Staff Security Engineer EU UK

We are seeking a UK-based Staff Security Engineer to serve as a technical leader within our Security Operations and Response Team.

As a senior technical responder you will lead our incident response program proactively monitor Marqetas environment for cyber threats and serve as incident commander during security events of all severity levels. You will establish response methodologies aligned with the NIST Incident Response Lifecycle maintain the cybersecurity incident response plan and drive continuous improvement of our security operations.

This position requires extensive expertise in incident response digital forensics threat hunting and security monitoring technologies. You will provide technical leadership across the organization mentor team members and participate in 24x7 on-call rotations.

The role reports to the Manager of Security Operations and Response.

This role can be performed remotely anywhere in the UK or from our London UK office. Wed love for you to join us!

The Impact Youll Have

• Proactively monitor Marqetas environment for cyber threat activity and manage day-to-day security alerts through timely analysis triage and appropriate response actions
• Serve as the incident commander during security events of all severity levels directing investigation strategies and coordinating cross-functional response efforts
• Deliver NIST Incident Response Lifecycle aligned services to prepare for detect contain eradicate recover and learn from cybersecurity incidents
• Work with the CISO to maintain the Cybersecurity Incident Response Plan (CIRP) ensuring alignment with government and law enforcement reporting requirements
• Document and maintain Security Operations processes procedures playbooks and runbooks to ensure consistent and effective response operations
• Participate in 24x7x365 on-call rotations providing expert-level guidance during security incidents and conducting thorough post-incident reviews
• Proactively research threat intelligence sources to develop and lead hypothesis-driven threat hunting initiatives to uncover threats in corporate and production environments
• Work closely with Security Engineering to tune security solutions enhance detection capabilities and leverage business knowledge to improve security monitoring
• Design develop and maintain detection logic using a detections-as-code approach collaborating with Security Solution Engineering to deploy detections through CI/CD pipelines into our SIEM and EDR platforms
• Maintain and expand detection coverage mapped to MITRE ATT&CK framework identifying gaps in visibility and prioritizing detection development based on threat intelligence and business risk
• Serve as liaison with HR law enforcement response retainers and cyber insurers as required including coordination on cyber-crime financial fraud use cases
• Mentor security team members in incident response methodologies while collaborating with senior leadership to communicate security risks and strategic recommendations
• Partner with Fraud Compliance and Risk teams on security events involving payment systems cardholder data or regulatory reporting obligations under PCI DSS and related frameworks

Who You Are

• 8 years of hands-on experience in security operations with deep expertise in incident response digital forensics and threat hunting
• Demonstrated experience serving as an incident commander managing response workflows and making decisions under pressure for security events of varying severity
• Advanced knowledge of the NIST Incident Response Lifecycle and experience developing effective incident response documentation and procedures
• Expert-level proficiency with security monitoring and forensic tools including EDR SIEM and SOAR systems
• Experience developing and maintaining detections-as-code including familiarity with version control CI/CD pipelines and detection testing frameworks
• Working knowledge of MITRE ATT&CK and experience using it to assess detection coverage map threat actor TTPs and prioritize detection engineering efforts
• Experience conducting post-incident reviews and implementing security improvements based on lessons learned
• Strong understanding of threat actor TTPs and ability to apply threat intelligence to enhance detection and response capabilities
• Experience tuning security solutions and developing automation workflows to improve monitoring effectiveness and response efficiency
• Advanced knowledge of AWS cloud services and securing cloud environments
• Ability to effectively communicate with technical and executive stakeholders during security incidents and investigations
• Experience in payment processing fintech or other highly regulated environments; familiarity with PCI DSS incident handling requirements a plus
• Proven ability to work independently while demonstrating sound judgment about when to engage team members or escalate issues
• Strong mentorship abilities with a track record of developing junior security professionals in incident response techniques

Manager:

• Derek Samford

Recruiter:

• Louise Devlin

Typical Process

• Application submission
• Recruiter phone or video call
• Hiring manager video call
• Virtual Onsite consisting of 4-5 45 min interviews
• Offer!

Compensation & Benefits

• Premium Private Medical and Dental coverage
• Generous time off program with additional Floating Holiday days
• Retirement savings program with company contribution
• Equity in a publicly-traded company and an Employee Stock Purchase Program
• Monthly stipend to support our remote work model
• Annual development stipend to support our peoples growth and development
• Family-forming benefits and up to 20 weeks of Parental Leave
• Wellbeing programs i.e. Modern Health HealthKick and much more

About Marqeta

Marqeta is on a mission to change the way money moves. Were one of the earliest enablers of embedded finance a market opportunity sized up in the trillions. Our card issuing platform provides unprecedented flexibility and control for companies to issue cards authorize transactions and manage payment operations in real time. Marqeta is powering the most well known brands in the new economy (Block Cash App Affirm Instacart Doordash Uber Walmart etc). You dont need to be a Payments expert to join the Marqeta Team let us help you with that. This is the opportunity of a lifetime to work with innovators around the world and unlock equitable financial access for all.

Marqetas Values

Solve for the Customer: With a deep understanding of our customers business and empathy for their needs we deliver products and services that drive their success. Earning and keeping their trust guides everything we do.

Do Whats Right: Knowing businesses and livelihoods depend on us we pursue solutions that disrupt responsibly and deliver high-quality results that our customers count on. We own our work from start to finish.

Simplify and Innovate: We approach challenges with curiosity and take smart risks. Innovation comes from finding better simpler ways to achieve extraordinary outcomes.

Win as a Team: We succeed together by embracing diverse perspectives and pushing each other to raise the bar. We lead with humility and set aside hierarchy to work as a team.

Make it Count: We drive forward with focus and agility. With a sense of urgency and purpose we get the job done and done right.

Equal Employment Opportunity Accommodations and Privacy

Marqeta is an equal opportunity employer committed to an inclusive workplace that fosters belonging. We do not discriminate based on race color religion sex (including pregnancy lactation childbirth or related medical conditions) veteran status or uniformed service member status age national origin or ancestry citizenship or immigration status physical or mental disability gender identity gender expression sexual orientation genetic information (including testing or characteristics) or any other characteristic protected by applicable law. We also consider qualified applicants with criminal histories consistent with legal requirements.

Marqeta endeavors to make reasonable accommodations for applicants with disabilities. If you are an individual with a disability and require a reasonable accommodation to submit this application complete any pre-employment testing or otherwise participate in the employee selection process please submit this form with your specific accommodation request.

Personal data that is provided as part of the application and recruitment process is processed in accordance with theApplicant Privacy Notice. Additional information for California residents can be found here.