Senior Cyber Security Engineer (Hybrid)

Who Are We? Thndr was founded with the dream to democratize access to investing through smart tech and human design, which is just a fancy way of saying giving anyone with a smartphone easy access to preserve and grow their wealth. At the same time, we’re promoting local investment products to propel the economies that we serve

History has shown that investing is the single greatest way to build long term wealth - but before Thndr, only a very small percentage of people had access to investing due to:

• High barriers to entry - In the form of minimum account balances, brick and mortar onboarding and low financial literacy.
• Irrelevant experience - Catered towards traders and financial experts, therefore alienating the majority of the population.
• Fragmented offering - Investment products are not gathered in a single outlet.

On our short journey we’ve validated that there is a need for our solution, as illustrated by these key figures:

• 3 million app downloads
• $8.8bn in annualized traded value
• #1 platform in terms of traded value
• 84% of our users are investing for the first time
• 65% of our users come from outside of capital cities and have previously had limited access to financial institutions

We’re proud of how far we’ve come and the size of our impact in just a few years - but we’re just getting started and are excited for what’s to come.

It’ll take a lot of passion, bold risks, and hard work to fulfill our mission of democratizing investing in MENA and giving everyone an equal opportunity to generate and grow their wealth.What You'll Do

• Work closely with the product and engineering teams to review new features and suggest new features that improve security.
• Drive S-SDLC in our cycles and review security acceptance criteria and threat modeling.
• Guide and train the team to cover security checks and security best practices.
• Perform pre-deployment and post-deployment security penetration tests.
• Plan and execute regular web, mobile, and cloud security assessments and pen tests.
• Work closely with the Infrastructure teams to identify security issues through red teaming activities.
• Define, implement, and monitor infrastructure security measures.
• Contribute to the security roadmap & backlog.
• Assess security tools and integrate tools as needed.
• Incident response and research.
• Follow new security news, trends tools, and incidents and drive needed changes.
• Support in managing our Bug-bounty program and security channels.
• Conduct vulnerability research against company assets.
• Work on understanding and improving our security logging and monitoring solutions.
• Coordinate company-wide response to security incidents till remediation.
• Vulnerability management for production/staging environments
• Product and infrastructure security.
• Actively mentor members of the security team.

What You'll Need

• Bachelor's degree in Computer Science, Software Engineering, or a related field (or equivalent work experience).
• Minimum 5 years of experience performing Application and/or infrastructure penetration testing experience above and beyond running automated tools.
• Highly experienced in performing security code reviews; Python experience is a plus.
• Solid understanding of cloud platforms (AWS, Azure, or GCP) and containerization technologies (Docker, Kubernetes), serverless / lambda as a plus.
• Solid understanding of software development principles, software testing methodologies, and version control systems (e.g., Git).
• Hands-on experience implementing security policies in various environments (servers, storage, networks, security, virtualization, systems monitoring, and management).
• Strong communication skills and the ability to effectively articulate technical concepts to technical and non-technical stakeholders.

At Thndr, we’re looking for people invigorated by our mission, not just those who simply check off all the boxes. We’re looking for people that are hungry to become agents of change and that understand the huge responsibility associated with dealing with people’s money.