
Granola · London
Hey! We're team Granola 👋 If you haven't already, you should check out what we're building, and why you should work here. In this role, you will be responsibl...
Hey! We're team Granola 👋 If you haven't already, you should check out what we're building, and why you should work here.
In this role, you will be responsible for identifying and mitigating security vulnerabilities within Granola's applications,
building security tools, and working closely with our development teams to integrate security throughout our software development
lifecycle. You'll help establish a robust security culture as we unlock Granola for the next 100x users.
posture
vulnerabilities in our applications
efforts
design, encryption or similar) and a genuine interest in going deeper into application security
appetite to grow across the rest
phase)
We are living in the most exciting time for tool builders since Engelbart's demo in 1968. We want to assemble the best crew to
build this future together, here in London. Our compensation philosophy is to pay slightly above market on salary and above market
on equity.
We do our best work in person, and so our team spends time together five days per week in our new, bright, and spacious office at
Old Street. We are happy to offer relocation assistance to candidates who'll be moving to London to join us.
Lastly, we think amazing talent comes from all kinds of life journeys and experiences. If what is written above speaks to you,
whether you look like a fit on paper or not, please reach out.
OPPORTUNITY The Security Engineer will join Brunswick's Information Security team and play a key role in supporting the firm's secure adoption of AI and emerging technologies. This role will act as a dedicated security professional supporting requests and initiatives originating from the firm's AI team, providing security review, architecture input, and risk-based guidance across third-party AI tools, enterprise platforms, AI-enabled applications, and internally developed solutions. Working closely with the AI team, ICT, application owners, and business stakeholders, the Security Engineer will help ensure new technologies are protected through appropriate security controls and guardrails throughout the development and delivery lifecycle. ABOUT THE ROLE In this role, you will provide technical security expertise across AI-related requests, third-party AI tools, internally developed applications, workflows, enterprise features, and emerging agent-based use cases. Key responsibilities include: * Review and assess third-party AI tools, enterprise AI platforms, and new AI-enabled features, including solutions such as ChatGPT, Claude, Microsoft Copilot, and other emerging technologies. * Review and assess requests relating to AI-enabled solutions, enterprise AI platforms, new features, integrations, and internally developed applications. * Provide security architecture guidance for applications and solutions developed or introduced by the AI team. * Support the implementation of security guardrails, governance processes, and secure design patterns for AI adoption across the firm. * Conduct STRIDE-based threat modelling for new internally developed solutions, AI-enabled workflows, integrations, and automation use cases. * Assess risks associated with AI use cases, including data exposure, prompt injection, model misuse, third-party dependency risk, inappropriate access to sensitive information, and insecure integrations. * Advise on secure design principles, including identity and access management, data protection, logging, monitoring, encryption, resilience, and secure configuration. * Define and document security requirements, architecture decisions, design recommendations, and risk-based remediation actions. * Monitor emerging AI security risks, attacker techniques, and industry best practices, ensuring relevant mitigations are considered within Brunswick's environment. WHAT WE'RE LOOKING FOR We're looking for an experienced, technically capable security professional who can combine strong security engineering expertise with practical judgement and clear communication. The ideal candidate will demonstrate: * 5-7 years' experience in cyber security, information security, security engineering, or a related technical security role. * Proven experience providing security guidance across technology projects, enterprise platforms, AI-related initiatives, third-party tools, cloud-based solutions, or internally developed applications. * Strong understanding of security architecture and secure design principles, including identity and access management, data protection, logging, monitoring, encryption, network security, and resilience. * Familiarity with AI-related technologies, enterprise AI platforms, large language models, agentic AI, and the security risks associated with AI adoption. * Experience conducting STRIDE-based threat modelling, technical risk assessments, or security design reviews. * Practical understanding of cloud and enterprise environments, particularly Microsoft 365, Azure, SaaS platforms, and modern workplace technologies. * Ability to translate technical security risks into clear, business-focused recommendations. * Strong written and verbal communication skills, with confidence engaging technical and non-technical stakeholders. * Understanding of security risks associated with third-party AI tools, internally developed AI applications, integrations, automation, and agent-based use cases. * Sound judgement, attention to detail, and the ability to balance security requirements with business needs. * Experience working in an ISO27001-aligned or regulated environment would be beneficial. * Preferred, but not essential, certifications: * ISC2: CISSP, CCSP, SSCP * ISACA: CISM, CISA, CRISC * CompTIA: Security+, CySA+, CASP+ WHY JOIN US Whether you are joining a client facing team, a core services team, or starting out on your professional career journey, joining Brunswick unlocks a range of employee benefits to support your financial future, health and wellness, family and community and continuous professional development. ABOUT BRUNSWICK Brunswick is a global advisory firm. We help companies tackle high-stakes issues, navigate complex stakeholder relationships, and deliver high-impact outcomes. Our clients value our ability to anticipate, shape, and respond to the key players and forces in the financial and investment arena, regulatory and geopolitical universe, NGO community, workforce and beyond. They rely on us for deep experience, fresh perspectives and original thinking. So, in Brunswick you will find an exceptional range of experience and talent with a rich mix of backgrounds. From the beginning, we have prioritized attracting, developing, and retaining the best professionals in the industry, united by a culture of inclusivity, excellence, and intellectual curiosity. Founded in 1987 in London, the firm has organically grown to 27 offices in 18 countries across the Americas, Europe, Middle East, Africa, Asia and Australia. We operate as a “one-firm firm” with no individual profit centers. This allows us to assemble fully integrated, bespoke teams for each client, able to draw on the full resources of Brunswick anywhere in the world. Brunswick is an equal opportunity employer. All qualified applicants will be considered without regard to race, religion, color, national origin, gender, sexual orientation, age, disability, pregnancy, genetic information, or any other status protected by applicable law. Please read our Global Privacy Notice to understand how your data is managed.
