Skip to main content
SponsorJobs

DevSecOps Engineer

London Area, United Kingdom Full-time Posted 2 weeks ago

Our Technology


We leverage the latest tools and technologies to create a seamless, customer-centric digital experience. Our core stack is built around Node.js, TypeScript, and NestJS, with a front-end powered by React. We deploy using AWS cloud services and Kubernetes, ensuring scalability and resilience. Infrastructure as Code is fundamental to our approach, and we use Terraform to manage our cloud resources.


Our architecture is cloud-native, event-driven, and distributed, built on Amazon EventBridge and SQS, with services exposed via REST.


We are driven by data science, machine learning, and analytics, using multi-variant testing to personalise user experiences across every digital channel.


However, it's not just about the technology. We are passionate about continuous delivery, automation, and rapid iteration. Our deployment pipeline is fully automated, covering everything from branching, building, testing, and shipping to monitoring and alerting—allowing us to focus on delivering value to our customers.


Technology is at the heart of our business, and we value diverse perspectives. Bring your ideas, experience, and problem-solving mindset—we'll navigate obstacles together.


Technology:

  • Platforms: Kubernetes (EKS) with Istio Service Mesh
  • Security & Monitoring: Datadog CSM, Cloudflare WAF, CrowdStrike, BitDefender, Okta, Hashicorp Vault
  • Databases: PostgreSQL (Aurora)
  • IaC: Terraform via Atlantis
  • CI/CD: Github, Flux, Helm


What you'll be doing:

  • Working within the Platform team hardening AWS and Kubernetes perimeters.
  • Running vulnerability management across our AWS and Kubernetes estate, and setting the SLAs and processes that keep us on top of it.
  • Building and tuning security detections, and writing the runbooks that make security alerts actionable on-call.
  • Coordinating external penetration tests and driving remediation of findings to closure.
  • Owning identity and secrets across Okta, Vault, and AWS IAM, including SSO/SCIM rollouts and access reviews.
  • Owning our InfoSec/PCI DSS programme end-to-end — quarterly reviews, significant change documentation, audit prep, and working directly with our QSA and other partners.


We'd love to hear from you if you have the following:

  • Strong AWS security skills (IAM, SCPs, VPC, EKS, ECR, GuardDuty, KMS) and comfort writing and reviewing Terraform yourself.
  • Practical experience with at least three of: Datadog (ideally CSM), Cloudflare WAF, Hashicorp Vault, Okta, Kubernetes security, CrowdStrike or equivalent EDR.
  • A track record of coordinating external penetration tests — scoping, enablement, and remediation follow-through.
  • A bias for automating compliance toil, particularly evidence-gathering for recurring reviews and audits.
  • The ability to write runbooks an on-call engineer can actually follow at 03:00.
  • Hands-on experience with PCI DSS v4.0 controls in a payments or financial services environment is a plus
  • Are comfortable working in a fast-paced, evolving start-up environment.
  • Can work independently, tackling ambiguous challenges and driving solutions forward.


*The stated experience and background is a guide and does not preclude applications from candidates with more or less experience, provided the requisite skills can be demonstrated.


Our Benefits - here’s a few and more to come ….

  • Tax advantage Share Options
  • Flexible working model
  • Work from home set up
  • Learning & Development opportunities
  • Contributory Pension Scheme
  • Free Team lunch (Tues & Thurs) and social evenings
  • Comprehensive PMI & x4 Life Insurance
  • Your birthday off, plus one Revival day


If you are excited about sharing the adventure, joining a growing team with big ambitions and you are really great at what you do, then apply now!


Super Payments is an equal opportunity employer, embracing diversity in all its forms and fostering an inclusive environment. The company will not unlawfully discriminate on grounds of gender, sexual orientation, marital or civil partner status, gender reassignment, race, religion or belief, colour, nationality, ethnic or national origin, disability or age, neurodiversity status, pregnancy or trade union membership.


Please let us know if you require any reasonable adjustments at any point during the application and/or recruitment process.

Similar sponsor-licensed roles

More roles in London Area, United Kingdom with active sponsor licences.

Role
Location
Type
Salary
Residential Deputy Manager
@southwark-council · Government
London, England, United Kingdom
Full-time
ME
Procurement Director - Retail/ F&B/ Operations
@merlin-entertainments · Media & Entertainment
London, England, United Kingdom
Full-time
Senior Commercial Manager
@egis-industries · Engineering
London, England, United Kingdom
Full-time
Commercial Manager
@egis-industries · Engineering
London, England, United Kingdom
Full-time