|Job Type:||Full Time|
GoCardless is on a mission to take the pain out of getting paid, so our customers can focus on what they do best. With the world shifting to a Subscription Economy, GoCardless is powering recurring payments across the globe via our world-first payments network. We’ve cut out the intermediaries by linking together direct debit schemes from around the world to create a simple way of pulling payments directly from customers’ bank accounts.
We process more than $15bn a year, for over 50,000 businesses in more than 30 countries, and we’re growing fast. Our API powers recurring payments for companies like Survey Monkey, Bulb and the Financial Times. It also enables partners including Xero, Quickbooks and Sage to help small businesses to save countless hours spent chasing customers for payments.
Our Security and Privacy Engineering team is here to make sure that we remain a secure and trusted partner for all of these businesses as we grow. We believe security and privacy works best when it is part of the product, so we focus on inspiring autonomous teams to take shared responsibility for security and privacy.
As a Security Operations Engineer you will provide subject matter expertise on our security detection and response capabilities. We run a small, collaborative team, so you will be involved in the end-to-end process of security operations from defining our security use cases through to incident response.
You will be someone who has experience in deploying and running security tools. Our main interest here is in end point detection and response, vulnerability scanning (especially in a dev pipeline) and cloud security tools.
Your background will ideally be in cloud security operations or as a SOC analyst. In any case, you will be experienced using Splunk to develop security monitoring cases and writing scripts to automate tasks and support testing.
We want people who can help make security part of our day-to-day operations, so you will be someone who enjoys working cross team, function and group to improve the security posture of an organisation.
In this role you will
- Work closely with the Senior Security Engineers to review and onboard security tools as we identify new requirements
- Develop security use cases, onboard data sources and manage events in Splunk
- Perform scheduled vulnerability assessments, and work with our IT and infrastructure teams to ensure that we maintain agreed configuration standards
- Run day-to-day security operations activities. This could be anything from supporting the response to an RFP or resolving a bug bounty finding to preparing a threat report or responding to a security incident
- Provide technical support for on call outside normal business hours (when required)
What we have to offer:
Among other things:
- Focus on your growth and development: regular discussions with your manager about your personal goals, feedback, coaching, learning and conference budget.
- A clear career progression: opportunities for growth and leadership aligned to our competencies framework.
- Ownership and autonomy: we give people problems to solve rather than specifications to implement, end to end ownership (deciding on the solution, implementing it, releasing it, maintaining it)
- Good work-life balance
GoCardless embraces diversity and is proud to be an equal opportunity employer. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.
We offer a varied package of flexible working and benefits policies. From flexible working hours and working from home arrangements, through to enhanced parental leave, pension packages and equity. GoCardless has a very family and work-life balance orientated environment. Our team comes from a variety of backgrounds and we embrace diversity – if you’re unsure, please apply.
In response to the COVID-19 pandemic, everyone at GoCardless has shifted to remote working since mid-March and will continue to work remotely until the end of the year. We are committed to support all employees during this time and continue to monitor the situation closely. Some of the actions we’ve taken to support the wellbeing of our employees as we transitioned to and continue working in a remote set-up are: subsidised home office equipment, remote workstation assessments, and remote wellbeing and social activities to stay in touch.