Melbourne, Australia

Senior DevSecOps Engineer

We’re Littlepay - a fast growing fintech company, and the world's only payment processor specialising in transit payments. We've created a versatile payments platform which allows customers using public transport to tap on and tap off using any payment card, mobile wallet, or wearable device. Our contactless payment solution has been launched with several of Europe’s major transport operators, and we’re now expanding globally.

We are looking for an experienced DevSecOps Engineer to join our highly skilled engineering team. The role would suit someone who is experienced in hands-on implementation of security and compliance in AWS, keen to improve processes, and drive best practices. They will collaborate with the team to continue to deliver against our compliance requirements, developing effective/collaborative working relationships with colleagues.

Objectives:

  • Deliver automated availability of evidence for audit against compliance criteria (PCI-DSS).
  • Enable continuous visibility of our security and compliance posture as measured against the criteria of e.g. AWS best practices, CIS, PCI-DSS.
  • Understand and clearly communicate to technical and business stakeholders the potential impacts of other compliance frameworks, in collaboration with our CISO function (ISO27K etc)
  • Develop seniority of colleagues focused on devops, security and compliance areas. Provide subject matter expertise, mentorship and guiding professional development while developing a confident, collaborative, and engaged team.
  • Continue 'shift-left' by providing ‘customer-focused’ guardrails for security and compliance to development teams, through support in pipelines, monitoring, alerting.
  • Implement regular briefings / knowledge building to upskill development teams and raise awareness of the value of security work, building a ‘security-first’ culture.
  • Delivery of our existing roadmapped activities around PKI uplift, IAM SSO, Security Hub / SIEM.

Required Experience:

  • Previous experience in a similar role such as DevSecOps / Application Security
  • Professional experience in delivering production workloads with a range of AWS technologies (ECS Fargate, VPC, EBS, S3, Route53, IAM, RDS, DynamoDB, SQS, Cloudwatch, ALB, NLB, ELB, Service Discovery, Security Groups, NACLs, AWS VPN connections, Site-to-Site, Customer Gateways, Transit Gateway)
  • Previous experience in managing cloud based architectures under a compliance regime (e.g. PCI-DSS)
  • Knowledge of web, security, and networking protocols, load-balancing, iptables (e.g HAProxy)
  • Analytical mindset, natural curiosity, initiative and willingness to think outside of the box to solve problems, using engineering approaches to running better production systems
  • An attitude that favours continuous improvement.

Desired Experience:

  • Payments or financial industry experience
  • Good understanding of shell scripting and/or any computer programming language
  • Team leadership experience.

Personal Attributes:

  • Values knowledge sharing, enjoys teaching and learning
  • Proactive and takes initiative!
  • Good troubleshooting skills
  • Able to thrive in a small team environment.

In return,

You'll have the opportunity to learn about the payment processing ecosystem from end-to-end. You'll be working with the latest cloud technology and bank-grade data security, and involved in the provision of critical payment services that impact millions of daily commuters. All within the tight-knit environment of an agile scaling startup.

We offer a competitive salary, flexible work conditions, ample opportunity for professional development, and a great CBD location close to Southern Cross station.

Learn about Littlepay's privacy policy and how we collect and use your information https://littlepay.com/privacy