AppSec Jobs
← Back to all jobs

Teya

Senior Application Security Engineer

London Area, United KingdomWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Teya

Teya is a European fintech company founded in 2019 that specializes in all-in-one payment and business management solutions for small and medium-sized businesses (SMBs). The company offers a range of tools including card machines, business accounts, and expense tracking to help streamline sales, spending, and operations. Teya's platform empowers local SMBs with integrated financial tools that combine payment processing, banking, and management features. Key offerings include real-time transaction monitoring through a mobile app, integration with over 50 ePOS systems, and customizable membership plans. Businesses can manage sales and expenses through a unified dashboard, track spending in real-time, and benefit from cashback rewards on purchases. Teya's solutions are designed to help businesses operate efficiently while focusing on customer service.

Industry

financial services

Employees

900

217 engineers

Revenue

$220M

Website

Visit →

Security at Teya

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Stated AppSec Mission: "security is an enabler of fast, reliable product delivery." Developer Enablement vs. Gatekeeping: "security is an enabler—not a blocker." The team aims to "Embed security into planning and delivery." Risk Philosophy: Prioritize vulnerabilities "based on exploitability, impact, and regulatory risk." Stated Pain Points or Goals: Goal to provide "high-signal, low-noise outputs" from tooling.
  • Mention of an "AI-first mindset" for security.
  • Gaps & Contradictions: No public statements found regarding a formal 'Security Champions' program.

Security Team

Org Structure & Reporting Line: Information not publicly available regarding the specific executive reporting line (e.g., CISO vs CTO), though job postings indicate AppSec roles act as "trusted advisors to engineering teams". Key Public-Facing Leaders: - Istvan Benedek, Principal Security Engineer - Product Security - Warwick Brown, Senior Security Engineer Key Quote: "My philosophy: security is a business enabler—not a blocker."– Warwick Brown Team Size Estimate: ~5-15 security-focused engineering professionals identified. Active AppSec Job Postings: 1 (Application Security Engineer) Common Skill/Tool Patterns: Ownership of SAST, DAST, and SCA; CI/CD integration; Threat Modelling; Python/Go for automation. Gaps & Contradictions: No public organizational chart or named Head of AppSec found on official corporate pages.

Key Initiatives

Security Champions Program: No Evidence Found. "Shift Left" in Practice: "Implement automated security testing using CI/CD strategies." Vulnerability Management Process: - Intake: "We aim to acknowledge your report within 3 business days." - Triage/Remediation: "Our standard disclosure window is 90 days." Secure SDLC Artifacts: "Design, implement, and continuously improve a Secure SDLC." Includes "security reviews for all major features." Recent Initiatives (Last 6 Months): Focus on "automating remediation" and improving "security visibility." Gaps & Contradictions: Internal MTTR (Mean Time To Remediate) for non-public vulnerabilities is not publicly available.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.