
Thought Machine · Portugal
Thought Machine's mission is bold – to properly and permanently rid the world's banks of legacy technology. To achieve this, we have developed the foundations o...
Thought Machine's mission is bold – to properly and permanently rid the world's banks of legacy technology. To achieve this, we
have developed the foundations of modern banking through core and payments technology which run natively in the cloud. What we are
attempting is hard and means we need great people working together to build great technology.
We have grown rapidly in the past few years – growing our team to more than 550 individuals across offices in London, New York,
Singapore, Sydney and our newly established Engineering Hub in Lisbon. We have raised more than £500m in funding and our investors
include Molten Ventures, Eurazeo, Intesa Sanpaolo, Temasek, Nyca Partners, JPMorgan Chase Strategic Investments, Standard
Chartered Ventures, and more.
We have created a culture that enables our team to produce the best work in the industry while ensuring we have fun along the way.
We're regularly cited as having a fantastic workplace culture and have been recognised by Sifted magazine as having one of the
highest Glassdoor ratings for a UK fintech company and the industry's most generous employee share package. Named one of the
world's most innovative fintechs by Global Finance Magazine, we were also recognised by the Financial Times as one of Europe's
fastest-growing companies for two consecutive years—and a UK Best Employer for 2026.
This is a full-time, permanent position based in our Lisbon office, requiring four days a week onsite.
A Cloud Security Engineer is a contributor to the larger Security Engineering team. We desire engineers who are able to think
creatively engineer, design, and build solutions to security problems. We have a passion for exploration of unique solutions and
sharing of unique perspectives that you can bring to the team and its work.
The Security Engineering team is cross-functional and made up of diverse people who bring their own unique expertise in either (or
both) application security and infrastructure (cloud) security. We allow team members to move from project to project, subject to
subject based on their skills, experience, and interests. Each team member brings their own expertise to bear in ways that are
collaborative and designed to find the best solutions to complex problems.
The team covers the following areas, and individuals contribute to any of them based on their own expertise:
A large part of the Thought Machine security function is greenfield; we are building the bank of tomorrow with cutting edge
technology. To achieve this we need innovative thinking to create security solutions in our products and our infrastructure. We
look for people who think outside the box, and outside of traditional silos to find unique solutions and approaches to security
that lead the industry.
testing of new solutions.
is in use in our environment
Essential
automation
Desirable
Benefits
We actively hire candidates who demonstrate technical excellence in their field and welcome people of all ages and backgrounds,
providing everyone with equal access to professional development. You are encouraged to apply even if your experience doesn't
accurately match the job description. We also encourage applications from those with different abilities, including candidates
with ADHD, autism, dyslexia or dyspraxia.
Thought Machine's mission is bold – to properly and permanently rid the world's banks of legacy technology. To achieve this, we have developed the foundations of modern banking through core and payments technology which run natively in the cloud. What we are attempting is hard and means we need great people working together to build great technology. We have grown rapidly in the past few years – growing our team to more than 550 individuals across offices in London, New York, Singapore, Sydney and our newly established Engineering Hub in Lisbon. We have raised more than £500m in funding and our investors include Molten Ventures, Eurazeo, Intesa Sanpaolo, Temasek, Nyca Partners, JPMorgan Chase Strategic Investments, Standard Chartered Ventures, and more. We have created a culture that enables our team to produce the best work in the industry while ensuring we have fun along the way. We're regularly cited as having a fantastic workplace culture and have been recognised by Sifted magazine as having one of the highest Glassdoor ratings for a UK fintech company and the industry's most generous employee share package. Named one of the world's most innovative fintechs by Global Finance Magazine, we were also recognised by the Financial Times as one of Europe's fastest-growing companies for two consecutive years—and a UK Best Employer for 2026. This is a full-time, permanent position based in our Lisbon office, requiring four days a week onsite. A Senior Cloud Security Engineer is a part of the larger Security Engineering team. We desire engineers who are able to lead the engineering, design, and