Information Security Engineer @ Revolut
placeHybrid
attach_money £100,000
businessHybrid
scheduleFull Time
Posted 10 hours ago
Your Application Journey
Interview
Email Hiring Manager
***** @revolut.com
Recommended after applying
Job Details
About Revolut
People deserve more from their money. More visibility, control, and freedom. Since 2015, Revolut has been on a mission to deliver innovative financial products to over 65 million customers worldwide.
Recognized as a Great Place to Work™, Revolut employs over 10,000 people globally through both office and remote work, and is continually growing with a strong focus on brilliant talent and a vibrant culture.
About The Role
The Information Security Engineer at Revolut is tasked with ensuring that our software and systems are safe from threats. This role involves designing, testing, monitoring, and protecting our applications and infrastructure while integrating security throughout the software development lifecycle.
What You'll Be Doing
- Perform security assessments on product designs, mobile apps, web applications, and APIs.
- Participate in Red Team missions and threat-led testing scenarios.
- Conduct penetration testing across applications, infrastructure, and APIs using both manual and automated tools.
- Manage and evolve the private bug bounty programme and collaborate with researchers.
- Partner with engineering and DevOps teams to embed security and enforce best practices in cloud environments (GCP and AWS).
- Develop internal AppSec standards aligned with OWASP, NIST, and industry benchmarks.
- Continuously research emerging threats and new security technologies.
- Contribute to internal security training sessions and mentor junior team members.
What You'll Need
- 3+ years of experience in application security, penetration testing, or a related field.
- Solid understanding of web, mobile, and API vulnerabilities and remediation strategies.
- Experience with code and design reviews, and threat modelling.
- Familiarity with DevSecOps practices and integrating security tools in CI/CD pipelines.
- Working knowledge of authentication, session management, and cryptographic practices.
- Proficiency with security tools such as Burp Suite, MobSF, Frida, and custom scripts.
- Basic cloud security principles and experience in GCP or AWS environments.
- Excellent communication skills for effective collaboration with Engineering, Product, and DevOps teams.
- A proactive mindset with the ability to work independently in a fast-paced environment.
Nice to Have
- Experience in Red Team exercises, bug bounty programme management, or open-source security contributions.
Key skills/competency
- Application Security
- Penetration Testing
- Threat Modelling
- Cloud Security
- DevSecOps
- Bug Bounty
- OWASP
- Vulnerability Assessment
- Red Teaming
- Security Tools
How to Get Hired at Revolut
🎯 Tips for Getting Hired
- Customize Your Resume: Align your security experience with Revolut requirements.
- Highlight Relevant Skills: Emphasize AppSec, penetration testing, and cloud security expertise.
- Prepare for Technical Interviews: Review threat modelling and secure coding practices.
- Research Revolut: Familiarize yourself with their mission and recent news.
📝 Interview Preparation Advice
Technical Preparation
circle
Review penetration testing tools and techniques.
circle
Study cloud security configurations for GCP and AWS.
circle
Practice secure code review methodologies.
circle
Brush up on threat modelling exercises.
Behavioral Questions
circle
Describe conflict resolution in past projects.
circle
Explain teamwork experiences in challenging environments.
circle
Discuss handling pressure and meeting deadlines.
circle
Share examples of proactive problem-solving.
Frequently Asked Questions
What security certifications are valued for an Information Security Engineer at Revolut?
keyboard_arrow_down
How does Revolut integrate security into its software development lifecycle?
keyboard_arrow_down
What are the key technical tools for the AppSec role at Revolut?
keyboard_arrow_down
How important is prior experience with bug bounty programs for the Revolut AppSec role?
keyboard_arrow_down
What role does cloud security play for an Information Security Engineer at Revolut?
keyboard_arrow_down