Senior Information Security Engineer - Security Operations
Berlin, Germany
SumUp
4 million small businesses use SumUp to run their business. Explore our affordable payment solutions and easy to use point-of-sale solutions.Senior Information Security Engineer - Security Operations
At SumUp our vision is to be a global leader in the FinTech industry and build a world where small businesses can be successful doing what they love. To get there, we are putting together a team that is passionate about what they do, committed to one another and to our merchants.
The Information Security Team is a key component in SumUp’s Governance, Risk and Compliance (GRC) team. Our SumUp offices in Europe are hiring for a Senior Information Security Engineer.
As an experienced Security Engineer, you will be part of the Security Operations (SecOps) team, working with the Platform and other tribes to ensure adequate security measures are applied and capabilities built to support necessary security logging, monitoring and alerting. You will also have the ability to impact the overall security posture by introducing and promoting AWS Security best practices and support Platform teams to design for Security, Privacy and Compliance.
Responsibilities - What you will do:
- Act as a subject matter expert in cloud security, designing secure patterns for the configuration and consumption of cloud infrastructure
- Design, implement and maintain secured cloud security technologies to achieve security and compliance objectives (GuardDuty, Config, Security Hub, Inspector etc)
- Review architectural designs for new cloud infrastructure building in security controls
- Communicating and collaborating with engineering to embed and adjust patterns as required to help drive adoption
- Automating of security process flows to ensure security our cloud-native distributed system architecture
- Assist in developing viable governance and pragmatic guardrails to secure business processes
- Help with building and improving threat hunting capabilities and intelligence led security operation
- Help implement security gates in pipelines and service tooling (Burp, pipelines, SecurityHub)
- Collaborate and lead on continuous improvement efforts across different areas (i.e. incident response, log analysis, tooling development, risk assessment etc.)
- Incident Response (on-call rotation)
- Deliver security awareness training sessions
- Willing to travel as required.
Experience required - You’ll be great for this positon if:
- 4+ years in an information security cloud engineering related position, like DevOps, ProdSec or SecOps Engineering
- Experience with AWS cloud security tools, network security, application security, compliance / hardening, security analytics, vulnerability management, security operations, etc.
- Experience with On-Call rotation incident response
- Familiarity with major compliance frameworks including PCI, NIST, ISO, GDR and AWS Security Best Practices
- AWS Security Specialty Certification
- Fluent in English
Why SumUp?.
- Be a part of a truly global team: SumUppers come from over 50 different countries around the world! (The GRC Team has nearly 80 members over 3 continents).
- You’ll work in an amazing agile team environment that values passion and purpose to achieve incredible results.
- You’ll have access to rewarding compensation and benefits.
- You’ll have the freedom to drive your career, own projects, and make an impact across the company.
- You’ll enjoy flexible hours – we don’t micromanage. You have freedom to align with your team if you want to work remotely or take a few days off.
SumUp is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. SumUp does not make hiring or employment decisions on the basis of race, colour, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender identity, sexual orientation, disability, age or any other basis protected by applicable laws or prohibited by Company policy. SumUp also strives for a healthy and safe workplace and strictly prohibits harassment of any kind.
#LI-PD1
Job Application Tip
We recognise that candidates feel they need to meet 100% of the job criteria in order to apply for a job. Please note that this is only a guide. If you don’t tick every box, it’s ok too because it means you have room to learn and develop your career at SumUp.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Analytics Application security AWS Cloud Compliance DevOps FinTech Governance Incident response Log analysis Monitoring Network security NIST Privacy Risk assessment SecOps Vulnerability management
Perks/benefits: Career development Flex hours
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open EDR-related jobs