Security Engineer • Mid-Level

Who you are

You have a strong background in security engineering with at least 3-5 years of experience in a cloud-native environment — you've successfully implemented security measures that protect sensitive data and ensure compliance with industry standards. Your expertise includes working with AWS and other cloud platforms, where you've developed and enforced security policies and practices. You are familiar with OWASP guidelines and have conducted vulnerability assessments to identify and mitigate risks effectively.

You possess a solid understanding of containerization technologies like Docker and orchestration tools such as Kubernetes — you've utilized these technologies to enhance security in deployment pipelines and ensure secure application delivery. Your experience includes collaborating with development teams to integrate security into the software development lifecycle, enabling them to take ownership of security practices.

You are detail-oriented and have a proactive approach to identifying potential security threats — you stay updated with the latest security trends and vulnerabilities, ensuring that your knowledge is current and applicable. You are also skilled in using security tools and frameworks to monitor and respond to security incidents, demonstrating your ability to act swiftly in critical situations.

You thrive in collaborative environments and enjoy working closely with cross-functional teams — you understand the importance of communication and teamwork in achieving security objectives. Your ability to explain complex security concepts to non-technical stakeholders makes you an effective advocate for security best practices.

Desirable

Experience with security automation tools and practices is a plus — you have a keen interest in improving security processes through automation and efficiency. Familiarity with compliance frameworks such as GDPR or PCI-DSS would be beneficial, as you understand the importance of regulatory requirements in the financial sector.

What you'll do

As a Security Engineer at GoCardless, you will play a crucial role in enhancing the security posture of our products — you will collaborate with development teams to define security requirements and standards, ensuring that security is integrated into every stage of the product lifecycle. You will conduct design reviews and vulnerability assessments, providing actionable feedback to improve the security of our applications.

You will work closely with the Security Operations team to monitor security incidents and respond to threats — your expertise will help us maintain a secure environment for our customers and protect sensitive payment data. You will also assist in building and implementing security controls that align with industry best practices and regulatory requirements.

Your role will involve educating and training development teams on security best practices — you will help foster a culture of security awareness within the organization, empowering teams to prioritize security in their work. You will participate in incident response activities, helping to investigate and remediate security incidents as they arise.

What we offer

At GoCardless, we are committed to creating an inclusive and supportive work environment — we offer competitive compensation and benefits, along with opportunities for professional growth and development. You will have the chance to work with a talented team of professionals who are passionate about making a positive impact in the payments industry. Join us in our mission to simplify payments for businesses around the world.