
Thought Machine · Portugal
Thought Machine's mission is bold – to properly and permanently rid the world's banks of legacy technology. To achieve this, we have developed the foundations o...
Thought Machine's mission is bold – to properly and permanently rid the world's banks of legacy technology. To achieve this, we
have developed the foundations of modern banking through core and payments technology which run natively in the cloud. What we are
attempting is hard and means we need great people working together to build great technology.
We have grown rapidly in the past few years – growing our team to more than 550 individuals across offices in London, New York,
Singapore, Sydney and our newly established Engineering Hub in Lisbon. We have raised more than £500m in funding and our investors
include Molten Ventures, Eurazeo, Intesa Sanpaolo, Temasek, Nyca Partners, JPMorgan Chase Strategic Investments, Standard
Chartered Ventures, and more.
We have created a culture that enables our team to produce the best work in the industry while ensuring we have fun along the way.
We're regularly cited as having a fantastic workplace culture and have been recognised by Sifted magazine as having one of the
highest Glassdoor ratings for a UK fintech company and the industry's most generous employee share package. Named one of the
world's most innovative fintechs by Global Finance Magazine, we were also recognised by the Financial Times as one of Europe's
fastest-growing companies for two consecutive years—and a UK Best Employer for 2026.
This is a full-time, permanent position based in our Lisbon office, requiring four days a week onsite.
This position plays a key role in ensuring Thought Machine teams are taking all required steps in building a secure product set.
You will play a major and leading role in protecting Thought Machine product against security risks, with influence to implement
cutting-edge measures to minimise exposures and vulnerabilities.
Whether engineering a system to address a technical security hurdle, protecting our customers' data, or consulting on a wide range
of security topics, you are empowered to engage and lead cross-functionally.
A large part of Thought Machine product security function is a greenfield challenge, we are building the bank of tomorrow with
cutting edge web technology, no best-practice/of the shelve security frameworks or tools can solve our security challenge. We are
building the best security to enable engineering and impress financial service auditors. Key qualities of the ideal candidate
would have experience in OWASP top 10 vulns, devsecOps, data privacy protection, passion to mentor and enable devs, creativity,
autonomy, ability to work and complete multiple projects simultaneously.
development and infrastructure teams, with trust, autonomy and influence.
Essential
analysers, etc).
Desirable
Benefits
We actively hire candidates who demonstrate technical excellence in their field and welcome people of all ages and backgrounds,
providing everyone with equal access to professional development. You are encouraged to apply even if your experience doesn't
accurately match the job description. We also encourage applications from those with different abilities, including candidates
with ADHD, autism, dyslexia or dyspraxia.
About DataCamp DataCamp's mission is to empower everyone with the data and AI skills essential for 21st-century success. By providing practical, engaging learning experiences, DataCamp equips learners and organizations of all sizes to harness the power of data and AI. As a trusted partner to over 17 million learners and 6,000+ companies, including 80% of the Fortune 1000, DataCamp is leading the charge in addressing the critical data and AI skills shortage. About the role We are looking for a Senior Application Security Engineer to join our Engineering team and own the security posture of our software and development practices. This is a hands-on role for someone with a strong software engineering background who is genuinely passionate about security - not a traditional infosec role, but one that sits at the intersection of engineering and security. You will be our primary security expert embedded in the Engineering organization, acting as the first responder on security topics - from bug bounty programs and penetration testing to vulnerability management and security risk tracking. You will work closely with our engineering teams to embed security guardrails into our development workflows, including our growing AI-assisted and Agentic development practices. We are ISO 27001 certified and take our compliance obligations seriously. You will play a key role in ensuring our controls remain in place, evolving our security awareness program, and continuously improving the tools and practices that keep us ahead of the curve. About you At DataCamp, we seek individuals who embody our core values of data-driven decision-making, action, transparency, ownership, and customer focus. You thrive in a fast-paced, high-performing environment and are driven by a passion for making a meaningful impact. You're adaptable, embracing change and ambiguity with enthusiasm. Your initiative and entrepreneurial spirit push you beyond just meeting targets—you aim to understand the "why" behind our