Senior Product Security Engineer

Senior Product Security Engineer

Financial Services | 6‑month Contract | Inside IR35
London - 2 days onsite per week

My client, a leading Payments company is looking for a Senior Product Security Engineer to join their evolving cyber security function. This is a key role focused on embedding security across the full product lifecycle and driving secure‑by‑design principles across engineering teams.

The Role

As a Senior Product Security Engineer, you will act as the primary security partner for product and engineering teams - ensuring applications are designed, built and maintained with robust security at their core. You will lead threat modelling, manage vulnerability backlogs, support incident response, and help uplift security maturity across development squads.

Key Responsibilities

Define and implement product security policies, tooling and standards across the SDLC
Lead threat modelling for new and existing applications
Own the product vulnerability backlog, prioritising and tracking remediation
Liaise on bug bounty findings and ensure timely fixes
Conduct root cause analysis for security incidents and systemic issues
Act as Incident Commander or Investigation Lead during security events
Partner with CI/CD teams to integrate SAST, DAST, SCA and other security controls
Collaborate with product, engineering and compliance stakeholders to deliver security initiatives

What You'll Bring

Strong expertise in vulnerability management, threat modelling and secure SDLC
Solid incident response and root cause analysis experience
Background in bug bounty or coordinated disclosure processes
Strong stakeholder engagement and communication skills

Experience with CI/CD pipeline security tools
Knowledge of third‑party risk and regulatory considerations

Please apply with your updated CV if the role is of interest