delivery of solutions to security problems. We have a passion for exploring unique solutions and sharing differing perspectives that leads to the development of leading solutions to complex security problems. The Security Engineering team is cross-functional and made up of diverse people who bring their own unique expertise in either (or both) application security and infrastructure (cloud) security. We allow team members to move from project to project, subject to subject based on their skills, experience, and interests. Each team member brings their own expertise to bear in ways that are collaborative and designed to find the best solutions to complex problems. The team covers the following areas, and individuals contribute to any of them based on their own expertise: * Designs of secure products and platforms * Reviews of engineering designs, threat models, and coding practices * Threat modelling to identify relevant areas of focus * Define the best in class protective and detective security controls * Development of security tooling and automation * Implement and maintain cutting-edge tools and measures A large part of the Thought Machine security function is greenfield; we are building the bank of tomorrow with cutting edge technology. To achieve this we need innovative thinking to create security solutions in our products and our infrastructure. We look for people who think outside the box, and outside of traditional silos to find unique solutions and approaches to security that lead the industry. DUTIES * Provide security expertise and mentorship to Thought Machine engineering teams through the stages of planning, design, and testing of new solutions. * Lead the design and delivery of cloud native preventative and detective controls that operate at scale * Build and maintain automation to actively audit and assess infrastructure-as-code and in-place infrastructure * Develop (in code) security tooling, contribute to third-party security products, and develop updates for existing tooling that is in use in our environment * Co-develop threat models with engineering teams that identify relevant threats and relevant strategies for mitigation * Work with cloud engineering and operations teams to develop tooling that maintains our secure operating state in production * Perform security reviews and security testing * Lead complex projects to develop security capabilities, tooling, and functionality. * Contribute to the overall security strategy, security tooling selection and creation * Operate collaboratively with other Thought Machine teams with trust and influence REQUIREMENTS Essential * Familiarity with building and deploying containerised applications in public cloud using CI/CD frameworks and infrastructure automation * Knowledge of cloud networking architecture, cloud operations, security, automation and orchestration * Familiarity with performing security threat modelling and design reviews * Knowledge of security in distributed systems * Familiarity with good security practices with containers and Kubernetes * Experience with languages such as Go, Python, or other modern programming languages * Coding experience in the creation, automation, and integration of security tools * Experience in version control systems such as Git * Experience with designing, developing, and maintaining security in public cloud environments such as AWS and GCP * Ability to lead and encourage good design skills including creative and critical thinking, collaboration, full evaluation of options, and objective decision making to find a preferred solution. * Strong interpersonal and communication skills to support collaboration with other personnel and teams Desirable * Existing experience building and operating distributed systems at scale * Awareness and experience with “well-architected” cloud security frameworks or CSA-CCM * Contributions to the security community (public research, blogging, presentations, etc) * Experience in performing penetration testing and security testing * Experience developing tools and interacting with cloud provider API Benefits * Highly competitive salary * Voluntary Pension Plan (match up to 5%) * Private Healthcare Insurance * Comprehensive Life Insurance * 25 days holiday plus public holidays * Two charity days a year * Daily Meal Allowance * Access to outstanding learning materials and courses * Sports and hobby clubs, subsidised by Thought Machine * All the latest tech you need * Huge range of healthy (and not-so-healthy) snacks, smoothies and drinks * A talented and experienced team as your colleagues * An environment where we encourage learning and progress We actively hire candidates who demonstrate technical excellence in their field and welcome people of all ages and backgrounds, providing everyone with equal access to professional development. You are encouraged to apply even if your experience doesn't accurately match the job description. We also encourage applications from those with different abilities, including candidates with ADHD, autism, dyslexia or dyspraxia.
