Senior Security Engineer

Company Description

Checkout.com is one of the most exciting fintechs in the world. Our mission is to enable businesses and their communities to thrive in the digital economy. We’re the strategic payments partner for some of the best known fast-moving brands globally such as Wise, Hut Group, Sony Electronics, Homebase, Henkel, Klarna and many others. Purpose-built with performance and scalability in mind, our flexible cloud-based payments platform helps global enterprises launch new products and create experiences customers love. And it's not just what we build that makes us different. It's how.

We empower passionate problem-solvers to collaborate, innovate and do their best work. That’s why we’re on the Forbes Cloud 100 list and a Great Place to Work accredited company. And we’re just getting started. We’re building diverse and inclusive teams around the world — because that’s how we create even better experiences for our merchants and our partners. And we need your help. Join us to build the digital economy of tomorrow.

Job Description

As a Senior Security Engineer at Checkout.com, you will take a leadership role in designing, implementing, and maintaining robust security solutions to protect our sensitive systems and data. Working in a fast-paced fintech environment, you will contribute to maintaining compliance with PCI DSS and other regulatory requirements, ensuring the security of cloud, network, and identity systems while fostering a culture of security across teams.
This role requires a blend of technical expertise, hands-on problem-solving skills, and the ability to mentor junior staff while collaborating across engineering, operations, and compliance functions.

Key Responsibilities:

Security Operations:

• Manage and improve the organization's vulnerability management program, including scanning, tracking, and remediation workflows using tools such as Wiz, Qualys, and Jira.
• Plan and execute regular penetration tests to assess the resilience of systems against potential threats. Document findings and collaborate with engineering teams to prioritize remediation efforts.
• Continuously monitor systems using SIEM platforms like Azure Sentinel to detect and respond to threats in real-time.
• Ensure network security by configuring and maintaining devices such as FortiGate firewalls and Cisco routers/switches, including firewall rule audits and IDS/IPS management.

Compliance and Governance:

• Implement and maintain security controls in alignment with PCI DSS and other compliance frameworks, ensuring readiness for audits and certifications.
• Support internal and external audits, preparing documentation, evidence, and remediation plans for audit findings related to security operations.
• Drive security awareness and best practices throughout the organization, ensuring alignment with regulatory and internal standards.

Cloud and Identity Security:

• Design and maintain cloud security configurations for AWS, including IAM policies, VPC security, and encryption.
• Oversee identity management systems such as Active Directory (AD) and OKTA, implementing best practices for SSO/MFA, access controls, and identity lifecycle management.

Team Leadership and Mentorship

• Provide mentorship to junior security engineers and analysts, helping them develop technical and operational skills.
• Collaborate with cross-functional teams, including engineering, DevOps, and IT, to embed security best practices into development and operational workflows.
• Participate in the design and implementation of secure architectures for new and existing services, ensuring scalability and resilience.
   

Qualifications

Proven Experience: Minimum 5+ years in a security engineering role, ideally within the tech or fintech sector.
Technical Expertise: Hands-on experience with tools like Azure Sentinel, Wiz, Qualys, NetSkope, and strong knowledge of AWS security.
Networking Proficiency: Strong understanding of securing network devices, including FortiGate firewalls and Cisco networking equipment.
Compliance Knowledge: Deep understanding of PCI DSS, with proven experience implementing and auditing compliance measures.
Cloud Security: Experience with securing cloud environments (preferably AWS) and integrating them with hybrid infrastructures.
Identity Management: Expertise with Active Directory and OKTA, including advanced access controls, SSO, and MFA.
Penetration Testing: Practical experience conducting penetration tests, interpreting results, and working with teams to mitigate vulnerabilities.
Leadership: A passion for mentoring and training team members, fostering a collaborative and growth-oriented security culture.
Certifications: Relevant certifications such as CISSP, CISM, OSCP, CEH, PCI QSA, or AWS Security Specialty are highly desirable.
 

Additional Information

Apply without meeting all requirements statement 

If you don't meet all the requirements but think you might still be right for the role, please apply anyway. We're always keen to speak to people who connect with our mission and values.

We believe in equal opportunities

We work as one team. Wherever you come from. However you identify. And whichever payment method you use. 

Our clients come from all over the world — and so do we. Hiring hard-working people and giving them a community to thrive in is critical to our success.

When you join our team, we’ll empower you to unlock your potential so you can do your best work. We’d love to hear how you think you could make a difference here with us. 

We want to set you up for success and make our process as accessible as possible. So let us know in your application, or tell your recruiter directly, if you need anything to make your experience or working environment more comfortable. We’ll be happy to support you.

Take a peek inside life at Checkout.com via

• Our Culture video https://youtu.be/BEwnpHuadSw
• Our careers page https://www.checkout.com/careers
• Our LinkedIn Life pages bit.ly/3OaoN1U  
• Our Instagram https://www.instagram.com/checkout_com/