Senior Web Security Engineer

IProov


Job Location:

London - UK

Monthly Salary: Not Disclosed
Posted on: 12 hours ago
Vacancies: 1 Vacancy

Job Summary

Senior Web Security Engineer

About iProov

iProov provides science-based biometric solutions that enable the worlds most security-conscious organizations to streamline secure remote onboarding and authentication for digital and physical access. Our award-winning liveness technology and iSOC offer unmatched resilience against deepfakes and generative AI threats while ensuring effortless scalable user experiences. Trusted by leading governments and enterprises including the U.S. Department of Homeland Security U.K. Home Office GovTech Singapore ING and UBS iProov sets the standard in biometric identity assurance.

This global trust is built not only on our technology but on the strength of the people behind it. For us diversity at iProov is about reflecting the customers we serve holding the principles of equality and inclusion at the heart of everything we do and all that we stand for embracing differences creating possibilities and growing together. We aim to foster a culture where individuals of all backgrounds feel confident in bringing their whole selves to work feel included and their talents are nurtured empowering them to contribute fully to our purpose.

The Role

Reports to: Head of Red Team

Location: UK (Flexible)

Comp: Negotiable (Base) Company Performance Bonus (10%) Share Options UK iProov Benefits

Were looking for an experienced Senior Web Security Engineer to design build and secure high-performance web applications that run in some of the worlds most demanding environments.

In this role youll work at the intersection of browser security JavaScript runtimes WebAssembly anti-reverse engineering and application hardening. Youll help protect client-side applications against tampering reverse engineering and sophisticated attacks while developing highly optimized code that performs consistently across modern browsers and devices.

This is a hands-on engineering position for someone who enjoys solving difficult technical problems understands the realities of client-side security and is passionate about pushing the boundaries of whats possible in the browser.

How you can make an impact

Youll work on technically challenging problems that few engineering teams tackleprotecting sophisticated client-side applications in hostile environments. Youll collaborate with experts in browser technology security cryptography and systems engineering while building solutions used at global scale.

If youre passionate about JavaScript internals WebAssembly browser security and solving complex engineering problems wed love to hear from you.

  • Design and implement secure JavaScript and WebAssembly components for production web applications.
  • Develop techniques to protect client-side code from tampering reverse engineering debugging automation and exploitation.
  • Design and implement anti-tamper integrity verification and runtime protection mechanisms.
  • Build high-performance WebAssembly modules using C Rust or AssemblyScript.
  • Analyse browser behaviour JavaScript engines and WebAssembly runtimes to identify security risks and performance opportunities.
  • Research emerging attack techniques targeting web applications and develop practical mitigations.
  • Collaborate closely with developers product and red teams to integrate security into the development lifecycle.
  • Investigate vulnerabilities perform root-cause analysis and develop long-term remediation strategies.
  • Contribute to technical architecture and mentor other engineers on secure development practices.

What we would like to see from you

Within your first year youll have shipped secure production-grade JavaScript and WebAssembly components that real users depend on every day. Along the way youll have introduced new techniques that materially strengthen our resistance to reverse engineering and client-side attacks pushing the boundaries of whats possible in browser-based security. Youll have found ways to make the application faster without ever compromising its security guarantees proving that performance and protection arent a trade-off.

Beyond the code itself youll have helped define the engineering standards that shape how we approach browser security and secure client-side architecture leaving a lasting mark on how we build. And by the end of that first year youll have become the person engineers across the organisation turn to when they need answers on web security a trusted technical leader whose influence extends well beyond your own team.

Technical Expertise

  • Expert-level JavaScript (ES6) and TypeScript.
  • Strong experience developing production WebAssembly applications.
  • Experience with Rust C or another systems programming language used to produce WASM modules.
  • Deep understanding of browser internals and modern web platform APIs.
  • Experience securing client-side applications against:
    • Reverse engineering
    • Runtime modification
    • Instrumentation frameworks
    • Code injection
  • Experience with secure software architecture.

