Senior Security Engineer (RegTech)

TL;DR

Senior Security Engineer (Cybersecurity/RegTech): Designing and building security controls and automation for a global regulatory intelligence SaaS platform with an accent on cloud security and embedding security into delivery workflows. Focus on building reusable security patterns, automating compliance evidence collection, and raising security maturity across engineering teams.

Location: Hybrid in London

Company

hirify.global is a global RegTech business providing AI-powered SaaS solutions for regulatory intelligence in the financial services industry.

What you will do

• Design, implement, and operate security controls across application, infrastructure, and cloud (Azure) environments.
• Embed security into CI/CD pipelines, code reviews, and system designs through collaboration with engineering teams.
• Build automated security patterns, guardrails, and integrations to scale security and reduce manual effort.
• Develop systems for continuous visibility and evidence collection to support ISO 27001 and SOC 2 compliance.
• Conduct threat modelling, security design reviews, and vulnerability management triage.
• Lead security incident investigations, root cause analysis, and remediation efforts.

Requirements

• Expertise in application, cloud (preferably Azure), and infrastructure security.
• Hands-on experience with CI/CD, containerized workloads, and IaC.
• Proficiency with security tooling including SAST, SCA, DAST, and SIEM.
• Ability to build automation via scripting and API integrations.
• Experience with threat modelling and identity management (RBAC, SSO/MFA).
• Must be based in or able to work hybridly from London.

Nice to have

• Experience in regulated financial services or RegTech environments.
• Knowledge of DORA, NIS2, or UK Cyber Security and Resilience Bill.
• Experience with compliance automation platforms (e.g., Vanta) or asset discovery tools (e.g., Axonius).
• Exposure to AI/ML security and responsible AI governance.

Culture & Benefits

• Opportunity to shape a security function from the ground up in a PE-backed growth company.
• High visibility with a direct reporting line to the Head of Information Security.
• Environment solving complex problems like cloud migration and multi-region operations.
• Investment in professional growth through training, certifications, and conference attendance.