About us
At Modulr, our vision is a world where all businesses are powered by embedded payments. Modulr enables businesses, from SMEs to Enterprise, initially across the UK and Europe to efficiently pay-in, collect and disburse funds instantly via a range of payment schemes, accounts, and card products.
We have created an industry-leading API platform with comprehensive online tools and access, to meet the demands of daily business payments. We have two routes to market. Our Core Business Payments product allows customers in any sector to connect to us and our expanding network of accounting and payroll platforms, including Sage, Xero, BrightPay and IRIS to automate payments. Our Vertical Solutions targets a growing range of industry verticals which directly connect their IT platforms to our APIs and webhooks. We solve complex payment problems for hundreds of clients in a range of industries, including Travel, Lending, Wage Advance, and Investment & Wealth.
We are deeply integrated into the payment eco-system. In the UK, we are direct participants of Faster Payments and Bacs. Modulr hold settlement accounts at the Bank of England. Our payment network connectivity includes CHAPS, Open Banking, SEPA, SWIFT and account issuance in multiple currencies. We are principal issuing members of Visa and Mastercard schemes across UK and Europe.
Our regulatory permissions and governance structure are the foundations of our business. We are regulated and supervised as an Authorised Electronic Money Institution (AEMI) in the UK by the Financial Conduct Authority and in the Netherlands by De Nederlandsche Bank.
Our founding team has a wealth of experience in the payments industry and growing successful businesses. Modulr is backed by the venture arms of payments giants PayPal and FIS, as well as growth investors Blenheim Chalcot, General Atlantic, Frog Capital and Highland Europe.
Modulr now has over 400 employees spread globally across offices in London, Edinburgh, Amsterdam, and Mumbai.
Modulr values
•Building the extraordinary; going that extra mile.
•Owning the opportunity; be passionate and proud of the time you invest.
•Move at pace; reach goals faster whilst supported on your career journey.
•Achieve it together, working collaboratively and being a Modulite.
The team
The Information Security team at Modulr is responsible for protecting the organisation’s systems, data and customers through a combination of technical controls, governance, assurance and incident response. The team works across cloud, network and corporate environments to ensure security is embedded into how technology is designed, built and operated.
This role reports to the Information Security Director and works closely with Platform Engineering, DevOps, Infrastructure and Product teams. Security operates as a business enabling function, providing practical guidance, deploying and managing controls, and supporting secure architectural decisions rather than acting as a separate silo.
You will collaborate regularly with engineering squads to integrate security into delivery pipelines, improve control effectiveness, and enhance detection and response capability. The team also partners with Risk, Compliance and Audit functions to ensure controls are measurable, defensible and aligned to regulatory expectations.
This role offers the opportunity to take ownership of key technical security controls and contribute directly to strengthening Modulr’s cloud and network security posture.
Summary
The Security Engineer plays a hands on role in implementing and managing security controls across cloud, network and infrastructure environments. The role supports continuous improvement of preventative and detective capabilities, ensuring controls are reliable, scalable and aligned to operational realities.
You will deploy, maintain and automate security controls where possible, working closely with DevOps and Platform teams to embed security into infrastructure and delivery workflows. The position requires practical technical depth, sound judgement, and the ability to balance risk reduction with engineering velocity and system usability.
Specific duties
•Own the design, implementation, and ongoing operation of information security controls across cloud, application, platform, and corporate environments.
•Treat security controls as internal platform capabilities, ensuring they are scalable, reliable, and easy for engineering teams to consume.
•Work closely with software engineering, platform, and data teams to embed security controls into systems, pipelines, and shared services.
•Design and promote secure by default patterns and guardrails to reduce risk without slowing delivery.
•Identify gaps, overlaps, and weaknesses in existing controls and lead engineering driven improvements.
•Actively participate in the security incident response process, supporting detection, investigation, containment, and remediation activities.
•Ensure security controls provide high quality detection, alerting, and forensic signals to support effective incident response.
•Use incident learnings to drive durable improvements in control design, coverage, and automation.
•Define and track meaningful technical measures of control effectiveness and detection quality.
•Apply automation, including AI and agent-based techniques where appropriate, to improve security engineering efficiency, detection, and response.
•Evaluate risks, failure modes, and abuse scenarios introduced by new security controls and automation before production use.
•Operate and integrate security tooling with logging, monitoring, and engineering platforms, prioritising signal quality and simplicity.
•Partner with governance and risk teams by providing technical input, evidence, and assurance, without owning policy or risk acceptance decisions.
•Contribute technical expertise to audits and regulatory engagements in a regulated fintech environment.
About you
•You are an experienced information security engineer with minimum 5 years strong hands-on experience designing, building, and operating security controls in modern cloud native environments including CNAPP and ZTNA services.
•You have owned security controls end to end, from design and implementation through to production operation and continuous improvement.
•You have worked closely with software engineering and platform teams and can influence technical decisions through credibility and pragmatism.
•You think in systems, favouring secure by default patterns and scalable solutions over bespoke or ticket driven security work.
•You have practical experience contributing to security incident response and understand how protection, detection, and response capabilities are engineered.
•You are comfortable making and defending technical trade-offs where security, reliability, and delivery pressures intersect.
•You are pragmatic, risk focused, and outcome driven.
•You can communicate complex security concepts clearly to both technical and non-technical audiences.
•You are comfortable operating in regulated environments and understand the importance of evidence, consistency, and operational discipline.
Nice to haves
•Experience in fintech or financial services environments.
•A background in software or platform engineering prior to specialising in security.
•Experience building or contributing to internal security platforms or shared services.
•Practical exposure to AI, ML, or agent-based techniques applied to security or adjacent engineering problems.
•Experience improving detection engineering, alert quality, or security automation at scale.
•Familiarity with audit or regulatory engagement from a technical contributor perspective.
ModInclusion
At Modulr, we are working hard to build a more positive diverse and inclusive culture that helps everyone to feel they belong and can truly bring their whole self to work. Not only is it the right thing to do for everyone in the Modulr team, it’s also the right thing to do for our business, the community we operate in and attracting future talent. As part of our approach, we actively welcome applications from candidates with diverse backgrounds.