Here at GoCardless, we're building the world's bank payment network. Bringing simple and secure direct bank payment solutions for people and businesses everywhere, as well as making open banking more accessible. GoCardless is used by 75,000+ organisations and counting, processing more than $30 billion of payments across 30 countries.
We're an award-winning London based fintech, with additional offices in Riga, Paris, Melbourne and New York. Intro to Security and Privacy Engineering
Our Security and Privacy Engineering team is here to make sure that we remain a secure and trusted partner for all of these businesses as we grow. We believe security and privacy works best when it is part of the product, so we focus on inspiring autonomous teams to take shared responsibility for security and privacy. The role
As a Cloud Security Operations Analyst you will participate in the design, development and implementation of cloud security architecture, strategy and standards.
You provide subject matter expertise on our security detection and response capabilities, you will identify, evaluate and communicate cloud-related risks and vulnerabilities and recommended mitigations.
We run a small, collaborative team, so you will be involved in the end-to-end process of security operations; from defining our security use cases through to incident response.
Your background will ideally be in cloud security operations or as a SOC analyst. In any case, you will be experienced using cloud-native services and environments (GKE, GCS) and performing incident response in the cloud.
We want people who can help make security part of our day-to-day operations, so you will be someone who enjoys working across team, function and group to improve the security posture of an organisation. In this role you will:
- Work closely with the security operations manager to ensure we take a data driven approach to presenting our cloud security posture
- Take a prominent role in reviewing the existing cloud security measures and processes, ensure the appropriate tooling, automation and operational processes and models are in place
- Recommend security configuration standards and best practices for cloud services (Google and AWS)
- Create actionable alerts in SIEM based on received cloud log events
- Analyse logs from multiple sources (eg: IDS, endpoints, email) to identify and investigate security events and anomalies
- Work closely with other security operations engineers to review and onboard security tools as we identify new requirements
- Run day-to-day security operations activities. This could be anything from responding to one of our users who was concerned about a suspicious email, to preparing a threat report or responding to a security incident
- Prove the ability to work creatively and analytically in a problem-solving environment
What we have to offer:
- Knowledge of recommended cloud security controls, fundamentals and best practices
- Experience using SIEM tools (ideally Splunk) to develop security monitoring cases and writing scripts to automate tasks
- Ability in using EDR or IDS/IPS tools
- Previous incident response experience in cloud environments
- Good fundamental knowledge on information security
- Excellent written and verbal communications skills to describe security event details and technical analysis with audiences within the cybersecurity organisation and other technology groups
Among other things:
(some of) The good stuff
- Focus on your growth and development: regular discussions with your manager about your personal goals, feedback, coaching, learning and conference budget.
- A clear career progression: opportunities for growth and leadership aligned to our competencies framework.
- Ownership and freedom: we give people problems to solve rather than specifications to implement, end to end ownership (deciding on the solution, implementing it, releasing it, maintaining it)
- Good work-life balance
Life at GoCardless
- Wellbeing - stay healthy with dedicated support and medical cover
- Work away scheme -gives you the option to work away from your country of residence for up to 90 days in any 12 month period.
- Adaptive Working - allows you to work flexibly, around your lifestyle
- Equity -all permanently employed GCs get equity to help you make a valuable contribution
- Parental leave -to suit everyone embarking on life's great adventure
- Learning Budget - lead your own development with an annual learning budget
- Time off - generous holiday allowance, + 3 annual volunteer days, + 4 annual business-wide wellness days ('GC Fridays')
We're an organisation defined by our values ; We start with why
before we begin any project, to ensure it's aligned with our mission. We act with integrity
, always. We care deeply
about what we do and we know it's essential that we be humble
whilst we do it. Working this way creates the GC magic- the reason we all love showing up to work. Diversity & Inclusion
We're building the bank payment network of the future and our ambition is to move money anywhere, for anything, for anyone. If we're going to achieve this goal, we need to build a team of 'GeeCee's' that is as wonderfully diverse as the world we live in - with a multitude of perspectives, experiences & backgrounds.
We've got a long way to go, but here's how we're doing as of June 2022; Female Employees
- 46% Ethnic background
- 32% Identify as LGBTQIA
- 10% Neurodivergent
We're rooting for you during your application and GoCardless aims to provide reasonable adjustments to make our recruitment process as remarkable and accessible as we can. Please speak to your Talent Partner if you need extra support.
If you want to learn more, you can read about our Employee Resource Groups and objectives here as well as our latest D&I Report Sustainability
We're committed to reducing our impact on the environment, leaving a more sustainable world for future generations. In 2021 we became co-founders of the Tech Zero coalition , a group of businesses committed to taking climate action as part of the UNFCCC Race to Zero . We aim to reduce our impact and to create positive change on the natural world. Check out our sustainability action plan here.
Find out more about Life at GoCardless via Twitter , Instagram and LinkedIn .