Thought Machine's mission is bold – to properly and permanently rid the world's banks of legacy technology. To achieve this, we have developed the foundations of modern banking through core and payments technology which run natively in the cloud. What we are attempting is hard and means we need great people working together to build great technology. We have grown rapidly in the past few years – growing our team to more than 550 individuals across offices in London, New York, Singapore, Sydney and our newly established Engineering Hub in Lisbon. We have raised more than £500m in funding and our investors include Molten Ventures, Eurazeo, Intesa Sanpaolo, Temasek, Nyca Partners, JPMorgan Chase Strategic Investments, Standard Chartered Ventures, and more. We have created a culture that enables our team to produce the best work in the industry while ensuring we have fun along the way. We're regularly cited as having a fantastic workplace culture and have been recognised by Sifted magazine as having one of the highest Glassdoor ratings for a UK fintech company and the industry's most generous employee share package. Named one of the world's most innovative fintechs by Global Finance Magazine, we were also recognised by the Financial Times as one of Europe's fastest-growing companies for two consecutive years—and a UK Best Employer for 2026. This is a full-time, permanent position based in our Lisbon office, requiring four days a week onsite. Thought Machine is in search of a Security Control Engineer with experience in evaluating threats and risks in an organisation, evaluating control requirements, and using that information to design and implement technical and operational solutions to address them. Thought Machine prides itself in being an engineering-led company and as such, the candidate should have a strong technical background; they should be able to reason about complex security problems in distributed cloud-based and on-premise computing environments. They should be able to communicate and collaborate on trade-offs between differing approaches to security controls - both internally and to our client base, where necessary. Thought Machine’s Security Control Engineering team uses Thought Machine’s standards and risk assessments along with client and regulatory requirements to define the security control needs and develops those controls - inclusive of engineering the solution, documenting it, and presenting it to clients and auditors. This focus is to ensure Thought Machine is able to meet its contractual requirements, security and business continuity certifications, and maintaining a program of continuous improvement that puts us at the forefront of industry good practices. This focus is driven by four principles: 1. Creativity: we are a company filled with unique thinkers, who design and engineer solutions to hard problems in ways that are unique and challenge convention. 2. Collaborative: we believe in collaboration with every team across the company to mitigate identified risks in ways that support Thought Machine’s ways of working and solving hard problems. 3. Quantification: we believe that quantification and measurement is critical to being able to provide evidence-based recommendations for risk mitigation and prioritisation to the company. 4. Continuous Improvement: Monitoring and nurturing the evolution and operation of our ISMS and BCMS so that we remain at the forefront of industry best practices, evolve as threats evolve, and build world-class technologies. DUTIES: 1. Control Design and Implementation: Actively participate in the technical and operational design and implementation of capabilities, tools, and procedures to mitigate security and business continuity risks to acceptable levels. Provide both process and technical domain expertise in Thought Machine’s approach to its product and operational security as well as business continuity and disaster recovery plans. 2. Continuous Control Assurance: Developing and implementing highly effective ways (tools, processes) of performing continuous audits, and also obtaining the evidence necessary for the renewal of Thought Machine's certifications, including ISO27001, ISO22301, PCI-DSS, and SOC 2 Type 2. This also includes the design of capabilities, tools, and procedures that satisfy the requirements of these regimens. 3. Client Support: Respond directly to client queries regarding our technical approach to security in our products by communicating the technical details necessary to instil confidence in our security posture. Develop materials for distribution and presentation to clients that communicate our approach to security ensuring the materials used are technically accurate, sufficiently detailed, and up-to-date. 4. ISMS and BCMS: Actively ensuring that our approach to security and business continuity is kept up to date; that new threats, technical advances, and new standards are incorporated in a timely manner; our standards, controls, and plans up to date with Thought Machine and client needs, as well as changes to Thought Machine’s processes and technology stack. REQUIREMENTS Essential: * Experience designing and implementing technical solutions to deliver security controls and capabilities in cloud-based infrastructure (e.g. AWS, GCP). * Experience in working directly with software engineering teams in designing new technical solutions to meet security requirements in products. * Experience with control automation via code (e.g. Python, Go) * Strong technical background, with experience in distributed systems, cloud security, and related technologies, and a passion for finding creative solutions to difficult problems. * Knowledge