Senior Security Operations Engineer

Last updated an hour ago
Location:Greater London
Job Type:Full Time

About Us

GoCardless is on a mission to take the pain out of getting paid, so our customers can focus on what they do best. With the world shifting to a Subscription Economy, GoCardless is powering recurring payments across the globe via our world-first payments network. We’ve cut out the intermediaries by linking together direct debit schemes from around the world to create a simple way of pulling payments directly from customers’ bank accounts.

We process more than $15bn a year, for over 50,000 businesses in more than 30 countries, and we’re growing fast. Our API powers recurring payments for companies like Survey Monkey, Bulb and the Financial Times. It also enables partners including Xero, Quickbooks and Sage to help small businesses to save countless hours spent chasing customers for payments.

We're primarily built in Ruby and JavaScript using Rails, and we rely on Postgres, ElasticSearch and Kubernetes running on GCP.

Our Security and Privacy Engineering team is here to make sure that we remain a secure and trusted partner for all of these businesses as we grow. We believe security and privacy works best when it is part of the product, so we focus on inspiring autonomous teams to take shared responsibility for security and privacy.

The role

As a Senior Security Operations Engineer you will be responsible for our security detection and response capabilities. You will also work closely with the Director of Security & Privacy Engineering to ensure the continued evolution of our security and privacy strategy.

We run a small, collaborative team, so you will be leading the end-to-end process of security operations from defining our security use cases through to incident response. A desire to mentor and develop more junior members of the team is a must.

You will be someone who has experience in deploying and running security tools. Our main interest here is in end point detection and response, vulnerability scanning (especially in a dev pipeline) and cloud security tools.

Your background will ideally be in cloud security or SOC operations. In any case, you will be experienced using Splunk and writing scripts to automate tasks and support testing.

We want you to be part of explaining security to our merchants and partners, so you will need to be comfortable communicating security and privacy to a broad audience.

In this role you will

  • Work closely with the Director of Security & Privacy Engineering to ensure we take a data driven approach to presenting our security posture
  • Lead the development of security use cases, onboarding data sources and managing events in Splunk
  • Ensure that we perform scheduled vulnerability assessments, and work with our IT and infrastructure teams to ensure that we maintain agreed configuration standards
  • Oversee day-to-day security operations activities. This could be supporting the team in anything from working with sales on the response to an RFP or resolving a bug bounty finding to preparing a threat report or responding to a security incident
  • Provide technical support for on call outside normal business hours (when required)
  • Automate and continually improve our approaches through development of tooling and procedures

What we have to offer:

Among other things:

  • Focus on your growth and development: regular discussions with your manager about your personal goals, feedback, coaching, learning and conference budget.
  • A clear career progression: opportunities for growth and leadership aligned to our competencies framework.
  • Ownership and autonomy: we give people problems to solve rather than specifications to implement, end to end ownership (deciding on the solution, implementing it, releasing it, maintaining it)
  • Good work-life balance

About us

GoCardless embraces diversity and is proud to be an equal opportunity employer. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.

We offer a varied package of flexible working and benefits policies. From flexible working hours and working from home arrangements, through to enhanced parental leave, pension packages and equity. GoCardless has a very family and work-life balance orientated environment. Our team comes from a variety of backgrounds and we embrace diversity – if you’re unsure, please apply.

In response to the COVID-19 pandemic, everyone at GoCardless has shifted to remote working since mid-March and will continue to work remotely until the end of the year. We are committed to support all employees during this time and continue to monitor the situation closely. Some of the actions we’ve taken to support the wellbeing of our employees as we transitioned to and continue working in a remote set-up are: subsidised home office equipment, remote workstation assessments, and remote wellbeing and social activities to stay in touch.

Find out more about Life at GoCardless: Twitter | Instagram | LinkedIn