Senior Information Security Engineer - Security Operations
SumUpGrow your business by accepting credit and debit cards with SumUp Card Readers! Easy, secure, and affordable small business card payment solutions.
Senior Information Security Engineer - Security Operations
At SumUp our vision is to be a global leader in the FinTech industry and build a world where small businesses can be successful doing what they love. To get there, we are putting together a team that is passionate about what they do, committed to one another and to our merchants.
The Information Security Team is a key component in SumUp’s Governance, Risk and Compliance (GRC) team. Our SumUp offices in Europe are hiring for a Senior Information Security Engineer.
As an experienced Security Engineer, you will be part of the Security Operations (SecOps) team, working with the Platform and other tribes to ensure adequate security measures are applied and capabilities built to support necessary security logging, monitoring and alerting. You will also have the ability to impact the overall security posture by introducing and promoting AWS Security best practices and support Platform teams to design for Security, Privacy and Compliance.
Responsibilities - What you will do:
- Act as a subject matter expert in cloud security, designing secure patterns for the configuration and consumption of cloud infrastructure
- Design, implement and maintain secured cloud security technologies to achieve security and compliance objectives (GuardDuty, Config, Security Hub, Inspector etc)
- Review architectural designs for new cloud infrastructure building in security controls
- Communicating and collaborating with engineering to embed and adjust patterns as required to help drive adoption
- Automating of security process flows to ensure security our cloud-native distributed system architecture
- Assist in developing viable governance and pragmatic guardrails to secure business processes
- Help with building and improving threat hunting capabilities and intelligence led security operation
- Help implement security gates in pipelines and service tooling (Burp, pipelines, SecurityHub)
- Collaborate and lead on continuous improvement efforts across different areas (i.e. incident response, log analysis, tooling development, risk assessment etc.)
- Incident Response (on-call rotation)
- Deliver security awareness training sessions
- Willing to travel as required.
Experience required - You’ll be great for this positon if:
- 4+ years in an information security cloud engineering related position, like DevOps, ProdSec or SecOps Engineering
- Experience with AWS cloud security tools, network security, application security, compliance / hardening, security analytics, vulnerability management, security operations, etc.
- Experience with On-Call rotation incident response
- Familiarity with major compliance frameworks including PCI, NIST, ISO, GDR and AWS Security Best Practices
- AWS Security Specialty Certification
- Fluent in English
- Be a part of a truly global team: SumUppers come from over 50 different countries around the world! (The GRC Team has nearly 80 members over 3 continents).
- You’ll work in an amazing agile team environment that values passion and purpose to achieve incredible results.
- You’ll have access to rewarding compensation and benefits.
- You’ll have the freedom to drive your career, own projects, and make an impact across the company.
- You’ll enjoy flexible hours – we don’t micromanage. You have freedom to align with your team if you want to work remotely or take a few days off.
SumUp is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. SumUp does not make hiring or employment decisions on the basis of race, colour, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender identity, sexual orientation, disability, age or any other basis protected by applicable laws or prohibited by Company policy. SumUp also strives for a healthy and safe workplace and strictly prohibits harassment of any kind.
Job Application Tip
We recognise that candidates feel they need to meet 100% of the job criteria in order to apply for a job. Please note that this is only a guide. If you don’t tick every box, it’s ok too because it means you have room to learn and develop your career at SumUp.
Other jobs like this
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Application Security Engineer/Architect jobs
- Open Lead Security Engineer jobs
- Open Penetration Tester jobs
- Open Cyber Security Engineer jobs
- Open Senior DevSecOps Engineer jobs
- Open Cyber Threat Intelligence Analyst jobs
- Open Senior Security Operations Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Vulnerability Analyst jobs
- Open Staff Application Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Engineer jobs
- Open SOC Analyst jobs
- Open Cyber Security Analyst jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Automation Specialist jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Offensive Security Engineer jobs
- Open Information Security Officer jobs
- Open Head of Information Security jobs
- Open Information System Security Officer (ISSO) jobs
- Open Azure Security Engineer jobs
- Open Cloud Security Operations Lead jobs
- Open DevOps-related jobs
- Open Analytics-related jobs
- Open Audits-related jobs
- Open PCI-related jobs
- Open Application security-related jobs
- Open OWASP-related jobs
- Open Threat intelligence-related jobs
- Open Clearance-related jobs
- Open IDS-related jobs
- Open Security assessments-related jobs
- Open Forensics-related jobs
- Open Ruby-related jobs
- Open Splunk-related jobs
- Open Encryption-related jobs
- Open CEH-related jobs
- Open Open Source-related jobs
- Open CISM-related jobs
- Open GDPR-related jobs
- Open OSCP-related jobs
- Open Threat detection-related jobs
- Open Machine Learning-related jobs
- Open Intrusion detection-related jobs
- Open Docker-related jobs
- Open Agile-related jobs