Cyber Security Engineer

Privalgo was founded in 2018 with a bold vision: to disrupt the international payments and FX sector with innovative solutions tailored for ambitious businesses.

Our founders, with decades of experience in the industry, envisioned a world where global money movement is more than just international transactions but seamless, transparent experiences that propel businesses forward.

What began as a small team of passionate innovators has grown into an over 80-person scaleup with a global footprint.

Today, we process over 100,000 payments a month and over £3bn annually for our clients. Our growth is a testament to our clients’ trust in our vision.

We are currently looking for a Cyber Security Engineer to join our dynamic, fast‑paced team within the rapidly evolving Financial Technology (Fin Tech) Payment Service Provider (PSP) sector.

The successful candidate will provide technical leadership, strategic guidance, and hands‑on expertise to ensure that our products, infrastructure, and services remain secure and compliant in a rapidly evolving threat landscape. This role involves close collaboration with technology, compliance, and business teams to embed robust security practices across the business.

• Develop, implement, and continuously refine the cyber security strategy for the organisation, aligning with business goals and regulatory requirements. Advocate for security best practices across all teams.
• Identify, evaluate, and mitigate cyber risks related to PSP operations, including payment processing systems, customer data, and third‑party integrations. Conduct regular risk assessments and vulnerability scans.

• Design and maintain secure network and application architectures; oversee secure software development lifecycle (SDLC) practices; ensure encryption, authentication, and authorisation controls are robust.
• Lead incident response activities, including detection, containment, eradication, and recovery. Conduct forensic investigations and post‑incident reviews, reporting findings to senior management.

• Ensure compliance with relevant regulations (e.g., PCI DSS, GDPR, PSD2), standards, and best practices. Liaise with auditors and regulators as required.

• Develop and deliver cyber security awareness programmes for staff. Mentor and guide junior engineers and other stakeholders on security matters.

• Evaluate and manage the security posture of third‑party vendors and partners, ensuring contractual obligations and technical controls are enforced.
• Stay abreast of the latest cyber threats, technologies, and regulatory changes. Continuously assess and improve the organisation’s security posture.

• Bachelor’s or master’s degree in computer science, Information Security, or related field.
• Proven experience (5+ years) in cyber security engineering, preferably within fintech, banking, or payment services.
• Strong understanding of payment processing systems, PSP operations, and regulatory frameworks (PCI DSS, PSD2, GDPR).
• Expertise in network security, application security, cloud security, and data protection.
• Demonstrable experience with security tools (SIEM, IDS/IPS, vulnerability scanners, endpoint protection).
• Experience in Microsoft Enterprise Security suite including, Microsoft Defender, Defender XDR, Defender Endpoint & Vulnerability Management, Entra , Cloud App Security, Purview, Data Leak Prevention, Intune, Azure PIM and Sentinel
• Hands‑on experience in incident response, threat hunting, and forensic analysis.
• Excellent communication, leadership, and stakeholder management skills.
• Analytical and detail‑oriented, with a pragmatic approach to problem‑solving.
• Proactive and adaptable, able to thrive in a fast‑paced, high‑stakes environment.
• Strong ethical standards and a commitment to confidentiality.
• Ability to lead and inspire cross‑functional teams.

As a business, we aim to be in the office together three times a week. We trust you to manage your week and stay responsible for your deliverables no matter where you are.