
Teya · London
Hello. We’re Teya. Teya was founded on a simple belief: local businesses deserve better. They are the cafés, restaurants, salons, shops and entrepreneurs that...
Hello. We’re Teya.
Teya was founded on a simple belief: local businesses deserve better.
They are the cafés, restaurants, salons, shops and entrepreneurs that bring character to our high streets, create jobs and keep
communities moving. Yet for too long, financial services has made life harder for them - with clunky tools, poor support and
complexity that gets in the way of running a business.
Teya exists to change that.
We’re building a financial platform for local businesses across Europe - one built around simple tools, thoughtful design and real
human support. Our Members rely on us to help them run their business with confidence, and that responsibility shapes the way we
work.
We move fast. We care about quality. We stay close to the detail. And we believe great performance and genuine hospitality should
go hand in hand.
If you want to build meaningful products, solve real problems and make a genuine difference for local businesses, we’d love to
hear from you
As a Senior DevSecOps Engineer (Security Tooling & Enablement), you will be responsible for embedding automated security controls
and guardrails into our CI/CD pipelines, cloud platforms, and developer workflows. You’ll build and operate internal security
tooling and integrations that enable secure delivery at scale—focusing on automation, low-friction developer experience, and
high-quality security feedback loops. You will partner closely with platform, cloud, AppSec, and SecOps teams to deliver scalable,
reliable, and friction-reducing security capabilities across the engineering organisation.
Security in CI/CD & Delivery Workflows
Security Tooling & Platform Engineering
Policy-as-Code & Guardrails
Platform Security & Detection Pipelines
DevSecOps Culture & Enablement
Automation, AI & Operational Metrics
Nice-to-Haves
partnership
The Perks
Teya is proud to be an equal opportunity employer.
We are committed to creating an inclusive environment where everyone regardless of race, ethnicity, gender identity or expression,
sexual orientation, age, disability, religion, or background can thrive and do their best work. We believe that a diverse team
leads to better ideas, stronger outcomes, and a more supportive workplace for all.
If you require any reasonable adjustments at any stage of the recruitment process whether for interviews, assessments, or other
parts of the application—we encourage you to let us know. We are committed to ensuring that every candidate has a fair and
accessible experience with us.
About Abound We’re redefining consumer lending in the UK, and beyond. Using advanced AI and Open Banking data, we make fair, affordable personal finance available to more people. While traditional lenders rely almost entirely on credit scores, we look at the full financial picture - how much you spend, and what you can afford to repay to build a deeper, more accurate understanding of each customer's unique financial situation. And we've shown it works at scale. We’ve issued over £1.3bn in loans directly to customers while delivering market-leading credit performance - for every 10 defaults the industry expects, we see only 3. We also reached profitability just 2.5 years after launch. Backed by £2bn+ of funding from top-tier investors including Citi, GSR Ventures, and Deutsche Bank, we’re recognised as one of Europe’s fastest-growing fintechs (Sifted, CNBC). Now, we’re expanding into new markets and product lines - and we’re looking for ambitious people who want to learn fast, take ownership, and grow with us. About the role: You won't be sitting in an ivory tower throwing policies over the fence. You will be embedded directly within our Platform team in a true DevSecOps capacity. Operating as a highly technical individual contributor, you will bridge the gap between product-led engineering and Corporate IT. You will play a hands-on role in challenging the security architecture of production and corporate IT infrastructure. In your first 6–12 months, you will design and implement our next-generation cloud security architecture across AWS and GCP, while helping to build and mature our internal SOC capabilities, including detection and response. You will take ownership of Microsoft Sentinel, enhancing our SIEM/SOAR capabilities, and strengthen identity and access management through improved and automated RBAC across AWS, Microsoft Entra, and internal systems. You will also drive a shift-left approach to security by embedding controls into GitLab CI/CD pipelines, including scanning, IaC reviews, and automated policy enforcement across the SDLC. Our