Senior Security Engineer (Cloud)

Purpose of the role: Your role will be critical to the success of PPRO, you will ensure that Information Security is well designed and implemented to ensure it supports and enables business objectives. You’ll be a strong technologist with a focus on InfoSec. You’ll join a growing team and be responsible for the security of our computer systems & networks. The focus of this role is Cloud security.In PPRO, we operate an extensive cloud environment spanning across several AWS accounts and GCP. Your primary focus will be on ensuring the security and integrity of our cloud infrastructure and services. You will conduct assessments and analyze risks, design metrics and KPIs to measure our security posture, help us to improve our CI/CD pipelines as well as detect, investigate and prevent attacks against our technology systems. The role is highly collaborative, involving frequent interaction with various members of the technology teams.

What will you be doing:

• Risk assessments and architecture reviews of our cloud environments and technology stacks.
• Implementation of security gates and hardening controls for CI/CD pipelines.
• Develop automations for recurrent and manual tasks around auditing activities, vulnerability management and other security processes.
• Provide advice and guidance on security best practices.
• Evaluation of new and emerging technologies and security tools.
• Support the Security Operations Centre (SOC) with event triage and analysis.
• Participating in red, blue & purple team engagements to improve incident detection & response.

Some of the technologies you will get to work with:

• AWS (Kubernetes, ECS, GuardDuty, SecurityHub and more)
• Security tools (Rapid7, CrowdStrike, Aqua Security, DefectDojo and more)
• DataDog (SIEM)
• Terraform, Terragrunt
• Github Actions

You will need to have:

• *NIX: strong understanding.
• Solid knowledge of computer networks and operating systems.
• Strong background in AWS, with an understanding of security best practices and security related services.
• Container security best practices (incl. Kubernetes security).
• Infrastructure as code (preferably Terraform).
• Scripting (Python, bash or GO).
• Experience with CI/CD pipelines (preferably Github actions).
• Excellent communication skills.
• Excellent English skills in written & spoken.

Nice-to-haves:

• Experience on Google Cloud Platform (GCP).
• API security design/architecture best practices.
• SIEM experience.
• Experience with the Mitre Att&ck framework.

About usWe’re PPRO (pronounced “p-pro”). We’re on a mission to make digital payments more effective and accessible in every corner of the planet. After all, most people around the world don’t use international credit cards. In fact, 77% of consumers prefer to use local and alternative payment methods, such as Alipay in China and Boleto Bancário in Brazil. By helping businesses to offer their consumers more payment choices at the checkout, we are helping to promote financial inclusion in every corner of the globe. We are also empowering local merchants to take part in the global e-commerce boom and compete with established global companies. That means they can hire more people, invest in more suppliers, and ultimately drive economic growth in their country and beyond. We are a diverse team of over 550 people and 65+ nationalities spread across 11 global locations. Everyone here shares a passion for building – whether that’s forging close relationships with our customers, or constructing a payments infrastructure to accelerate their growth.We want everyone to make a difference at PPRO. This means owning and seizing opportunities to maximize your impact;  having a growth mindset; as well as building trust, and driving change. At PPRO there are countless opportunities to learn, develop and progress, and it’s up to you to own and shape your career path.Every voice and perspective matter to us. We value diversity and never discriminate on the basis of race, colour, ethnicity, ancestry, religion, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, or genetic information.We are looking forward to meeting you!