.
• Equity scheme—share in our success!