Senior Security Engineer

Join Colibrix One - Innovating the Future of Payments

At Colibrix One, we're building advanced, AI-powered payment technologies that support Payment Service Providers (PSPs), Electronic Money Institutions (EMIs), and neobanks across the EU and the UK. As a fully licensed EMI (FCA reference number 927920) and a Principal Member of Mastercard, we offer real-world financial solutions that include:

• Global card processing
• Digital wallet infrastructure
• Cross-border merchant accounts
• Alternative payment methods (APMs)
• Corporate accounts for legal entities

We're a fast-growing team with a passion for innovation, security, and scalability. Our culture values curiosity, collaboration, and impact - and we're looking for talented professionals who are ready to shape the future of fintech.

At Colibrix One, your work directly powers the digital economy. If you're eager to solve meaningful challenges and build with purpose, we'd love to hear from you.

• Develop and enforce security standards: IAM, access control, data protection.
• Assess cybersecurity risks in the platforms and products.
• Ensure cloud & infrastructure security: AWS, Kubernetes, WAF, IPS.
• Harden networks and integrations: API gateways, secure configs, monitoring.
• Implement DevSecOps practices: sSDLC, security requirements, CI/CD pipelines.
• Conduct code security testing: SAST, DAST, dependency scanning.
• Manage patch & vulnerability lifecycle: scanning, prioritization, remediation.
• Oversee privileged access management: least privilege, session monitoring.
• Support security in system integrations: API security, token management.
• Operate and develop SIEM: log collection, rule tuning, dashboards.
• Participate in incident response: detection, containment, root cause.
• Collaborate on penetration tests: coordinate, fix findings, validate.
• Perform risk & resilience assessments: threat modeling, BCP/DR validation.
• Maintain compliance alignment: PCI DSS, DORA, SWIFT, ISO 27001, etc.
• Operate endpoint protection (optional): MDM, A/V, XDR.

• Proven experience in building compliance processes and preparing for external audits.
• Solid understanding of cloud security (AWS, Kubernetes, Terraform).
• Practical experience in DevSecOps and sSDLC tooling and adoption in pipelines.
• Application Security proficiency.
• Experience in incident response and SOC/SIEM operations.
• Proficiency in risk management and business continuity planning.
• Knowledge of PCI DSS, ISO 27001, NIST, GDPR, DORA.

• Experience in fintech or banking.
• Participation in certification projects (PCI DSS, ISO, SOC 2).

Relevant certifications: CISSP, AWS Security Specialty. OSCP/E.

* Employment will be offered through one of the group's legal entities - Mellifera Kartiera Ltd, Colibrix Ltd, or Mellifera Operations Ltd - depending on the role, location, and applicable legal framework.

Please note that Colibrix One is a brand representing a group of legal entities. The employment contract will be signed with the relevant company within the group (Mellifera Kartiera Ltd, Colibrix Ltd, or Mellifera Operations Ltd) depending on the nature of the position and jurisdiction.

This position is offered within the Colibrix one. Employment will be under the appropriate legal entity based on the role and location.