🗣 Natter harnesses the power of AI and video to give everyone a voice. In early April 2026, Natter announced its Series A. $23M raised to define the enterprise conversation intelligence category. Natter is already being used by some of the world’s largest companies including ServiceNow, Accenture, Philip Morris, Lego, PwC, Mondelez, Cox Enterprises, SAP, Miro, Deloitte, Synopsys and many more. Natter’s conversational AI platform allows tens of thousands of users to simultaneously share ideas and feedback through real-time video conversations. Its uniquely scalable tech allows anyone with a smartphone to, literally, have a say on the most important decisions - ranging from workplace strategy to new product offerings. We partner with some of the world’s largest and most complex enterprises (Fortune 500 and equivalent), and are currently growing our team from 30 to 60 employees. LOCATION Hybrid: London based, with flexible, fluid work options that support in-person collaboration where it makes sense. We’re committed to building a diverse team and welcome people from all backgrounds to apply. If you’re excited about this role and our mission but aren’t sure you meet every qualification, reach out anyway. You may be just the right candidate. THE OPPORTUNITY We’re seeking a hands-on Security Engineer with 4-8 years of experience in high-growth, cloud-native environments to help us enhance and implement security across our tech landscape including web application, cloud infrastructure and endpoints, working alongside our customers, and promote a security-first culture as we scale. As our first dedicated security engineering specialist, you’ll work both operationally and strategically, partnering closely with our Information Security & Risk Management Lead and collaborating cross-functionally with engineering, product, and other teams. You’ll own the technical aspects of security, implement and harden controls, manage threats, respond to incidents, elevate our security posture, ensure a security-first culture and drive strategic improvements and projects as we scale. You’ll also collaborate with our Solutions Engineering Lead on enterprise onboarding, helping customers navigate security, identity, networking, and compliance requirements during technical validation and rollout. RESPONSIBILITIES As a Security Engineer at Natter, you’ll: * Conduct security assessments, threat hunts, code and logs reviews, and penetration testing to identify vulnerabilities in our applications, and drive continuous monitoring improvements. * Design, implement, optimize, and monitor security controls and tooling from the ground up, strengthening security across endpoints, infrastructure, and application CI/CD pipelines. * Collaborate with engineering teams to raise the security bar through reviews, guidance, and automation. * Respond to security incidents in real time - manage containment, remediation, forensics, and root cause analysis. Also participate in tabletop exercises, incident simulations, and coordinate external penetration tests. * Partner with Solutions Engineering to support enterprise customer onboarding, including SSO integrations (SAML/OIDC), network allowlisting, and security reviews. * Join customer-facing technical and security discussions where needed, acting as a trusted security point of contact. * Risk Management: support the Information Security & Risk Management Lead with vendor security assessments to evaluate third-party risk, and ensure Natter meets its present and future regulatory and certification requirements (GDPR, ISO 27001, ISO 42001 etc.). * Stay current on emerging threats, vulnerabilities and technologies, and contribute to company-wide security awareness initiatives. WHAT YOU CAN EXPECT * Modern cloud-native stack with the opportunity to influence tooling and architecture. * Immediate impact by choosing and deploying new tooling to enable a fast-growing business. * Customer-facing impact - help unlock enterprise deals and accelerate adoption by reinforcing trust, compliance, and smooth technical onboarding. Security as a sales lever, not a cost. * Autonomy and collaboration - the opportunity to focus on coding/programming and implementation, but also collaborating cross-functionally with other teams such as solutions engineering, product, and GTM. * Growth potential - opportunity to define our security architecture to ensure resilience and security, including HA and ZTNA in a growing global business. * You’ll work with people who are passionate about what they do, supported by leaders who are empowering, supportive and inclusive. WE’D LOVE TO HEAR FROM YOU IF YOU HAVE * 4-8 years in cybersecurity or technical security or solutions engineering roles. * Hands-on experience deploying and managing security tooling - such as EDR, IAM, MDM, SIEM, ZTNA, or vulnerability scanners, and enjoy solving problems at the implementation level. * Strong communication skills and comfortable communicating technical security concepts to non-security stakeholders. * Working knowledge of networking, Windows/macOS, and security protocols. * Experience with security reporting and compliance tools. * Cloud security knowledge (we use AWS). * Proficient in programming languages e.g. Typescript, Python, Bash, or similar. * Strong skills in log analysis, threat investigation, and incident response. * A proactive and solution-oriented mindset, with a bias for action. DESIRABLE It would be a bonus if you have expertise in, or a desire to gain experience in, one or more of the following (note that candidates are not expected to have comprehensive knowledge in all areas) * Hands-on experience with AWS and AWS security services (CloudTrail, GuardDuty, WAF, IAM, Security Hub). * Experience supporting enterprise customers during technical onboarding or security validation. * DAST/SAST tooling and IaC security expertise. * Knowledge of Kubernetes and container security. * Identity & Access Management experience (e.g. Google, Okta). * Experience with JVM languages, Terraform/IaC, CDK, or React. * Familiarity with GDPR, ISO 27001, SOC 2, EU AI Act/LLMs. * Experience delivering audits or using GRC tools (e.g. Drata, Vanta) * Interest in AI and/or knowledge of AI security risks and frameworks (e.g. ISO 42001). * Security qualifications or certifications.