goals and take ownership to drive the business forward. You’re a collaborative team player who values transparency and always seeks to improve and innovate. If this sounds like you, we encourage you to apply! Responsibilities * Own vulnerability management end-to-end: triage, prioritize, track, and drive remediation across the engineering organization * Act as the first responder from Engineering on security topics, including bug bounty programs, penetration testing engagements, and security incidents * Maintain and evolve our application security tooling (JFrog X-Ray, SonarCloud, OWASP ZAP) and integrate security checks into CI/CD pipelines * Partner with engineering teams to embed security guardrails into development workflows - including AI-assisted and Agentic development practices * Drive adoption of secure coding standards and OWASP best practices across the engineering organization (OWASP Top 10 for Web and API) * Support and evolve our ISO 27001 compliance program, ensuring controls are in place, monitored, and continuously improved * Run and evolve our annual security awareness training for developers * Track and communicate security risks to engineering leadership and relevant stakeholders * Evaluate and adopt new security tools and practices as the threat landscape and our technology evolve Qualifications * 6+ years of software engineering or application security experience, with a strong coding background - you can read, write, and review code across multiple languages * Strong TypeScript/Node.js experience; good knowledge of Kubernetes, and AWS * Deep understanding of application security concepts: OWASP Top 10 (Web and API), vulnerability management, secure SDLC, and threat modeling * Hands-on experience with application security tooling such as SAST, DAST, and SCA - experience with JFrog X-Ray, SonarCloud, or OWASP ZAP is a plus * Experience coordinating or participating in bug bounty programs and penetration testing engagements * Experience working within ISO 27001 or similar compliance frameworks - experience with compliance monitoring tools (e.g., Vanta) is a plus * Experience integrating security practices into CI/CD pipelines and developer workflows * Able to take a security initiative from problem identification through to implementation - you drive things to completion and don't wait to be pushed * Already working with AI-assisted development tools (e.g., Claude Code, Cursor) in your day-to-day workflow, with solid understanding of AI Engineering concepts and Agentic systems - including the security implications they introduce * Startup, scale-up, or small-company experience - You have worked in environments where teams are small, ownership is broad, priorities shift quickly, and you are expected to make progress without a large support structure. * Strong communication skills - you can explain complex security topics to engineers and non-technical stakeholders alike * Comfortable working across engineering teams without direct authority - you communicate security risks clearly and pragmatically, without blocking delivery Why Datacamp? Joining DataCamp means becoming part of a dynamic, creative, and international start-up. Here are just a few of the reasons why you’ll love being on our team: * Exciting challenges: Face new technical challenges daily, keeping your work engaging and rewarding. * Competitive compensation: We offer a competitive salary with attractive benefits. * Flexibility: Benefit from flexible working hours because the future is flexible! * Continuous learning: Access a yearly learning budget for conferences & training to support your professional growth. * Global retreats: Participate in international company retreats, fostering a global team spirit. * Equipment: Yearly refreshment of your IT Equipment budget for your home working setup. * Amazing team: Collaborate with a truly exceptional team—seriously, we’re awesome!
Thought Machine's mission is bold – to properly and permanently rid the world's banks of legacy technology. To achieve this, we have developed the foundations of modern banking through core and payments technology which run natively in the cloud. What we are attempting is hard and means we need great people working together to build great technology. We have grown rapidly in the past few years – growing our team to more than 550 individuals across offices in London, New York, Singapore, Sydney and our newly established Engineering Hub in Lisbon. We have raised more than £500m in funding and our investors include Molten Ventures, Eurazeo, Intesa Sanpaolo, Temasek, Nyca Partners, JPMorgan Chase Strategic Investments, Standard Chartered Ventures, and more. We have created a culture that enables our team to produce the best work in the industry while ensuring we have fun along the way. We're regularly cited as having a fantastic workplace culture and have been recognised by Sifted magazine as having one of the highest Glassdoor ratings for a UK fintech company and the industry's most generous employee share package. Named one of the world's most innovative fintechs by Global Finance Magazine, we were also recognised by the Financial Times as one of Europe's fastest-growing companies for two consecutive years—and a UK Best Employer for 2026. This is a full-time, permanent