Events  Classes  Jobs 
    Sign in  
 
 
GoCardless // online payment processing services
 
Engineering, Full Time    London    Posted: Thursday, January 16, 2020
 
   
 
Apply To Job
 
 
JOB DETAILS
 

Were looking for talented security engineers that love working in a fast paced environment & in a culture of continuous feedback.

You will play a major role in implementing our security operations programmes by using cutting-edge measures to prevent, detect & respond to potential cyber security threats.

You are empowered to engage & lead cross-functional initiatives - whether engineering a system to address a technical security hurdle, protecting our customers' data, or consulting on a wide range of security topics. You will be working alongside our Product Managers & audit specialists to design & implement measures that will keep GoCardless' products & systems secure.

We work closely with our engineering teams who are building simple & reliable solutions to complex problems. We keep our development cycles fast, by reviewing & adapting our plans frequently, & by investing in a culture of continuous feedback.

We're primarily built in Ruby & JavaScript using Rails, & we rely on Postgres, ElasticSearch & GCP.

Core responsibilities

  • Provide subject matter expertise on various areas of security, specifically on security operations
  • Develop security use cases, onboard data sources, manage logging & SIEM technologies (i.e Elastic, Splunk, etc.)
  • Monitor metrics associated with security controls to ensure controls are well tuned
  • Handle security operations day-to-day activities, by troubleshooting & coordinating resolution (activities can be hardware or software failures, security incidents, security breaches, actively looking for threats in logs - threat hunting - etc.)
  • Professionally manage inbound security-related calls & questions, create tickets, run security-related assessments, security-related user complaints, & escalate accordingly
  • Provide technical support for on call outside normal business hours (when required)
  • Drive the implementation & dissemination of security KPIs
  • Liaise with teams on security design, incident handling & education
  • Participate in cross-team security initiatives
  • Select & assess capabilities & features of security tooling
  • Perform scheduled vulnerability assessments & security testing

Requirements

  • Minimum of five years of security-related experience
  • Strong analytical & reasoning skills
  • Experience in security tooling (Endpoint Security, DLP, Web/Network Scanners, SIEM, IDS/IPS, etc.) & its integration into the company systems
  • A proven in depth expertise in security engineering, system & network security, authentication & security protocols, cryptography & application security
  • Hands-on experience in web applications for critical 24/7 services
  • In depth, hands-on experience with security features & system administration of Linux, UNIX & Windows operating systems
  • Excellent communication skills & ability to cooperate with other business functions
  • Understanding of & exposure to the latest message queue technologies such Syslog, Fluentd, GCP PubSub, Logstash & SIEM-specific collection mechanisms (i.e. Splunk forwarders, etc.)
  • Exposure with at least one scripting / programming language (i.e Python, Ruby)
  • Professional security qualifications (e.g. CISSP, Offensive Security, GIAC, etc.)

Our team come from a variety of backgrounds & we welcome diversity if youre unsure, please apply.

 
 
 
Apply To Job
 
 
 
 
 
© 2020 GarysGuide      Terms