Job Description: Offensive Security Lead

Company Overview

Monzo is on a mission to make money work for everyone, moving away from the complicated and confusing ways of traditional banking. Starting as a prepaid card, our product offering has significantly expanded over the last 10 years in the UK. We now offer personal and business bank accounts, joint accounts, accounts for 16-17 year olds, a free kids account, and credit cards. Customers can also save, invest, and combine their pensions with us. Known for our hot coral cards, get-paid-early feature, financial education on social media, and award-winning customer service, we aim to solve problems and change lives through Monzo.

Position Overview

Monzo is seeking an Offensive Security Lead to join our Security Collective. As a key member of the team, you will be responsible for enhancing Monzo's security posture and ensuring a safer environment for our customers and employees. The Offensive Security team acts as the "breakers, not makers," focusing on identifying vulnerabilities, proving exploitability, and collaborating with other teams to implement fixes, providing expert advice for mitigation. We are committed to fostering diversity within our team, believing that varied perspectives strengthen us.

Location & Compensation

• Location: UK Remote (with ad hoc meetings in London)
• Salary: £88,200 - £110,000 per annum
• Additional: Share options & Benefits

Responsibilities

• Lead and scale the dynamic Offensive Security team.
• Own and continually improve the team's processes and methodologies.
• Serve as the primary point of contact for other teams, fostering collaboration and knowledge sharing in offensive security.
• Engage in strategic planning for the team's long-term direction.
• Review bug bounty reports, make authoritative decisions, and scale the program.
• Perform hands-on security testing across various areas, including web applications and red teaming.
• Mentor junior team members, guiding their development and ensuring team success.

Requirements

• Significant experience in security testing.
• Proven track record of managing and growing high-performing teams.
• Practiced competence with red teaming methodologies and experience using the MITRE ATT&CK framework for adversary simulations.
• Skilled in Objective-C, Go, Bash, Python, or JXA.
• Knowledge of macOS C2 frameworks and hacking techniques.
• Creative problem-solver with an inquisitive and curious nature.
• Passionate about security testing and capable of thinking like an attacker.

Note: Monzo encourages applications even if you don't meet every single requirement. We are dedicated to creating a diverse and welcoming team and value passion, learning, and growth.

What's In It For You

• Compensation: £88,200 - £110,000 + share options.
• Flexibility: Flexible working hours and distributed working within the UK.
• Learning: £1,000 learning budget annually for books, training courses, and conferences.
• Home Office Setup: Macbooks provided, with extra support for remote workers' home office setup.
• Benefits: A comprehensive list of additional benefits is available.

Application Journey

The application journey details are available.