Security Knowledge

Experience in several of the following:

  • JavaScript de-obfuscation and obfuscation techniques
  • WASM binary analysis
  • Static and dynamic analysis
  • Anti-debugging techniques
  • Anti-tamper technologies
  • Runtime integrity verification
  • Secure code signing and integrity checking
  • Software protection techniques
  • Secure SDLC practices

Engineering Experience

  • 5 years of software engineering experience.
  • Experience designing highly performant browser-based applications.
  • Strong testing debugging and profiling skills.
  • Experience working with CI/CD pipelines and automated security testing.
  • Comfortable working across Windows macOS Linux and mobile browsers.
  • Excellent communication skills with the ability to explain complex technical concepts clearly.

Nice to Have

  • Experience with V8 SpiderMonkey JavaScriptCore or Chromium internals.
  • Knowledge of WebGPU WebRTC or WebCodecs.
  • Experience with binary instrumentation and compiler toolchains.
  • Experience building SDKs or developer platforms.
  • Knowledge of mobile browser security.
  • Experience with biometrics identity verification or fraud prevention technologies.
  • Contributions to open-source security tools or security research publications.

Benefits

  • 25 days Annual Leave plus 8 Bank Holidays (more holiday with service - up to an extra 5 days off per year based on your continuous service)
  • Growth Shares allocated after passing probation (6 months of service)
  • Salary sacrifice schemes including: Pension Cycle To Work and Electric Car Scheme
  • Nursery Sacrifice Scheme
  • Work Overseas Perk - Work globally for up to 2 weeks
  • Life Assurance
  • SmartHealth - Access to private GP Psychologist Nutritionist along with tailored fitness plans for both you and your family
  • Benefit from personalized 1:1 career coaching with our in-house Occupational Psychologist
  • Award winning L&D platform with personal allocated training budgets
  • Enhanced paid family leave
  • Pension - 5% employee 3% employer
  • Flexible hybrid working environment
  • Free Barista Coffee/Tea biscuits with fruit in the WeWork office
  • Free access to WeWork discounts and free online well-being sessions
  • Vitality Health - a range of options available on this below

The Vitality Programme includes a number of reward benefits that all employees have access to as part of the plan for example:

  • Private Health cover including Dental Optical and Audiology
  • 50% off monthly gym memberships
  • Apple watches significantly discounted based member vitality status
  • Half price trainers with Runners Need
  • Weekly rewards Free coffee with Café Nero
  • Monthly rewards Free Cinema ticket
  • Discounts on travel with Expedia (hotels) and Mr & Mrs Smith with discounts getting greater throughout the year based on a members vitality status
  • Amazon prime free months based on activity
  • Up to 25% cashback at Waitrose when buying healthy foods
  • 75% off stays at Champneys Health Spas
  • Allen Carrs 299 no smoking programme for free
  • Access to Vitality Healthy Mind with 30% off Headspace subscriptions and the ability to earn Vitality points for using Buddhify Calm and Headspace
  • Discounts on Weight Watchers
  • 50%-80% off Comprehensive Private Health screenings

Our Culture & Recruitment Process

At iProov were incredibly proud of the culture weve carefully curated. Our culture enables diverse thought curiosity and innovation. Our team strives to do everything to the highest standard possible to achieve the remarkable. To do that we need different perspectives experiences and ideas alongside an environment where these are welcomed - we want everyone to feel confident in bringing their full capabilities to work. We firmly believe psychological safety is key to building and nurturing great teams. Were a small and dynamic company that means having the right skills is important and we know that our best work emerges when people feel secure welcomed and respected.

As an equal opportunities employer we encourage applications from people of all backgrounds. Were committed to building a workforce that is representative of the people we serve. We will not put someone at a disadvantage or treat them less favourably because of race color national origin ancestry age disability creed religion or belief sex sexual orientation gender reassignment marriage or civil partnership or pregnancy and maternity. Our goal is to find people who are passionate about creating a safer more secure world.

Our recruitment process is designed to be fair and transparent focusing solely on your qualifications competence and suitability for the role. We review all applications carefully and will be in touch with shortlisted candidates regarding the next steps in our interview process. If you need an adjustment for a disability or any other reason during the hiring process please send a request to


Required Experience:

Senior IC

Senior Web Security EngineerAbout iProoviProov provides science-based biometric solutions that enable the worlds most security-conscious organizations to streamline secure remote onboarding and authentication for digital and physical access. Our award-winning liveness technology and iSOC offer unmat...

About Company

Company Logo

Award-winning provider of secure online biometric authentication, identity verification, digital onboarding services, and Genuine Presence Assurance technology.

View Profile View Profile