Junior Security Engineer

Who are we?

Hi! 👋 We are Ravelin! We're a fraud detection company using advanced machine learning and network analysis technology to solve big problems. Our goal is to make online transactions safer and help our clients feel confident serving their customers.

And we have fun in the meantime! We are a friendly bunch and pride ourselves in having a strong culture and adhering to our values of empathy, ambition, unity and integrity. We really value work/life balance and we embrace a flat hierarchy structure company-wide. Join us and you’ll learn fast about cutting-edge tech and work with some of the brightest and nicest people around - check out our Glassdoor reviews.

If this sounds like your cup of tea, we would love to hear from you! For more information check out our blog to see if you would like to help us prevent crime and protect the world's biggest online businesses.

The Role

Our data is a crucial part to our success and of great importance to our clients, our partners and to our team. This is why we are currently looking for someone to help evolve the security function as Ravelin grows. As part of the security team, you will work hands-on with various elements of Ravelin ranging from securing the platform's infrastructure and backend applications, to helping with security processes and due diligence to ensure security is implemented in all areas of Ravelin.

To be successful in this role, you have to be a practical and pragmatic person with security sensibility who knows the difference between implementing an ineffective policy, and something difficult that is worth the additional friction.

Responsibilities

• Be a core member of the Infrastructure & Security team
• Monitor and fine tune SIEM alerts for higher accuracy and reliability
• Work with the Infrastructure team to improve our overall security posture in GCP and Kubernetes
• Assist with security-based change requests and queries
• Help implement, maintain and administer security toolsets used in the software development process
• Assist with providing evidence for compliance programmes, regulatory and compliance frameworks such as PCI DSS Level 1 / PCI 3DS2 / ISO 27001, and where required, take part in their external audits
• Help with the creation, review and maintenance of security policies, standards and procedures
• Assist with the supplier assurance process
• Manage and execute day to day security procedures (security incident management, information transfer etc) allowing the business to operate efficiently in a secure manner
• Automate and improve security across the business
• Help foster a culture of security when working with and interacting with the broader organisation

Requirements

• A degree in Cyber Security or related field in computing
• At least 1 year of commercial experience in the Information Security field or at least 2 in a related field e.g. DevOps, IT support, Software Development
• Knowledge of common threats and vulnerabilities
• Knowledge of network routing, ports and protocols
• Experience scripting/automating tasks
• Keen desire to learn more about different technology stacks and areas of security
• Ability to explain technical concepts for different levels of technical audience

Nice to haves

• MacOS and Linux OSs
• CI/CD pipelines
• Golang and/or Python
• Docker containerisation & Kubernetes security
• Terraform and/or other IaC
• Cloud platforms e.g. AWS, Azure. GCP preferred.
• SIEM platforms e.g. Elastic, Splunk etc
• Relevant certification e.g. OSCP, CKA, CRT, SANS etc

Benefits

• Mental health support through Spill + quarterly wellbeing day off
• £1000 learning & development budget as well as Quarterly Learning Days
• Comprehensive medical cover with AXA
• Pension Scheme with Aviva
• 25 days holiday + bank holidays + 1 extra day off for religious holidays
• Flexible working hours & remote friendly environment
• Ravelin Gives Back - monthly charitable donations and regular volunteering opportunities
• TeamBandit - Fortnightly team lunches with different people from across the company
• Access to BorrowmyDoggy
• Cycle-to-Work scheme
• Weekly board game nights & budget for regular socials that anyone can organise
• Weekly Virtual exercise classes including yoga, pilates & HIIT sessions

Job offers may be withdrawn if candidates do not meet our pre-employment checks: unspent criminal convictions, employment verification, and right to work.