DevOps / Platform Engineer (Security-Focused)

Role Overview

We are looking for a DevOps / Platform Engineer to design, build, and operate a secure, scalable cloud platform supporting payment and financial systems.

You will work across a multi-runtime environment (Laravel/PHP and Node.js) and be responsible for enforcing bank-grade security, observability, and reliability across infrastructure, pipelines, and runtime environments.

This role sits at the intersection of:

Platform Engineering + DevOps + Security (DevSecOps)

Core Responsibilities

  • Build and manage AWS infrastructure using Terraform (IaC-first)
  • Operate and scale Kubernetes (EKS) workloads securely
  • Design and maintain secure CI/CD pipelines (Bitbucket Pipelines)
  • Implement end-to-end observability using Datadog
  • Metrics, logs, APM, alerting
  • Enforce security controls across all layers
  • Ensure high availability and performance of production systems
  • Lead incident response and postmortems (infra + security)
  • Maintain auditability and traceability across systems
  • Collaborate with engineers to standardise platform patterns
  • Support integration of acquired payment systems

Technical Requirements

Infrastructure & Platform

  • Strong AWS experience:
  • VPCs, subnets, routing, NAT gateways
  • IAM (least privilege, role design)
  • Experience with Terraform
  • Modular infrastructure design
  • Remote state (secure + collaborative)
  • Environment isolation (prod/stage/etc.)
  • Strong Kubernetes (EKS) experience:
  • RBAC and workload isolation
  • Network policies
  • Secure ingress/egress
  • Secrets handling

Runtime & Application Layer

  • Experience supporting:
  • Node.js services in production
  • Laravel / PHP applications
  • Understanding of:
  • Multi-service architectures
  • Container lifecycle and performance tuning

Data Layer

  • Strong experience with:
  • PostgreSQL
  • MySQL
  • Redis
  • Understanding of:
  • Replication, backups, failover
  • Performance tuning under load
  • Data integrity and consistency
  • Security:
  • Encryption at rest and in transit
  • Access control at DB level

CI/CD & Supply Chain Security

  • Experience building secure pipelines:
  • Build isolation
  • Artifact integrity
  • Dependency control (Node + PHP ecosystems)
  • Familiarity with:
  • Software supply chain risks
  • SAST / DAST concepts
  • Ability to enforce:
  • Version pinning
  • Reproducible builds

Observability (Datadog-Centric)

  • Strong hands-on experience with Datadog
  • APM (tracing Node & PHP services)
  • Infrastructure monitoring
  • Log aggregation
  • Alerting and SLOs
  • Ability to:
  • Define meaningful alerts (not noisy ones)
  • Correlate logs, traces, and metrics
  • Support incident debugging using observability data

Security & Compliance (Core Requirement)

This is central to the role, not optional.

  • Strong understanding of:
  • Defence-in-depth
  • Zero trust architecture
  • Least privilege IAM
  • Experience implementing:
  • Secrets management (AWS Secrets Manager / Vault)
  • Key management (KMS)
  • TLS everywhere
  • Familiarity with:
  • ISO 27001
  • Audit logging and traceability
  • Experience working in or understanding:
  • Payments / financial systems risk models

Desirable

  • Experience in fintech / payments environments
  • Experience with Cloudflare (WAF, DNS, edge security)
  • Experience with:
  • Container/image scanning
  • Runtime security tools
  • Experience integrating legacy or acquired systems
  • Experience with hybrid infra (on-prem + cloud)

Soft Skills

  • Strong ownership of platform + security
  • Thinks in systems, failure modes, and risk
  • Pragmatic (avoids over-engineering, but doesn’t cut security corners)
  • Clear communicator during incidents and audits
  • Comfortable in a high-autonomy startup environment

    • Apply Now
    Apply Now

    Job Details

    Company
    Checkboard
    Location
    London, England, United Kingdom
    Posted