of threat modelling for the purposes of understanding threat probabilities and frequency. * Excellent communication skills with an ability to translate technical and security jargon into business-relevant insights. * Ability to collaborate effectively with other departments and external stakeholders. Desirable: * Experience in a fast-paced tech environment or fintech sector. * Knowledge of container security, Kubernetes, Kafka, and other emergent technologies. * Experience with obtaining and maintaining a security certification such as SOC 2, ISO 27001, PCI-DSS. * Proficiency in leading security risk assessments, preferably with knowledge of the FAIR framework Benefits * Highly competitive salary * Voluntary Pension Plan (match up to 5%) * Private Healthcare Insurance * Comprehensive Life Insurance * 25 days holiday plus public holidays * Two charity days a year * Daily Meal Allowance * Access to outstanding learning materials and courses * Sports and hobby clubs, subsidised by Thought Machine * All the latest tech you need * Huge range of healthy (and not-so-healthy) snacks, smoothies and drinks * A talented and experienced team as your colleagues * An environment where we encourage learning and progress We actively hire candidates who demonstrate technical excellence in their field and welcome people of all ages and backgrounds, providing everyone with equal access to professional development. You are encouraged to apply even if your experience doesn't accurately match the job description. We also encourage applications from those with different abilities, including candidates with ADHD, autism, dyslexia or dyspraxia.
This role is part of Datadog’s Security Agent team, which powers critical security capabilities across Workload Protection, Vulnerability Management, Cloud Security products, and other emerging security offerings. As a Staff Software Engineer, you will lead the design and development of low-level Linux instrumentation and runtime security technologies that help customers detect threats, monitor system activity, and protect cloud-native workloads at scale. You will work on complex technical challenges involving eBPF, Linux kernel internals, performance-sensitive systems, and large-scale data collection while influencing technical direction across multiple product teams. This role offers significant ownership, broad organizational impact, and the opportunity to shape the future of Datadog’s security platform. At Datadog, we place value in our office culture - the relationships and collaboration it builds and the creativity it brings to the table. We operate as a hybrid workplace to ensure our Datadogs can create a work-life harmony that best fits them. What You’ll Do: * Lead the architecture and development of security agent capabilities that power runtime threat detection and workload protection across Datadog Security products. * Design and build reusable eBPF-based monitoring functionality for process, file, and network visibility within Linux environments. * Drive end-to-end delivery of new features, from technical strategy and design through implementation, testing, and rollout. * Establish and evolve testing methodologies that improve platform coverage, detection quality, reliability, and performance. * Partner with product, security, infrastructure, and engineering teams to deliver shared platform capabilities used across multiple Datadog products. * Provide technical leadership by influencing engineering direction, mentoring peers, and helping resolve complex cross-functional challenges. Who You Are: * You have significant experience building software in Linux environments, including knowledge of Linux internals, kernel APIs, or systems programming. * You have hands-on experience with eBPF, kernel-level instrumentation, driver development, networking systems, agent development, or related low-level technologies. * You've built and run systems where performance and reliability actually matter. * You have experience building and maintaining production software across diverse Linux distributions and kernel versions. * You are product-minded and customer-focused, balancing technical excellence with customer impact and usability. ---------------------------------------------------------------------------------------------------------------------------------- About Datadog: Datadog is the leading observability and security platform for the AI era, providing businesses with unified visibility across the technology stack to manage complexity at scale. It brings applications, infrastructure, data, models, and security into one place, using AI to detect and resolve issues before they impact customers. Trusted globally by Fortune 500 companies and high-growth AI leaders, Datadog enables businesses to move faster with clarity and confidence. Learn more about #DatadogLife on Instagram, LinkedIn, and Datadog Learning Center. ---------------------------------------------------------------------------------------------------------------------------------- Equal Opportunity at Datadog: Datadog is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and other characteristics protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. Here are our Candidate Legal Notices for your reference. Datadog endeavors to make our Careers Page accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please complete this form. This form is for accommodation requests only and cannot be used to inquire about the status of applications. Privacy and AI Guidelines: Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice. For information on our AI policy, please visit Interviewing at Datadog AI Guidelines.