Senior Cloud Security Engineer
Location – Swindon or London
Salary – £65,000 to £75,000 + Bonus
This role reports to the Head of Cloud Platforms and works within the Cloud Platforms Team, collaborating with architects and other counterparts across the organization to deliver a world-class cloud platform solution. The position involves developing and nurturing strong cloud security talents within the organization and implementing security best practices while building cloud services and products.
As a hands-on role, it requires participation in the team’s technical support activities and out-of-hours on-call support. The individual will serve as a Subject Matter Expert for the organization, influencing and implementing security solutions in the cloud or using cloud security tools elsewhere, such as on-premise. Additionally, they will work with other teams, including wider Technology, InfoSec and SOPs, to ensure the organization and its customers maintain robust cloud security practices.
Roles and Responsibilities
1. Lead and champion platform security and compliance within the cloud team, acting as a security evangelist.
2. Participate in daily SIEM review standup calls with the InfoSec team, follow up, and act on daily security hub findings.
3. Drive security incident investigations, produce reports, and recommend preventive measures for future events. Utilize cloud security tools as a subject matter expert to prevent and respond to major security incidents, such as ransomware, in collaboration with CSIRT and other security bodies.
4. Design, deploy, and manage cloud security-focused services, including Managed Website Protection, Cloud Security Audits, and Managed Cloud Security services. Stay informed about sector challenges and develop solutions to address them.
5. Participate in the platform High-Level Design process, providing security perspective inputs for design decisions. Apply security and architecture principles such as least privilege, defense in depth, and Zero Trust to all aspects of cloud services.
6. Monitor and manage PCI DSS v4.0.0 compliance and other security benchmark standards like CIS and AWS Security best practice scores across the platform.
7. Execute regular internal PCI DSS and other security compliance-related audits, maintaining up-to-date audit logs.
8. Lead the cloud platform team during the annual PCI DSS audit and certification process, ensuring all requirements are met and evidence is readily available for QSA audits.
9. Be on call to respond to security-related incidents impacting customers and overall platform security postures. Automate security functionality to support a 24/7 incident response framework integrated with our cloud security posture management (CSPM) services.
10. Oversee all security aspects related to cloud platforms. Ensure PayTech technical security architecture controls are up-to-date, effective, and aligned with industry best practices, and tooling. Be able to research, explore new tools and evaluate to best suit our cloud estate.
11. Manage all security administrative activities performed by the cloud security team, including AV, EDR, HIPS, Web Application Firewall tuning, DDoS protection, security incident response, audits and health checks, penetration testing, and remediation activities.
Skills & Experience
1. Advanced knowledge of public cloud Security architecture, particularly AWS.
2. Knowledge of relevant cyber security threats/attack patterns and applying this to securing cloud deployments.
3. Good knowledge of the state of the art in public cloud security practice.
4. Thorough knowledge of the latest security best practice, particularly its application to financial sector organisations.
5. Aptitude to maintain current knowledge of threats, vulnerabilities and security best practices primarily focused but not limited to AWS.
6. Full Stack security knowledge across the AWS Shared Security Model ensuring security has been considered and applied within PayTech’s area of responsibilities as a managed cloud.
Why PayTech?
We are a subsidiary of the Edenred group and leaders in prepaid solutions including banking, virtual cards, debit, credit, and prepaid processing.
As a PayTech employee you will get the support and structure that you need to enjoy your work and develop your career while doing what you love and making a difference in a fast-paced and innovative business.
What you will get:
1. 25 days annual leave plus Bank Holidays
2. Hybrid working environment with a 3 days per week in the office
3. Income protection
4. Life insurance (4x salary)
5. Wellbeing Employee Assistance Program (extended access to family members)
6. Digital learning platform
7. Complimentary fruit and other ‘in office’ snacks & refreshments
8. Volunteering programme
9. Social events
10. Pension Scheme – employer 6% with minimum employee contribution 3%
11. Discretionary bonus scheme based on company and personal performance
12. Holiday trading scheme (buy or sell up to 5 days)
13. Medical & international travel cover (leisure and action sports)
14. Season ticket loan
15. Cycle to Work scheme
Diversity:
Edenred UK and PayTech are proud to be an equal opportunity employer. We will not discriminate against any applicant or employee based on age, race, colour, creed, religion, sex, sexual orientation, gender, gender identity or expression, national origin, citizenship, marital status or civil partnership/union status, disability, pregnancy, genetic information, or any other basis prohibited by applicable country or local laws.
#J-18808-Ljbffr