This website uses cookies | More info

Get discovered

Mambu's story
Open positions
Recruitment
Are you up for a challenge?

We are hiring

Job description

Mambu is the leading SaaS core banking engine. If you’re a customer of the largest digital bank in the EU, then you’ve probably interacted with our platform and didn't even know it. We are at the heart of what makes digital banks and lenders work - the system that processes banking transactions and updates accounts and other financial records from deposits to loans and credit balances. But we are different. We are not just cloud-native, lean and flexible - we are helping to revolutionise financial services globally. We are in a growth phase and we’ve only just begun.

To help us on our mission, we bring together people with the best skills and attitude. It doesn’t matter where you are from, what matters is the impact you have and your passion to make a difference.

To continue our success story we are looking for a Banking Tribe Security Lead who will establish a security first mindset in the Banking Tribe. You will facilitate processes definition, tools adoption & usage, practices definition, and knowledge transfer, which ensure that engineers can autonomously produce and maintain secure applications.

Your Day-to-Day Activities:

  • Banking Tribe security staff is effective in enabling application engineers and managers to produce and maintain secure applications
  • - Health metrics for application security are defined and reviewed
    - Security objectives and key results for Banking Tribe are defined and tracked
    - Roadmap of projects is defined to achieve objectives
    - Projects are planned and managedIntroduction of new tooling, processes, security requirements
    - Processes are defined, established and continuously improved
    - Vulnerability reports from security verification tools, penetration tests, internal staff and external researchers are validated and triaged, solutions proposed
    - Training of developers on secure coding practices
    - Risk assessments in the application design phase
    - Support design phase with explaining security requirements
    - Support readiness assessment for security requirements
    - Penetration testing of application securityWay of working is defined, established and continuously improved
    - Tool chain is evaluated, and defined
    - Design security training programs for Banking Engine engineers
    - Design training programs for Banking Engine security staff 
    - Drive communities, run informing campaigns, posters, meetups, etc. to motivate and evangelize a security first mindset

  • Understanding of customer requirements regarding application security
  • - Explanation of application security controls in customer conversations
    - Understanding of customer needs regarding application security and identification of solutions to address gaps

  • Verifiable application security
  • - Documented application security controls
    - Presentation of effectiveness of application security controls in audits
    - Strategy for verification and assurance of application security is defined and overseen
    - Penetration tests
    - Bug bounty program

  • Banking Tribe security staff is productive
  • - People management of Banking Tribe security staff
    - On boarding process and practices definition Performance reviews
    - Business goal setting
    - Career planning and learning goal setting
    - Vacation and on-call shift planningImpediments for Banking Tribe security staff are removed
    - Lead daily standup meetings1:1s with Banking Tribe security staffLead retrospectives
    - Mentor for Banking Tribe security staffOn-boarding
    - Review of work
    - Promoter of an inclusive culture, engineering and security are coming homogeneous organism 

    Who you are:

  • Security practitioner: Knowledge of information security principles (ie. Confidentiality, Integrity, Availability) and their application in SaaS solutions (ie. cloud computing, web applications, networking). Knowledge of secure coding practices. Experience in conducting information security risk assessments for distributed, complex systems. Experience working in research and development environment.
  • Lean & Agile Engineering Mindset: Automation comes first. Constantly working on increasing security and adjusting practice and processes to support continuous flow and business delivery.
  • Engineer by heart: Solid hands on background in software engineering.
  • Learner vs. Knower attitude: Curiosity and desire to find the truth comes first in every interaction. Not afraid to make mistakes and not to be always right. Asks more questions than provides statements.
  • Hacker attitude: Driven by taking things apart. 
  • People Growth Oriented: People management skills, able to understand people's ambitions and align them to organization needs and offer constant guidance and feedback for achieving them.
  • Servant Leader: Leadership skills, in regards to establishing trust, transparency and achieving goals. Able to connect both external and internal inputs and provide clarity and adjustments in defining the way of working.
  • Proactive Attitude: Suggests and implements changes based on “connecting the dots” on things that come up repeatedly. Find creative elegant solutions for issues in close collaboration with the teams without introducing security as a blocker.
  • Calm under pressure: The ability to thrive in fast-paced environments. Maintains stable performance and can-do attitude when under pressure or stress. Prepares team with “fire drill exercises” to do the right thing when there is “fire”.
  • Honesty & integrity: Does not cut corners with regards to ethics. Earns trust and maintains confidence. Does what is right. Speak plainly and truthfully.
  • Compensation and benefits:

  • Competitive salary;
  • Flexible working hours;
  • Summer schedule (4-days/week);
  • Health insurance;
  • Global business travel insurance;
  • Free parking space at the office;
  • Professional career growth by providing access to trainings and conferences.
  • Why Mambu?

  • Mambu has over 250+ live deployments, helping to revolutionise financial services in more than 46 countries globally, and we're just getting started;
  • We understand nothing ensures our customers' success more than a happy team, so Mambu is built on a culture of trust and a sense of ownership in everything we do;
  • Mambu proactively takes the initiative to improve the industry for the better;
  • Mambu is using top tool for development activities;
  • Because you want more, you want to know how your lines of code impact the world.
  • Why Mambu?

    About us

    Mambuvians come from over 30 countries across six continents. Over the years we have become increasingly diverse in perspectives and ideas. To us, diversity is a company-wide value, and a strategy to boost productivity and to leave a positive, global impact on our industry. From Europe to Asia, and the Americas - Mambuvians are experts at collaborating globally.

    We are a no nonsense company that loves a good challenge and is fostering a culture of a great work-life balance. Our perks range from a 4-day-working-week in summer, to extraordinary team getaways.

    Building on collaboration and trust, we created a true ownership culture, which is integral to our success. We help and empower each other to make decisions that can have a lasting impact on our business, and influence thousands of customers and millions of their end users world-wide. Are you up for it?

    line
    Why us?