Senior Security Engineer

Who We Are

At BKN301, we build fintech solutions that enable banks, fintechs, and merchants to grow and innovate across emerging markets.

We’re a London-based financial technology group, with offices in Milan (Italy), Doha (Qatar), and and San Marino, and an international footprint that’s rapidly expanding.

We move fast, think globally, and act as one team — transforming ideas into real, scalable fintech solutions every day.

Why Join Us

Joining BKN301 means becoming part of a fast-growing international fintech, where technology and people evolve together.

Here, every idea counts: you’ll have a tangible impact on strategic projects, learn continuously, and help build something meaningful from the ground up.

You’ll join a company that values each person’s contribution, gives space to experiment, and promotes an open approach to innovation — because our success comes from the people who make it possible.

Your Role

As a Senior Security Engineer, you will design and implement secure, scalable Identity and Access Management (IAM) solutions for internal systems and for our clients who integrate with our BaaS platform. Your work will support mission-critical services in core banking, issuing, and acquiring while ensuring compliance with financial regulations like PSD2 and PCI/DSS.

A few examples of your responsibilities

• Identity and Access Management (IAM): Develop and manage IAM solutions to secure access to internal systems, as well as client and provider integrations with our BaaS platform. • Authentication Systems: Design and implement secure authentication mechanisms, including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and passwordless login, tailored for internal and external users. • Regulatory Compliance: Ensure IAM processes comply with financial regulations, including PSD2, SOC 2, PCI/DSS, and other relevant standards, enabling secure customer authentication and data privacy. • Authorization Frameworks: Build and support robust role-based access control (RBAC) and attribute-based access control (ABAC) models to manage permissions for clients, providers, and internal users. • Identity Federation: Deploy identity federation protocols such as SAML, OAuth2.0, and OpenID Connect to enable secure integration with third-party applications and services used by clients and providers. • Custom IAM Solutions: Collaborate with product and engineering teams to design and implement customized IAM solutions for clients and providers, ensuring seamless integration with their financial workflows. • Java Integration: Leverage Java expertise to integrate IAM solutions into our core systems, APIs, and microservices, supporting secure operations across our BaaS platform. • Incident Response: Investigate and resolve security incidents related to identity or access breaches affecting internal systems, clients, or providers. • Monitoring and Reporting: Implement and maintain monitoring solutions to detect anomalous behaviors and generate comprehensive reports on identity activities. • Collaboration: Work closely with engineering, DevOps, and compliance teams to embed IAM best practices across our products and services.

What We’re Looking For

Essential Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience). • 5+ years of experience in cybersecurity roles, with a focus on identity management. • Hands-on experience with IAM technologies (e.g., Transmit, Okta, Azure AD, Ping Identity, ForgeRock) in multi-tenant SaaS environments. • Strong knowledge of financial regulations like PSD2, especially its requirements for Strong Customer Authentication (SCA), and PCI/DSS. • Proficiency in Java, with experience integrating IAM capabilities into Java-based systems and APIs. • Deep understanding of identity federation protocols (SAML, OAuth2.0, OpenID Connect). • Experience with directory services like Active Directory, Azure AD, and LDAP. • Familiarity with cloud security solutions in AWS, Azure, or GCP, particularly IAM services. • Strong scripting skills (e.g., Python, PowerShell) for automation.

Nice to Have

• Security certifications such as CISSP, CCSP, or certifications specific to identity management (e.g., Okta Certified Professional, Azure Security Engineer Associate). • Experience working in regulated industries, especially fintech or banking. • Familiarity with Zero Trust Architecture principles. • Experience implementing IAM solutions in multi-tenant, API-first platforms like BaaS. • Experience in the .NET stack.

Soft Skills That Make a Difference

• Strategic thinking with a