Senior Security Engineer

Job not on LinkedIn

October 15

Apply Now

Receive Emails with Similar Jobs

Element

WebsiteLinkedInAll Job Openings

Telecommunications • Security

Element is a company that provides a secure and sovereign communications platform. It is built by the creators of Matrix, the decentralized open standard for real time communication. Element offers products like the Element App and Element Server Suite, and provides hosting solutions that are open source and flexible to enable data sovereignty. Element aims to protect and strengthen business critical communications, offering trusted communication in real-time across organizations. It supports both self-hosted and fully managed deployments, allowing customization of network configurations and permissions. With over 125 million users worldwide, Element is trusted by secure organizations for communication.

51 - 200 employees

Founded 2016

📡 Telecommunications

🔐 Security

📋 Description

• Contribute to the continuous penetration testing programme for Element and Matrix.org infrastructure. • Own vulnerability management: triage, prioritisation, and remediation guidance. • Embed security into CI/CD and infrastructure-as-code workflows. • Partner with engineering teams to raise security awareness and embed best practices. • Conduct security research to identify novel vulnerabilities in infrastructure and code. • Triage external vulnerability reports and coordinate responses/advisories. • Deliver customer-facing security features (e.g. SBOMs, advisories). • Review and support secure development in Python, Rust, TypeScript and Go. • Support Compliance by implementing and evidencing security controls. • Contribute to protocol analysis and development with Matrix.org Foundation staff.

🎯 Requirements

• Strong grasp of core security principles and common vulnerability classes (across infrastructure, cloud and applications). • Strong knowledge of network and cloud security, particularly AWS. • Demonstrable offensive security experience (pentest, bug bounty, or research). Tooling fluency in common pentesting tools (nmap, nuclei, mitmproxy, Burp, ffuf, etc); bonus points for the ability to script your own. • Proficiency in at least one of Python, Rust, TypeScript, or Go. • Experience working with software teams to help them embed security practices into their workflows. • Comfortable working in a remote-first organisation. • Based in Europe (including UK).

🏖️ Benefits

• Meaningful, mission-driven work in open source • 40 days of annual leave (incl. local public holidays) • Private healthcare (depending on location) • Share options • Flexible hours and remote-first culture • Family-friendly environment • Annual bonus subject to individual and company performance