position based in our Lisbon office, requiring four days a week onsite. A Senior Cloud Security Engineer is a part of the larger Security Engineering team. We desire engineers who are able to lead the engineering, design, and delivery of solutions to security problems. We have a passion for exploring unique solutions and sharing differing perspectives that leads to the development of leading solutions to complex security problems. The Security Engineering team is cross-functional and made up of diverse people who bring their own unique expertise in either (or both) application security and infrastructure (cloud) security. We allow team members to move from project to project, subject to subject based on their skills, experience, and interests. Each team member brings their own expertise to bear in ways that are collaborative and designed to find the best solutions to complex problems. The team covers the following areas, and individuals contribute to any of them based on their own expertise: * Designs of secure products and platforms * Reviews of engineering designs, threat models, and coding practices * Threat modelling to identify relevant areas of focus * Define the best in class protective and detective security controls * Development of security tooling and automation * Implement and maintain cutting-edge tools and measures A large part of the Thought Machine security function is greenfield; we are building the bank of tomorrow with cutting edge technology. To achieve this we need innovative thinking to create security solutions in our products and our infrastructure. We look for people who think outside the box, and outside of traditional silos to find unique solutions and approaches to security that lead the industry. DUTIES * Provide security expertise and mentorship to Thought Machine engineering teams through the stages of planning, design, and testing of new solutions. * Lead the design and delivery of cloud native preventative and detective controls that operate at scale * Build and maintain automation to actively audit and assess infrastructure-as-code and in-place infrastructure * Develop (in code) security tooling, contribute to third-party security products, and develop updates for existing tooling that is in use in our environment * Co-develop threat models with engineering teams that identify relevant threats and relevant strategies for mitigation * Work with cloud engineering and operations teams to develop tooling that maintains our secure operating state in production * Perform security reviews and security testing * Lead complex projects to develop security capabilities, tooling, and functionality. * Contribute to the overall security strategy, security tooling selection and creation * Operate collaboratively with other Thought Machine teams with trust and influence REQUIREMENTS Essential * Familiarity with building and deploying containerised applications in public cloud using CI/CD frameworks and infrastructure automation * Knowledge of cloud networking architecture, cloud operations, security, automation and orchestration * Familiarity with performing security threat modelling and design reviews * Knowledge of security in distributed systems * Familiarity with good security practices with containers and Kubernetes * Experience with languages such as Go, Python, or other modern programming languages * Coding experience in the creation, automation, and integration of security tools * Experience in version control systems such as Git * Experience with designing, developing, and maintaining security in public cloud environments such as AWS and GCP * Ability to lead and encourage good design skills including creative and critical thinking, collaboration, full evaluation of options, and objective decision making to find a preferred solution. * Strong interpersonal and communication skills to support collaboration with other personnel and teams Desirable * Existing experience building and operating distributed systems at scale * Awareness and experience with “well-architected” cloud security frameworks or CSA-CCM * Contributions to the security community (public research, blogging, presentations, etc) * Experience in performing penetration testing and security testing * Experience developing tools and interacting with cloud provider API Benefits * Highly competitive salary * Voluntary Pension Plan (match up to 5%) * Private Healthcare Insurance * Comprehensive Life Insurance * 25 days holiday plus public holidays * Two charity days a year * Daily Meal Allowance * Access to outstanding learning materials and courses * Sports and hobby clubs, subsidised by Thought Machine * All the latest tech you need * Huge range of healthy (and not-so-healthy) snacks, smoothies and drinks * A talented and experienced team as your colleagues * An environment where we encourage learning and progress We actively hire candidates who demonstrate technical excellence in their field and welcome people of all ages and backgrounds, providing everyone with equal access to professional development. You are encouraged to apply even if your experience doesn't accurately match the job description. We also encourage applications from those with different abilities, including candidates with ADHD, autism, dyslexia or dyspraxia.