technology stack: Cloud & Compute: AWS, ECS Fargate, Aurora, Lambda, GCP Data Lake: S3, DMS, Glue Cloud Security Tooling: GuardDuty, Security Hub, Inspector, Security Command Center Code & IaC: Python, Java, GitLab, AWS CDK, Terraform/CDK-TF Observability & Incident Management: AMP, Incident.io Who you are: * You are a security professional by trade, but a hacker by design. You have a strong track record in DevSecOps and cloud security engineering, with hands-on experience elevating the security posture of other organisations. * You are a strong Python developer. You know how to script automation, interact with APIs, and build security tooling from scratch. * You possess a rock-solid understanding of network security fundamentals and how they apply to modern, distributed cloud architectures. * You are comfortable owning both the build and run aspects of security—designing systems and responding to incidents. * You thrive in the dynamic, ambiguous, and fast-paced environment of a high-growth startup. You know how to balance rigorous security with engineering velocity. What you'll be doing: * Actively contribute infrastructure-as-Code (AWS CDK, Terraform) for security risks prior to deployment * Implement best practice network security across AWS and GCP (IAM, VPCs, encryption, logging, monitoring) * Embed zero-trust policies across the estate * Actively challenge the security standards of production applications and infrastructure * Embed security controls into CI/CD pipelines (SAST, dependency scanning, container security) * Partner with engineering teams on secure architecture and deployment patterns * Support secure SDLC practices and pre-deployment security reviews What we offer * Everyone owns a piece of the company - equity * Hybrid with 3 days a week in the office * 25 days’ holiday a year, plus 8 bank holidays * 2 paid volunteering days per year * One month paid sabbatical after 4 years * Employee loan * Free gym membership * Team wellness budget to be active together - set up a yoga class, a tennis lesson or go bouldering
Qube Research & Technologies (QRT) is a global quantitative and systematic investment manager, operating in all liquid asset classes across the world. We are a technology- and data-driven group implementing a scientific approach to investing. Combining data, research, technology, and trading expertise has shaped our collaborative mindset, which enables us to solve the most complex challenges. QRT’s culture of innovation continuously drives our ambition to deliver high-quality returns for our investors. You will join the Security team, responsible for protecting systems, data, and access across the organisation. The team works closely with application owners, IT Engineering, HR, and Security stakeholders to design and operate secure, automated identity and access management processes across enterprise platforms. Your Future Role within QRT * Identity Lifecycle Management * Design, implement, and maintain automated processes for user provisioning, modification, and deprovisioning. * Ensure alignment between identity lifecycle policies and organisational access control requirements. * Integrate IAM solutions with HR systems, directories, cloud platforms, and enterprise applications. * Drive automation to eliminate manual identity and access management processes. * Application Integration & Identity Engineering * Design, develop, and maintain custom identity integrations, including SCIM 2.0 provisioning bridges. * Build and maintain connectors between IAM platforms and enterprise applications (cloud and on premises). * Engineer integration solutions for applications that do not natively support modern identity standards (SCIM, SAML, OIDC, REST APIs). * Facilitate redesign or refactoring of legacy or non-integrated applications to enable automated lifecycle management. * Develop middleware, APIs, or automation services to ensure secure identity data exchange. * Contribute to application architecture discussions to ensure identity and access integration requirements are embedded by design. * Troubleshoot and optimise identity integrations across the enterprise. * IAM Platform & Tooling Management * Configure, maintain, and enhance IAM platforms (SailPoint ISC). * Develop custom rules, workflows, connectors, and extensions within the IAM platform. * Monitor platform performance and proactively resolve system issues. * Collaborate with vendors and internal engineering teams to optimise IAM capabilities. * Security and Risk Management * Support risk assessments related to identity governance and application access. * Contribute to identity management policies, standards, and architectural guidelines. * Respond to identity-related incidents and support