ABOUT FREETRADE Freetrade’s mission is to become the default place to invest. Investing has been too complicated and expensive for too long, keeping millions from making the most of their savings. We’re changing that. We’re building our team and looking for people who are excited to reshape how our customers invest and grow their wealth. If you’re driven by solving complex problems and building innovative products, you’ll fit right in. 2026 is a big year for us. Last year, we announced a game changing deal to become part of the IG Group. We’ll continue to operate as an independent business while gaining access to the resources and support of an established leader in the space. This year, we’re accelerating our roadmap and taking our products to the next level. We’re building new features like mutual funds, bonds, and family investment tools. We’re also exploring how we can leverage AI to deliver an even better experience for our customers. At Freetrade, we're on a mission to make investing accessible to everyone. We operate in a highly regulated financial environment where security isn't just a function, it's a foundation. As we scale, we're looking for a sharp, motivated Security Intern to join our Security, Privacy and Infrastructure team for the summer and contribute to real, meaningful work from day one. About the Role This is a hands-on internship, not a shadowing exercise. Whether you're a student, a recent graduate, or making your first move into security, you'll be embedded in the security team, working on operational tasks and a dedicated project designed to directly improve security at Freetrade. Your time will be split roughly 50/50 between supporting ongoing security operations and owning a scoped project with a clear outcome. You'll be supported throughout, with a defined onboarding plan, pre-scoped tasks, daily check-ins with your manager, and weekly visibility with the Director of SPI. What You'll Work On * Remediation: Vulnerability triage and proof-of-concept testing, putting your offensive security and pentesting skills to practical use. * GRC: Supporting vendor security review processes, assessing third-party risk against our security standards. * Automation: Assisting with AI tool adoption assessments, helping evaluate new tools for security and privacy risk. What You Bring Technical skills: * Foundational knowledge of offensive security, pentesting, or bug bounty practices. * Comfortable writing scripts or code in any language, Python preferred. * Solid understanding of core security concepts and principles. * Any hands-on experience with vulnerability assessment tools or CTFs is a plus. Soft skills: * Open to feedback and acts on it quickly. * Fast learner who is comfortable with ambiguity and can ramp up independently. * Clear and concise communicator, written and verbal. * Reliable, organised, and takes ownership of their time and commitments. * Collaborative and comfortable working across teams. Programme Structure * Duration: 10 weeks * Onboarding: Weeks 1 to 2, structured ramp plan with a pre-defined task list so you hit the ground running. * Split: 50% operational security work, 50% dedicated project to improve security at Freetrade. Support and Management * Direct reporting line to the Security function lead. * Daily check-ins with your intern manager. * Weekly skip-level with the Director of SPI for feedback, alignment, and visibility. * All work will be well-scoped and documented before you start, no vague briefs. What's in it for You * Paid internship with real responsibilities from day one. * Work on live security challenges in a highly regulated fintech environment. * Learn from an experienced security team with deep expertise across offensive security, privacy, and infrastructure. * Build a portfolio of tangible, real-world security work to accelerate your career. * A genuine pathway to a full-time role as part of Freetrade's 2027 headcount plan for high performers. Please note, applicants must be 18 years of age or older at the time of application and legally eligible to work in the relevant location. We are an Equal Opportunity employer committed to a diverse and representative team. Whatever your race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability - we want to hear from you. To find out more about how we look after your personal data when you apply for a job with us, please see our Recruitment Privacy Policy here. Please note we are not accepting agency CVs.