Senior Security Engineer

Who We Are

At BKN301, we build fintech solutions that enable banks, fintechs, and merchants to grow and innovate across emerging markets.

We’re a London-based financial technology group, with offices in Milan (Italy), Doha (Qatar), and and San Marino, and an international footprint that’s rapidly expanding.

We move fast, think globally, and act as one team — transforming ideas into real, scalable fintech solutions every day.

Why Join Us

Joining BKN301 means becoming part of a fast-growing international fintech, where technology and people evolve together.

Here, every idea counts: you’ll have a tangible impact on strategic projects, learn continuously, and help build something meaningful from the ground up.

You’ll join a company that values each person’s contribution, gives space to experiment, and promotes an open approach to innovation — because our success comes from the people who make it possible.

Your Role

As a Senior Security Engineer, you will design and implement secure, scalable Identity and Access Management (IAM) solutions for internal systems and for our clients who integrate with our BaaS platform. Your work will support mission-critical services in core banking, issuing, and acquiring while ensuring compliance with financial regulations like PSD2 and PCI/DSS.

A few examples of your responsibilities

• Identity and Access Management (IAM): Develop and manage IAM solutions to secure access to internal systems, as well as client and provider integrations with our BaaS platform.
• Authentication Systems: Design and implement secure authentication mechanisms, including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and passwordless login, tailored for internal and external users.
• Regulatory Compliance: Ensure IAM processes comply with financial regulations, including PSD2, SOC 2, PCI/DSS, and other relevant standards, enabling secure customer authentication and data privacy.
• Authorization Frameworks: Build and support robust role-based access control (RBAC) and attribute-based access control (ABAC) models to manage permissions for clients, providers, and internal users.
• Identity Federation: Deploy identity federation protocols such as SAML, OAuth2.0, and OpenID Connect to enable secure integration with third-party applications and services used by clients and providers.
• Custom IAM Solutions: Collaborate with product and engineering teams to design and implement customized IAM solutions for clients and providers, ensuring seamless integration with their financial workflows.
• Java Integration: Leverage Java expertise to integrate IAM solutions into our core systems, APIs, and microservices, supporting secure operations across our BaaS platform.
• Incident Response: Investigate and resolve security incidents related to identity or access breaches affecting internal systems, clients, or providers.
• Monitoring and Reporting: Implement and maintain monitoring solutions to detect anomalous behaviors and generate comprehensive reports on identity activities.
• Collaboration: Work closely with engineering, DevOps, and compliance teams to embed IAM best practices across our products and services.

What We’re Looking For

Essential Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience).
• 5+ years of experience in cybersecurity roles, with a focus on identity management.
• Good conversational and professional proficiency in English.
• Hands-on experience with IAM technologies (e.g., Transmit, Okta, Azure AD, Ping Identity, ForgeRock) in multi-tenant SaaS environments.
• Strong knowledge of financial regulations like PSD2, especially its requirements for Strong Customer Authentication (SCA), and PCI/DSS.
• Proficiency in Java, with experience integrating IAM capabilities into Java-based systems and APIs.
• Deep understanding of identity federation protocols (SAML, OAuth2.0, OpenID Connect).
• Experience with directory services like Active Directory, Azure AD, and LDAP.
• Familiarity with cloud security solutions in AWS, Azure, or GCP, particularly IAM services.
• Strong scripting skills (e.g., Python, PowerShell) for automation.

Nice to Have

• Security certifications such as CISSP, CCSP, or certifications specific to identity management (e.g., Okta Certified Professional, Azure Security Engineer Associate).
• Experience working in regulated industries, especially fintech or banking.
• Familiarity with Zero Trust Architecture principles.
• Experience implementing IAM solutions in multi-tenant, API-first platforms like BaaS.
• Experience in the .NET stack.

Soft Skills That Make a Difference

• Strategic thinking with a bias for action.
• Strong analytical and problem-solving skills.
• Ownership and accountability.
• Ability to adapt to evolving regulatory and technological landscapes.
• Strong communication and collaboration skills to engage with technical and non-technical stakeholders, including clients and providers.
• Curiosity, adaptability, and passion for innovation.

What We Offer

• Permanent, full-time role.
• A fair and market-aligned compensation.
• Dynamic, international culture built on trust and collaboration.
• Real impact on global fintech transformation projects.
• Growth and learning opportunities within an innovative group.

Our Selection Process

• HR Introduction: A friendly chat with our HR team.
• Hiring Manager Interview: Discuss your experience and vision.
• Technical Evaluation: Show us your expertise.
• Team Fit Discussion: Ensure mutual alignment with our culture.

Every selection process is an opportunity for mutual discovery and shared growth.

Diversity & Inclusion

At BKN301, we believe innovation thrives when different perspectives meet.

We’re proud to be an equal opportunity employer, committed to diversity and inclusion in all forms.

Ready to lead our next phase of growth and operational excellence?

Apply now or reach out to