Information Security OfficerMaintain Operational Systems, Networks and SecurityFacilitate annual PCI audits and ensure ongoing compliance.Ensure Linux systems are patched promptly and securely, coordinating through the correct change control process if customer impact is anticipated.Maintain and monitor Elastic SIEM, respond to alerts, and perform in-depth investigations.Troubleshoot system issues across all technology stacks including production/QA environments, databases, networks, and integrations.Deploy and manage tooling to enhance operations, security, and efficiency.Research and implement new tools (open source or commercial) that improve system performance, monitoring, logging, security, or compliance.Develop Python scripts and tools to automate repetitive tasks.AWS Cloud InfrastructureSecurely architect and manage AWS services, including but not limited to:VPC, EC2, ECS/Fargate, ECRGuardDuty, CloudWatch, CloudTrailLoad balancers, VPNs, and WAFsMaintain robust connectivity between third parties, banking partners, and on-premises data centres.Implement and enforce best practices in system isolation, scope reduction, and security.Hardware Security Modules (HSM)Support field engineers and maintain internal HSMs (Futurex, Thales).Conduct key management ceremonies and maintain PCI compliance.Security Governance & ComplianceAssist with audits and regulatory requirements including:PCI-DSS & PCI+PINISO 27001 (Stretch goal)GDPRMaintain accurate and current documentation of infrastructure, procedures, and security policies.Promote a security-aware culture within the company.Automation & EfficiencyImplement automation to enhance both infrastructure and security management.Optimise costs while maintaining high security and performance standards.Security Monitoring & ReportingEnsure weekly vulnerability scans are completed, tracked, and resolved within SLA.Review and sign off on daily/weekly PCI business-as-usual activities.Analyse data and report security metrics monthly.Collaborate with 3rd parties to complete and pass PCI certification audits.Review and uphold The Companys security commitments to external partners.What Were Looking ForQualifications & ExperienceBachelors degree in Computer Science, Information Security, or related field.At least 3 years relevant experience in security or infrastructure roles.Experience in the payments or banking sector preferred.Familiarity with PCI audits, DevOps practices, Linux, MySQL, and AWS.Skills & KnowledgeStrong understanding of PCI-DSS requirements and security standards.Hands-on experience with:Linux (security patching, system administration)MySQLAWS services and virtual networking (VPC, ALB/NLB, WAF, VPNs, etc.)Automation tools: CloudFormation, Ansible, Puppet, ChefCI/CD: Bitbucket Pipelines, JenkinsScripting: Bash, PythonContainers: Docker, Kubernetes, ECSMonitoring: Zabbix, NagiosLogging & SIEM: ELK Stack, CloudWatch, Elastic, Splunk
