Information Security Engineer

Fidel API is a global financial infrastructure platform that enables developers to build programmable experiences connected with real-time payment events from a user’s card. Startups through global enterprises are leveraging Fidel API’s tools to power a range of solutions including digital receipts, customer attribution, loyalty and rewards, expense management and personal financial management.

Launched in 2018, Fidel API is headquartered in London, with offices in Lisbon, New York, and remote employees globally. Fidel API is backed by investors including Bain Capital Ventures, Nyca Partners, QED Investors, Citi Ventures, RBC Capital and Commerce Ventures.

We're in an incredibly exciting period of growth as we continue to scale internationally and are looking for an experienced Information Security Engineer who wants to be part of this journey.

What you'll do...

• Ensure the security of Fidel API’s services, networks, and data in compliance with security standards (such as PCI DSS)
• Work alongside cross-functional teams, including software development, infrastructure, and compliance teams, and guarantee best security practices are part of our processes and systems.
• Be responsible for implementing and maintaining secure software development practices into our Software Development Life Cycle (SDLC).
• Perform vulnerability assessments on Fidel API services and networks to identify potential weaknesses.
• Liaise with engineering teams to remediate identified security issues.
• Manage and maintain Identity and Access Management (IAM) systems, ensuring appropriate access controls and permissions.
• Conduct security audits and assessments to evaluate compliance with internal policies and industry standards.
• Drive security awareness and training initiatives to promote a culture of security.
• Own the development, implementation, and maintenance of security policies, procedures, and guidelines.
• Stay up-to-date with the latest security trends, threats, technologies and standards
• Uphold a security-conscious culture within Fidel API

Ideally, we would like to see some of the following skills…

• Strong knowledge of PCI DSS standards and activities related to PCI DSS regular audits
• Good understanding of information security principles, practices, and technologies
• In-depth knowledge of application security practices including but not limited to SCA, SAST and DAST
• Familiarity with IAM solutions, SSO, and MFA implementation
• Experience in performing penetration testing and vulnerability assessments is preferred
• Ability to automate processes by means of any scripting language (e.g. Python, Bash)
• Familiarity with AWS environments and its security-related tools and services
• Strong problem-solving and analytical abilities

Nice to have

• Bachelor's degree in Computer Science, Computer Engineering, Information Security or similar
• Proven experience (3-5 years) in information security, preferably in a PCI DSS-compliant environment
• Any related information security certifications (e.g CEH, OSCP, CISSP)
• Ability to thrive and excel in a fast-paced and dynamic work environment
• Proficiency in remote work and the ability to effectively collaborate asynchronously

LOCATION

Lisbon or fully remote

OUR VALUES

At Fidel API, we live by our values and what we stand for, and that feeds into every decision we make. Fidel comes from the Latin word ‘Fidelis’ which means reliability, trust, truth and dependability. We honor those values — and our commitment to them — by naming ourselves after the ancient root word itself.

Across our company, we speak 27 languages and represent 25+ different nationalities. It’s our diversity of background, thinking, talents and skills that allows us to build truly global products for the developers who are driving payments innovation forward.

BENEFITS

We're committed to making Fidel API a fantastic place to work and we go to great lengths to give you what you need to succeed. You’ll receive:

• Macbook that you can take home
• Flexible working - opportunity to work from home when you need to
• Health Insurance
• Unlimited holidays (you manage your time)
• A fully stocked kitchen with unlimited snacks & refreshments (in office)
• Friday team lunch & drinks (in office)

At Fidel API, we don’t just accept difference - we celebrate it, we support it, and we thrive on it. We’re proud to be an equal opportunity employer and we value diversity. We do not discriminate on the basis of educational attainment, race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status or disability status - simply, we consider all qualified applicants, consistent with any legal requirements. If you have a disability or special need that requires accommodation, please let us know.

To learn more about us and what life is like at Fidel API, visit our blog or follow us on Twitter(@fidelhq) or Instagram(@fidel_api).

If you think you’d be a great fit, apply today!

To all recruitment agencies: Fidel API does not accept agency resumes. Please do not forward resumes to our jobs alias, Fidel API employees or any other company location. Fidel API is not responsible for any fees related to unsolicited resumes.