At Finastra, we are a dynamic global provider of open finance software solutions, dedicated to expanding access to financial services. Our innovative applications span Lending, Payments, Treasury and Capital Markets, and Universal Banking. Proudly serving over 8,000 customers, including 45 of the world's top 50 banks, we aim to boost financial inclusion for all. Join us and be part of a vibrant company that embraces diverse perspectives, and is committed to doing well by doing good.
What will you contribute?
As an Expert Offensive Security Engineer within the Cyber Defense Team, you'll lead offensive security assessments that strengthen our defense capabilities. Working closely with the larger InfoSec team, detection engineers, and external engineering partners, you'll identify security weaknesses, validate detection mechanisms, and provide actionable recommendations to enhance our security posture. You'll collaborate with various architecture and engineering teams to continuously validate and improve our security controls and detection capabilities, with a strong focus on developing repeatable testing frameworks and metrics-driven security improvements.
Responsibilities & Deliverables:
You will be responsible for the following:
Lead offensive security assessments: conduct full-stack security assessments across our entire technology stack.
Drive detection engineering partnerships: collaborate with detection engineers through purple team exercises, attack simulations, and threat emulation to improve detection coverage.
Develop custom tools and frameworks: build and maintain security testing tools, frameworks, and automation scripts that enable repeatable testing and quantifiable security improvements.
Build security metrics: design and implement frameworks to measure security control effectiveness, detection coverage, and improvement over time through consistent testing methodologies.
Research and innovate: stay current with the latest attack techniques, tools, and methodologies while building out both offensive and defensive security improvements.
Mentor and collaborate: share knowledge across security teams and foster a culture of continuous security improvement.
Required Experience:
5+ years: professional experience in offensive security, with demonstrated experience in red team and purple team exercises, penetration testing, and detection engineering teamwork.
Development experience: proficiency in Python or other programming language for building security tooling and automation.
Security assessment expertise: performing full-stack security assessments of web and mobile applications, APIs, on-prem and cloud infrastructure, and backend systems..
Deep understanding: common attack techniques; exploit development; post-exploitation methodologies; security assessment frameworks (MITRE ATT&CK, PTES); and modern detection stack components (EDR, SIEM, XDR).
Knowledge: of networking, operating systems, security protocols, security concepts including reverse engineering, cloud security (AWS/Azure), container security, CI/CD pipeline security, API security, and security metrics development.
Certifications: such as OSCP, OSCE, GXPN, or equivalent practical experience.
Interpersonal skills: strong analytical and problem-solving abilities.
Excellent technical writing for detailed reports; ability to clearly communicate complex technical concepts; self-motivated with a passion for offensive security and detection engineering.
We are proud to offer a range of incentives to our employees worldwide. These benefits are available to everyone, regardless of grade, and reflect the values we uphold:
· Flexibility: Enjoy unlimited vacation, based on your location and business priorities. Hybrid working arrangements, and inclusive policies such as paid time off for voting, bereavement, and sick leave.
· Well-being: Access Confidential one-on-one therapy through our Employee Assistance Program, find support from our network of Wellbeing Champions and Gather Groups, and a calendar of monthly events and initiatives designed to help you thrive - Inside and Outside of work.
· Medical, life & disability insurance, retirement plan, lifestyle and other benefits*
· ESG: Benefit from paid time off for volunteering and donation matching.
· DEI: Participate in multiple DE&I groups for open involvement (e.g., Count Me In, Culture@Finastra, Proud@Finastra, Disabilities@Finastra, Women@Finastra).
· Career Development: Access online learning and accredited courses through our Skills & Career Navigator tool.
· Recognition: Be part of our global recognition program, Finastra Celebrates, and contribute to regular employee surveys to help shape Finastra and foster a culture where everyone is engaged and empowered to perform at their best.
*Specific benefits may vary by location.
At Finastra, each individual is unique, bringing their own ideas, thoughts, cultural beliefs, backgrounds, and experiences together. We learn from one another, embrace and celebrate our differences, and create an environment where everyone feels safe to be themselves.
Be unique, be exceptional, and help us make a difference at Finastra!
Top Skills
What We Do
At Finastra our purpose is to unlock the power of finance for everyone & redefine finance for good. We’re the orchestrator of open finance; building and delivering innovative, next-generation technology on our open Fusion software architecture and cloud ecosystem. We’re one of the world’s largest FinTechs, working with over 9,000 customers including 90 of the top 100 banks globally.
We’re creating a pioneering open platform that’s disrupting the financial industry, changing how financial software is developed and used. We believe in collaboration for innovation, to unlock the potential of people, businesses and communities. We have an unmatched portfolio of financial software and deliver mission critical solutions for financial institutions of all sizes, on premises or in the cloud. Our open architecture and platform approach embrace a wide ecosystem of partners and co innovators. Together we're leading the way in which applications are written, deployed and consumed in the world of financial services.
Our people mission is to be the most loved and inclusive fintech company in the world; a mission we take seriously. DE&I factors into everything we do and every decision we make as a business. When you join Finastra, you open up a world of possibilities. With us, you can supercharge financial institutions, big tech and fintech while also building a more inclusive finance industry.
We believe our people thrive when given the opportunity to be their authentic selves and we trust our people to work how, when and where they want; this is OPENworking. Our 2+ policy provides the perfect mix of focused work at home, coupled with the meaningful connection that comes from in person collaboration, coaching and community. We're rolling out a new programme where our people take as much leave as they need; we do not count vacation days and we trust our people to work in a way that suits them, when it suits them.
Come join the future of Fintech, and make your world. OPEN.
