Who we are
Yoti is a global company whose aim is to be the world’s trusted identity system. We have seriously ambitious goals to become the world's most secure and data sensitive company. Our passionate team works to improve the way people share their personal information. Innovative products like the Yoti mobile app help people to prove who they are online and in person.
Yoti is changing the way people prove their identity. Our products are built from the ground up to respect customers' privacy and put you in control. We will never sell on customer data - we couldn’t even if we wanted to. Designing products that are simple to use and easy to understand in the world of privacy, security and personal data is a tough challenge.
We are creating a new concept. Something that has never been done before, Why not be part of something truly innovative and creative. Yoti is here to fight against fraud and build a secure identity system for individuals and businesses. We are a company who are pushing the boundaries of technology for a safer world.
More about this Team and Project
Reporting to the CISO, the Security Engineer will work closely with the product teams to ensure that code is developed, tested and deployed securely.
- Develop the Yoti Security Development LifeCycle
- Provide secure software design guidance that addresses both security and business needs
- Perform code review of security-relevant features
- Pen-test applications on pre-production and production environments
- Develop custom tools to enhance testing capabilities, and to augment the build pipelines
- Educate teams on relevant attacks, defences, mitigations, and tooling
- Liaise with product managers to understand the security relevance of the current development work
- Research emerging threats and keep abreast of security landscape
Knowledge, Skills, Qualifications and Experience:
- Proven security and architecture experience
- Pen-testing experience is desirable (nmap, Burp Suite etc)
- Understanding of application security vulnerabilities, their fixes and mitigations
- Strong programming & debugging skills
- Knowledge of mobile development (iOS or Android) is advantageous
- Good understanding of cryptography and network protocols (RSA, TLS, TCP)
- Reverse-engineering experience would be useful
- Suitable interpersonal skills
- Inquisitive nature
What’s in it for you?
- Private Medical Insurance
- Life Insurance
- Cycle to work
- 25 days holiday (plus bank holidays)
- Yoti Life (Internal communication platform and access to lots of discounts)
- 5 fully paid Selfie Days - for your own personal development; volunteering, charity events, etc
- Continuous learning opportunities (LinkedIn Learning, conferences, events, courses )
- Large chill out area - we call it The Park - Table-Tennis and a Foosball table
- Free fruit and snacks and a fridge fully stocked with soft drinks and beers
- Team Events
- Flexible working
This is a fantastic opportunity to get involved with a company doing crazy-complex projects, in a fun and exciting environment, where creativity is rewarded - this is part of the Yoti DNA. We like people who have a positive attitude, transparent and are open and honest about their thoughts. Committed, collaborative and champion all of our principles and what we stand for.
We believe in equal opportunities
It takes a diverse community of passionate, talented and committed people to build a simpler, more secure way of proving identity. We’re an equal opportunity employer, so we welcome applications from people of all backgrounds, with different outlooks and experiences.
If your application is successful please be aware that as part of our pre-employment checks:
- We will check your details against fraud prevention databases
- We will check identity; address match; PEPs and sanctions; bank validation, verification, fraud checks, negative data (CCJ, bankruptcy)
- If our investigations identify fraud or other criminal offences both when applying for a job and during your employment, we will record the details on the relevant fraud prevention databases. This information may be accessed from the UK and other countries and used by law enforcement agencies and other organisations to prevent fraud.
- Please contact [email protected] to get information on which fraud prevention databases we use.
If we consider that you might be suitable for other roles in the future, we will keep your details so we can contact you about these other roles. If you do not want us to keep your details for this purpose, please e-mail [email protected] or let us know at any stage of the recruitment process. For more information please read our applicant privacy notice.