Senior Offensive Security Engineer

🚀 We’re on a mission to make money work for everyone.

We’re waving goodbye to the complicated and confusing ways of traditional banking.

After starting as a prepaid card, our product offering has grown a lot in the last 10 years in the UK. As well as personal and business bank accounts, we offer joint accounts, accounts for 16-17 year olds, a free kids account and credit cards in the UK, with more exciting things to come beyond. Our UK customers can also save, invest and combine their pensions with us.

With our hot coral cards and get-paid-early feature, combined with financial education on social media and our award winning customer service, we have a long history of creating magical moments for our customers!

We’re not about selling products - we want to solve problems and change lives through Monzo ❤️

📍 London/Cardiff/UK Remote | 💰£76,500 - £90,000 + Incentive awards tied to your performance + Benefits ✨

Our Offensive Security team⭐

You'll be joining Monzo’s Offensive Security team, part of our wider Security collective. We're a team of curious, hands on security professionals who think like attackers to help keep Monzo and our customers safe. We work across everything from customer facing products and mobile apps to cloud infrastructure, internal systems, and emerging technologies like AI.

Our role is to find weaknesses before others do. Through security testing, red and purple teaming, and adversarial research, we uncover vulnerabilities, demonstrate real-world impact, and help teams build more secure systems. We work closely with engineers and security partners across Monzo, bringing an attacker mindset into the room and helping shape security decisions through collaboration, curiosity, and practical expertise.

🔑 You’ll play a key role by...

Leading offensive security projects from initial idea through to execution and reporting

Simulating real world attacks to uncover vulnerabilities across our systems, infrastructure, and products

Partnering with engineering and security teams to improve detection, response, and resilience

Bringing an attacker mindset into conversations - asking “what if?” and challenging assumptions

Producing proof-of-concept exploits to clearly demonstrate risk and drive meaningful fixes

Mentoring others in the team and acting as a highly independent technical lead on complex engagements

🤩 We’d love to hear from you if…

You have a strong attacker mindset and are naturally curious about how systems can be broken

You’ve got hands on experience in offensive security across areas like web, mobile, cloud, or infrastructure

You’re comfortable working across modern tech stacks (e.g. Kubernetes, AWS/GCP, microservices) or excited to learn

You can take ownership of ambiguous problems and drive them through to impactful outcomes

You enjoy collaborating with others and influencing teams to think more securely

You’re experienced in security testing and/or have relevant certifications (e.g. OSCP, CREST)

Not ticking every box? That’s totally okay! Studies show that women and people of colour might hesitate to apply unless they meet every single requirement. At Monzo, we’re dedicated to creating a diverse and welcoming team. If you’re passionate about this role and keen to learn and grow with us, we encourage you to apply— even if you don’t have everything that's listed just yet. Drop us your application, we’d love to hear from you!

🙌 What’s in it for you💰 £76,500 - £90,000➕Incentive awards tied to your performance📍This role can be based in our London office, but we're open to distributed working within the UK (with ad hoc meetings in London)⏰ We offer flexible working hours and trust you to work enough hours to do your job well, and at times that suit you and your team.📚 £1,000 learning budget each year to use on books, training courses and conferences.🏡 We will set you up to work from home; all employees are given Macbooks and for fully remote workers we will provide extra suppo