Security Operations Engineer

  • GoCardless
  • London, UK
  • Jun 12, 2019
Full time Developer Security

Job Description

We’re looking for talented security engineers that can continue to build a secure GoCardless in a fast paced environment that invests in a culture of continuous feedback.  

You will play a major and leading role in protecting GoCardless through the implementation of security operations programme and have the opportunity to influence and implement cutting-edge measures to prevent, detect and respond to potential cyber security threats.

As a security operations engineer you will play a key role in ensuring GoCardless teams are taking all required steps in operating and building a secure product set including logging infrastructure, security monitoring solutions, anomaly detection, etc.

Whether engineering a system to address a technical security hurdle, protecting our customers' data, or consulting on a wide range of security topics, you are empowered to engage and lead cross-functionally. You will be working alongside our Product Managers and audit specialists to design and implement measures that will keep GoCardless' products and systems secure.

We work closely with our engineering teams whom are building simple and reliable solutions to complex problems.  We keep our development cycles fast, by reviewing and adapting our plans frequently, and by investing in a culture of continuous feedback.

Core responsibilities

  • Providing subject matter expertise on various areas of security, specifically on security operations
  • Experience on security use case development, data source on-boarding and different log management and SIEM technologies (i.e Elastic, Splunk, etc.)
  • Monitoring of metrics associated with security controls to ensure controls are tuned for peak effectiveness
  • Handling of security operations day-to-day activities, troubleshooting and coordinating resolution or restore using the right tools and processes (activities can be hardware or software failures, security incidents, security breaches, actively looking for threats in logs - threat hunting - etc.)
  • Professionally manage inbound security-related calls and questions, create tickets, run security-related assessments, security-related user complains, and escalate accordingly
  • Providing technical support for on call outside normal business hours (if required)
  • Drive the implementation and dissemination of security KPIs
  • Liaison with teams for security design, incident handling & education
  • Participate in cross-team security initiatives
  • Security tooling selection and/or creation
  • Perform activities with minimal supervision of routine duties, demonstrate ability to solve practical problems and deal with a variety of concrete variables
  • Perform scheduled vulnerability assessments and security testing


  • Minimum of five years of security-related experience
  • Strong analytical and reasoning skills
  • Experience in other security tooling (Endpoint Security, Web/Network Scanners, SIEM and IDS/IPS, etc.) and its integration into the company systems
  • A proven and strong depth of expertise in security engineering, system and network security, authentication and security protocols, cryptography and application security, with hands-on experience in web applications for critical 24/7 services
  • Must have in depth, hands-on experience with security features and system admin of Linux, UNIX and Windows operating systems
  • Must possess excellent communication skills and ability to cooperate with other business functions
  • Understanding and exposure of message queue latest technologies such Syslog, Fluentd, GCP PubSub, Logstash, Kafka and SIEM-specific collection mechanisms (i.e. Splunk forwarders, etc.)

Bonus points

  • BSc/MSc in Computer Science or a related field, or equivalent work
  • Experience of security in a DevOps environment is preferred and/or experience of Agile methodologies (e.g. Scrum, Kanban)
  • A comprehensive knowledge of web application security,
  • Experience in cloud services (GCP, AWS, etc.)
  • Sound knowledge of the OWASP Top 10 and how they can be prevented
  • Professional security qualifications are desirable (e.g. CISSP, Offensive Security, GIAC, etc.)
  • Awareness and experience of the Data Protection Act, ISO 27001 and PCI-DSS
  • Exposure with multiple scripting / programming languages (especially scripting languages such as Python, Ruby, Perl, etc)
  • Forensic certifications or experience

Our team come from a variety of backgrounds and we welcome diversity – if you’re unsure, please apply.