root cause analysis. * Ensure secure coding and integration practices are followed across identity engineering work. * Continuous Improvement & Innovation * Stay informed on industry trends, identity standards, and emerging IAM technologies. * Recommend enhancements to improve governance maturity and reduce operational overhead. * Participate in cross-functional engineering initiatives to expand identity automation capabilities. * Promote identity-as-code and infrastructure-as-code approaches where appropriate. Your Present Skillset * Bachelor’s degree in computer science, Information Security, Software Engineering, or related field. * 5+ years of experience in IAM Engineering or Application Integration Engineering. * Strong software engineering background with experience building production-grade integrations. * Hands-on experience with IAM platforms such as SailPoint (IIQ or ISC) or similar. * Proven experience developing SCIM 2.0 integrations and custom provisioning connectors. * Strong experience working with REST APIs, JSON, OAuth2, SAML, OIDC, and modern authentication protocols.Experience integrating identity solutions with cloud and on-prem enterprise applications. * Experience redesigning or enabling identity integration for non-integrated or legacy applications. * Strong scripting and automation skills (e.g., Python, PowerShell). * Experience with version control systems (e.g., Git) and CI/CD pipelines. * Solid understanding of RBAC, ABAC, SSO, MFA, and directory services (AD/Azure AD). * Familiarity with security and compliance standards (ISO 27001, SOX, GDPR). * Excellent problem-solving, analytical, and communication skills. * Preferred * Experience contributing to application codebases to enable identity integration. * Experience building middleware or identity proxy services. * Knowledge of containerisation (Docker/Kubernetes) and cloud-native integration patterns. * Exposure to DevSecOps practices. * Financial services industry experience. * CISSP, CISM, or equivalent security certification. * IAM-specific certifications (e.g., CIAM, SailPoint Certified Implementation Engineer). * SailPoint certifications (IIQ or ISC). QRT is an equal opportunity employer. We welcome diversity as essential to our success. QRT empowers employees to work openly and respectfully to achieve collective success. In addition to professional achievement, we are offering initiatives and programs to enable employees achieve a healthy work-life balance.
Alpha Financial Markets Consulting (Alpha) is a leading global consultancy to the financial services industry. We are a boutique management consulting firm that offers the world’s top industry players a competitive edge through our expertise and industry insight. Our team is of a uniquely high calibre and by focusing across the General Insurance & Specialty value chain, we build deep knowledge and experience within our industry. We have our headquarters located the United Kingdom, as well as offices in major global financial centres across the United States, France, Netherlands, Luxembourg, Switzerland, and Asia. The Insurance team works with industry leading carriers, brokers, market bodies, ancillary businesses, and technology providers to position our clients for future success. We have a fast growing team of dedicated consultants with deep experience from working both within the industry and consulting. Successful candidates should expect a diverse range of complex and strategic engagements across the market. As we continue to expand our client base and expertise, we are looking for individuals to join our team to support our growth journey. Please see below an outline of the responsibilities of the role as well as the requirements. ROLE OVERVIEW We are seeking an exceptional Application & Software Engineering Lead with deep Insurance domain expertise to drive the design, delivery, and evolution of our core technology platforms. This is a high-impact leadership role sitting at the intersection of engineering excellence and insurance business capability, responsible for leading cross-functional engineering teams to deliver scalable, resilient, and compliant software solutions. You will act as a trusted technology partner to the world’s largest insurance firms, translating complex insurance workflows — spanning policy administration, underwriting, claims, and regulatory compliance — into robust, modern application architectures. You will set the technical vision, champion engineering best practices, and cultivate a high-performing team culture. KEY RESPONSIBILITIES ENGINEERING LEADERSHIP * Lead, mentor, and grow a team of software engineers, architects, and analysts across multiple squads. * Define and uphold engineering standards, coding