bunch is building the backbone of private markets. We are enabling next-gen fund operations with one integrated system that combines secure data infrastructure, AI-powered workflows and expert fund services. If you value ownership, growth through real responsibility, and working with a thoughtful, ambitious team, this role might be for you. YOUR ROLE We are seeking a Senior Platform Engineer to design, build, and maintain the infrastructure and automation that power our applications. In this role, you will combine the speed and reliability focus of DevOps with the architectural depth of Platform Engineering, ensuring that our development teams can deliver high-quality software quickly, securely, and at scale. You will be responsible for designing infrastructure, implementing automation, ensuring platform reliability, and guiding the evolution of our delivery pipelines and cloud environments. This is a highly collaborative position that bridges operations, development, and security. TOP RESPONSIBILITIES * Design, implement, and maintain cloud-based infrastructure (AWS) for scalability, reliability, and security. * Manage infrastructure-as-code using Terraform, or similar tools. * Oversee container orchestration platforms such as Kubernetes. * Ensure robust disaster recovery and high availability strategies. * Build, maintain, and optimize CI/CD pipelines for rapid and reliable deployments. * Automate infrastructure provisioning, configuration management, and application deployments. * Integrate automated testing and security checks into delivery workflows. * Implement logging, alerting, and observability tools to monitor infrastructure and application performance. * Proactively identify and resolve performance bottlenecks, outages, or system health issues. * Collaborate with development teams to troubleshoot and resolve deployment failures. * Ensure infrastructure and delivery processes meet security, compliance, and governance standards. * Apply security patches and updates to infrastructure and platform components. * Partner with software engineers to ensure development aligns with operational best practices. * Lead technical decision-making for infrastructure and platform initiatives. * Mentor junior engineers and promote DevOps best practices across teams. ABOUT YOU * At least 6 years of experience in senior Platform, DevOps, or Infrastructure Engineering roles. * Strong expertise with AWS cloud platform. * Deep knowledge of Kubernetes, Docker, and container orchestration. * Proficiency with infrastructure-as-code (Terraform, etc.). * Experience building and maintaining CI/CD pipelines (GitHub Actions or any similar tool). * Strong understanding of observability tools (Prometheus, Grafana, ELK, Datadog, etc.). * Solid grasp of networking, system administration, and cloud security practices. * Strong problem-solving skills and ability to debug complex issues. * Excellent communication and collaboration abilities. * Experience leading projects and influencing engineering decisions. * Nice to Have: * Background in SRE (Site Reliability Engineering) practices. * Familiarity with compliance frameworks (SOC 2, ISO 27001). * Programming skills in TypeScript, Python or Go. OUR TECH STACK We strive to keep our technology stack as simple and efficient as possible. * Frontend & Backend: TypeScript on both the frontend (Svelte) and the backend (Node.js with Nest.js) * Database: MySQL * Infrastructure: Kubernetes (K8S) on top of AWS * Source Control & CI/CD: GitHub * Third-Party Applications: * FusionAuth for authentication * Retool for low-code internal frontend solutions * Twilio and SendGrid for sending SMS and emails WORKPLACE AND BENEFITS * Become one of the key builders of bunch and architect our go-to-market strategy * Take part in a network of people passionate about investment and work closely with the most interesting players in the private market * Benefit from working with a diverse mix of talents, unrivaled energy, and team spirit within a culture of inclusion * Flexible hours, remote setup * 28 days of vacation per year + 2 company days, on top of public holidays * A competitive compensation package * A great tech and work setup with everything you need WHAT YOUR INTERVIEW JOURNEY WILL LOOK LIKE * First interview with the People team (30 min): get acquainted with the bunch and to understand if what we’re offering is what you’re searching for * Hiring Manager Interview (60 min): this conversation with an Engineering Manager will cover product-focused culture and values, including collaboration, ownership, self-awareness, and quality standards. * Take-home assignment for you to showcase your ability to design and implement reliable infrastructure and platform solutions. We will send a task and give you a few days to work on it (the actual hands-on work should not take more than 3-4 hours). * Technical Interview (60 min): this interview in the form of a technical conversation will focus on discussing your assignment, approaches. * Final Round: Meet our VP of Engineering (45 min) to learn about ways of working, vision for bunch, and team culture. * Meet-and-Greet (Optional - 30 min) to meet a few members of your future cross-functional team. About bunch bunch is building the operating infrastructure for the next generation of private markets. We combine AI-powered automation with deep regulatory expertise to replace fragmented spreadsheets and manual processes with one integrated platform across the fund lifecycle, purpose-built for private markets heading toward $32 trillion in Assets Under Management. We've 4x our ARR in 2025, crossed 150 fund managers and 12,000 LPs on the platform, and just closed our $35M Series B in May 2026. We're looking for ambitious people who want real ownership of hard problems, and who care about building infrastructure that actually matters to the people using it. ____ At bunch, we're committed to an inclusive environment where diversity is valued and celebrated. We provide equal opportunities to all qualified applicants. We process personal data in line with applicable laws (including GDPR). See our Privacy Policy for details on your rights and how to reach us.