Security Engineer at GoCardless

<div class="content-intro"><h3><strong>About us</strong></h3> <p>At GoCardless we believe bank payments are the best way to pay and get paid. We also believe that bank account data is a powerful tool to make better, faster decisions. We’re making it easy to use both- for businesses everywhere.&nbsp;&nbsp;</p> <p>GoCardless is used for domestic and international payments by 75,000+ organisations and counting, processing more than $30 billion across 30 countries. We’re an award-winning London based fintech, with additional offices in Riga, Paris, Melbourne and New York.</p> <p>And remember: we don’t expect you to meet every single requirement. If you’re excited by this role, <strong>we encourage you to apply!</strong></p></div><p><strong>The role</strong></p> <p>As a Product Security Engineer, you will enable development teams to take ownership of the security and privacy of their product by collaborating to set requirements and standards, performing design reviews and vulnerability assessments, and helping build security controls. You will also work closely with the dedicated Security Operations and Security Engineering teams.&nbsp;</p> <p>You will be someone who has experience securing a cloud-native environment, and, in particular, in embedding security and privacy standards in engineering functions. You should also be comfortable automating security and privacy engineering and performing various security assessments.</p> <p><strong>What excites you&nbsp;</strong></p> <ul> <li>Developing high-quality code for extensive tasks, showcasing proficiency in leading systems and architecture design independently.&nbsp;</li> <li>Leading the design and documentation processes for complex tasks, breaking them down into manageable segments for team collaboration while also handling the most challenging portions.</li> <li>Contributing significantly to the company-wide systems architecture, impacting the organisation's technological landscape.</li> <li>Providing guidance to developers and architects on secure coding methodologies, architectural design, and security best practices, fostering a culture of excellence within the team.</li> <li>Overseeing the vulnerability management program, conducting routine assessments, prioritising resolutions, and tracking progress towards securing systems.</li> <li>Demonstrating advanced proficiency in security testing, ensuring comprehensive evaluations of system, application, and network security postures.</li> <li>Creating and maintaining robust security policies, procedures, and guidelines for effective programme management.</li> </ul> <p><strong>What excites us&nbsp;&nbsp;</strong></p> <ul> <li>Experience in cloud-based application and infrastructure security - especially, DevSecOps</li> <li>Background in threat modelling and security architecture/secure design</li> <li>Awareness of or exposure to security and privacy standards, such as ISO27001, SOC1, CyberEssentials, GDPR, or similar</li> <li><strong>Nice to have: </strong>Cybersecurity certifications, such as CISSP, CEH, Professional Cloud Security Engineer, or similar</li> <li>Technical experience in working with cloud computing providers such as GCP or AWS</li> <li>Technical leadership qualities -&nbsp; setting direction alongside the managers and supporting the security team in technical development.&nbsp;</li> </ul> <p><strong>Base salary range:</strong> €4,133 to €6,200 gross monthly</p> <p><br>Base salary ranges are based on role, job level, location, and market data.&nbsp; Please note that whilst we strive to offer competitive compensation, our approach is to pay between the minimum and the mid-point of the pay range until performance can be assessed in role. Offers will take into account level of experience, interview assessment, budgets and parity between you and fellow employees at GoCardless doing similar work.</p><div class="content-conclusion"><h3><strong>(some of) The good stuff</strong></h3> <ul> <li><strong>Wellbeing </strong>- stay healthy with dedicated support and medical coverWork away scheme - gives you the option to work away from your country of residence for up to 90 days in any 12 month period</li> <li><strong>Adaptive Working</strong> - allows you to work flexibly, around your lifestyle</li> <li><strong>Equity</strong> - all permanently employed GCs get equity to help you make a valuable contribution</li> <li><strong>Parental leave</strong> - to suit everyone embarking on life's great adventureLearning Budget - lead your own development with an annual learning budget</li> <li><strong>Time off</strong> - generous holiday allowance, + 3 annual volunteer days, + 4 annual business-wide wellness days (‘GC Fridays’)</li> </ul> <h3><strong>Life at GoCardless&nbsp;&nbsp;</strong></h3> <p>We're an organisation defined by our&nbsp;<a href="https://gocardless.com/g/values-operating-principles/">values</a>; We <em>start with why </em>before we begin any project, to ensure it’s aligned with our mission. We<em> act with integrity</em>, always. We <em>care deeply</em> about what we do and we know it's essential that we <em>be humble </em>whilst we do it. Working this way creates the GC magic- the reason we all love showing up to work.&nbsp;</p> <h3><strong>Diversity &amp; Inclusion</strong></h3> <p>We’re building the bank payment network of the future and our ambition is to move money anywhere, for anything, for anyone. If we’re going to achieve this goal, we need to build a team of ‘GeeCee’s’ that is as wonderfully diverse as the world we live in - with a multitude of perspectives, experiences &amp; backgrounds.</p> <p>We’ve got a long way to go, but here’s how we’re doing as of June 2022;</p> <p><strong>Female Employees</strong> - 46%</p> <p><strong>Ethnic background </strong>- 32%</p> <p><strong>Identify as LGBTQIA</strong> - 10%</p> <p><strong>Neurodivergent</strong> - 9%</p> <p>We’re rooting for you during your application and GoCardless aims to provide reasonable adjustments to make our recruitment process as remarkable and accessible as we can. Please speak to your Talent Partner if you need extra support.</p> <p>If you want to learn more, you can read about our Employee Resource Groups and objectives&nbsp;<a href="https://gocardless.com/about/careers/">here</a> as well as our latest <a href="https://gocardless.com/assets/40w0m41bmydz/3hqJy4SUqZqW3BmBHlESUe/d1c7932b97b8a8ebcd0fb07418432fe9/GoCardless_Diversity___Inclusion_Report_2022.pdf">D&amp;I Report</a>&nbsp;</p> <h3><strong>Sustainability&nbsp;</strong></h3> <p>We’re committed to reducing our impact on the environment, leaving a more sustainable world for future generations. In 2021 we became co-founders of the&nbsp;<a href="https://techzero.technation.io/">Tech Zero coalition</a>, a group of businesses committed to taking climate action as part of the UNFCCC <a href="https://unfccc.int/climate-action/race-to-zero-campaign">Race to Zero</a>. We aim to reduce our impact and to create positive change on the natural world. Check out our sustainability <a href="https://gocardless.com/sustainability/">action plan</a> here.&nbsp;</p> <p>Find out more about Life at GoCardless via <a href="http://twitter.com/GoCardlessEng">Twitter</a>, <a href="http://instagram.com/lifeatgocardless">Instagram</a> and <a href="http://linkedin.com/company/gocardless">LinkedIn</a>.&nbsp;</p></div>