practices, and quality frameworks across the function. * Drive a culture of continuous improvement, psychological safety, and technical craftsmanship. * Conduct regular 1:1s, performance reviews, and career development conversations with direct reports. * Collaborate with Engineering Managers, Product Owners, and Delivery Leads to ensure aligned, outcome-driven delivery. APPLICATION STRATEGY & ARCHITECTURE * Own the application roadmap for core insurance platforms, including policy management, claims, underwriting, and distribution systems. * Design and govern scalable, event-driven, cloud-native architectures appropriate for the insurance technology landscape. * Lead technical design reviews, architecture decision records (ADRs), and proof-of-concept evaluations. * Assess and manage technical debt; prioritise remediation in balance with feature delivery. * Evaluate and recommend third-party insurance software (e.g. Guidewire, Duck Creek, Majesco) and integration patterns. INSURANCE DOMAIN DELIVERY * Apply specialist knowledge of insurance business processes to shape technical solutions that meet regulatory and operational requirements. * Oversee delivery of insurance-specific capabilities: policy lifecycle management, claims handling, bordereaux processing, reinsurance ceding, and premium calculation engines. * Ensure compliance with industry standards and regulations including Solvency II, FCA requirements, market standards, and GDPR. * Act as a subject matter expert (SME) bridging business stakeholders and engineering teams on insurance domain requirements. DELIVERY & EXECUTION * Own end-to-end software delivery for one or more product areas; accountable for quality, timeliness, and technical integrity. * Champion Agile and DevSecOps practices; contribute to sprint planning, backlog refinement, and release governance. * Define and track engineering KPIs including lead time, deployment frequency, MTTR, and defect escape rate. * Manage stakeholder expectations and provide transparent reporting on engineering progress and risk. STAKEHOLDER & VENDOR ENGAGEMENT * Partner with Product, Actuarial, Risk, Compliance, and Operations teams to understand and shape business requirements. * Manage relationships with technology vendors and insurance software providers; lead procurement and contract negotiations where required. * Represent the engineering function in senior leadership forums, architecture boards, and client-facing engagements. SKILLS & EXPERIENCE ESSENTIAL * Significant experience (7+ years) in software engineering. * Demonstrable insurance domain expertise across one or more of: Specialty, London Market / Lloyds, or Reinsurance. * Strong command of modern application development: microservices, API-first design, event-driven architecture, and cloud platforms (AWS, Azure, or GCP). * Proven ability to lead distributed engineering teams delivering in an Agile/SAFe environment. * Deep understanding of insurance data models, regulatory frameworks (FCA, PRA, Solvency II), and compliance requirements. * Excellent communication skills with the ability to engage technical and non-technical audiences, including C-suite stakeholders. HIGHLY DESIRABLE * Consulting experience. * Background in data engineering or analytics within an insurance context (e.g. actuarial data platforms, claims analytics). * Experience delivering large-scale digital transformation or legacy modernisation programmes in insurance. * Relevant certifications: AWS Solutions Architect, Azure Solutions Architect, TOGAF, or equivalent. * Exposure to AI/ML applications in insurance (e.g. fraud detection, underwriting automation, NLP for claims). TECHNICAL COMPETENCIES * Languages & Frameworks: Java, Python, .NET, or similar enterprise-grade stack; REST and GraphQL APIs. * Cloud & Infrastructure: Kubernetes, Terraform, CI/CD pipelines (GitHub Actions, Azure DevOps, Jenkins). * Data & Integration: Kafka / event streaming, enterprise integration patterns, EDI/ACORD XML or JSON standards. * Security & Compliance: OWASP practices, data privacy engineering, secure SDLC. WHAT WE OFFER * Competitive base salary benchmarked to senior tech consulting market rates. * Annual performance bonus tied to individual and company outcomes. * Comprehensive benefits package including private medical insurance, life assurance, and income protection. * Hybrid working model with flexible arrangements to support work-life balance. * Generous pension scheme with enhanced employer contributions. * Continuous learning budget and access to industry conferences, certifications, and training programmes. * 25 days annual leave plus bank holidays, with option to buy additional days. * Employee assistance programme and wellbeing support.