Site Reliability Engineer + SecOps in Theale

Are you ready to transform the way businesses pay and get paid? Bottomline is a global leader in business payments and cash management, with over 35 years of experience and moving more than $16 trillion in payments annually. We are looking for passionate individuals to join our team and help drive impactful results for our customers. If you are dedicated to delighting customers and promoting growth and innovation - we want you on our team!

The Role

Bottomline is looking for a Site Reliability Engineer with SecOps experience to grow with us in a Hybrid work environment out of our Theale, Reading UK office! Candidates for this position must be authorized to work in the United Kingdom on a full-time basis for any employer without restriction. Visa sponsorship will not be provided for this position.

The Site Reliability Engineer will work on many SecOps related tasks; however, this will not be their only focus! We are looking for someone who is hands-on and naturally steps into leadership — someone who learns fast, dives into complex topics, and takes ownership of the roadmap and outcomes across security and reliability. You will harden our platforms and software supply chain, codify infrastructure, uplift observability, and improve 24×7 availability through automation. The role partners closely with application, platform, and security teams across regions and includes mentoring other engineers and leading cross-team initiatives to completion.

How You’ll Contribute

• Shape and execute the SRE roadmap; author design docs; run design reviews; align stakeholders and timelines.
• Mentor engineers; drive knowledge sharing, transparent status/reporting, and continuous improvement.
• Own the vulnerability lifecycle end to end: discovery, triage, risk-based prioritization, remediation, verification, and reporting.
• Operate and improve scanning across servers, containers, and images; maintain accurate in scope asset inventories.
• Plan/execute patch cycles for Linux and Windows; validate changes in lower environments; maintain rollbacks and change controls.
• Embed security in CI/CD (SAST/DAST, dependency scanning, SBOM + signing, policy checks); enforce minimum baseline policies for container images.
• Own certificates, keys, and secrets lifecycle with automated rotation and renewal.
• Partner with Security/GRC on policies, audits, evidence; document exceptions and time-bound risk acceptances.
• Define SLOs/SLIs and manage error budgets; lead incident response and post-incident improvements; coach on-call practice.
• Build and operate observability (metrics/logs/traces) using OTEL and Grafana; automate runbooks to reduce MTTR.
• Engineer resilient CI/CD (GitLab, Jenkins): progressive delivery, safe rollbacks, change validation, and release quality gates.
• Design and maintain Terraform modules and configuration management (Puppet/Ansible); standardize platform baselines (OS, Kubernetes, middleware) and enforce policy-as-code.
• Consolidate and rationalize technical stacks to improve operational readiness and risk profiles.
• Work with SRE engineers, and other Operation teams to schedule and deliver safe changes; partner with CISO; engage application teams for zero downtime or low risk deployments.
• Sharing ideas with the team and management to improve security and reliability.
• Proposing new security tools, automation and processes.
• Embracing new technologies and building business cases for their adoption.

What Will Make You Successful

• Strong Linux (RHEL/CentOS) and/or Windows Server administration in production environments.
• Hands-on with scanners (e.g., Qualys/Defender VM) and patch orchestration; strong change control and rollback strategies.
• Terraform; Ansible/Puppet (idempotent patterns); OS native patching (yum).
• Working knowledge to embed scanning and compliance checks in pipelines (GitLab/Jenkins).
• Familiarity with Docker/Kubernetes and image scanning policies.
• Practical OTEL instrumentation and Grafana dashboards; SRE principles for availability and MTTR reduction.
• Certificates, encryption standards, secure configuration baselines; secrets management.
• Proficiency in Bash/PowerShell; working knowledge of Python or Go.

Soft skills

• Strong security and customer-service mindset.
• Rigorous, methodical and risk-aware.
• Recognized technical leadership and ownership.
• Ability to remain calm and decisive under pressure.
• Autonomous but able to work effectively within teams.
• Excellent communication and stakeholder management skills.

What We Offer

• Competitive salary and benefits package.
• Opportunities for professional growth and advancement.
• A collaborative and innovative work environment.
• Flexible working arrangements.

We welcome talent at all career stages and are dedicated to understanding and supporting additional needs. We are proud to be an equal opportunity employer, committed to creating an inclusive and open environment for everyone.