At a Glance
- Tasks: Secure and enhance our multi-cloud environments while driving AI-powered security improvements.
- Company: Join Checkout.com, a leader in fintech powering global transactions for major brands.
- Benefits: Flexible hybrid work model, competitive salary, and opportunities for personal growth.
- Other info: Collaborative culture where your ambition meets opportunity and growth is in your hands.
- Why this job: Make a real impact on cloud security and shape the future of digital payments.
- Qualifications: 6+ years in cloud security with expertise in AWS, Azure, and GCP.
The predicted salary is between 70000 - 90000 £ per year.
We’re Checkout.com. You might not know our name, but companies like eBay, Spotify, Klarna, Uber, and Sony do, because we’re behind many of the digital experiences you use every day. We are where the world checks out, enabling over 10 billion transactions daily for more than one billion global shoppers. Our platform helps the most ambitious businesses deliver effortless digital experiences, at scale.
If you want to do career-defining work, you’ve come to the right place. We move fast, think globally, and believe great teams are built by hiring exceptional people with conviction, curiosity, and the desire to make an impact. With 20 offices across six continents and London as our HQ, we’re shaping the future of fintech – and we’re just getting started.
You will evolve Checkout.com's security posture across our multi-cloud environments and SIEM platform. This role sits at the intersection of cloud security engineering and detection capability — responsible for both hardening the infrastructure we operate on and ensuring we can see what's happening across it. You will lead security integration projects, guide cloud engineering teams, and drive continuous improvement across monitoring and detection, including applying AI to accelerate security operations.
This is not a tool-monitoring role. You are here to architect secure cloud environments, build and enhance detection logic at scale, and drive measurable improvements to our security baseline across AWS, Azure, and GCP. You will partner closely with Engineering, GRC, Technology Risk and Security Operations - defining standards, fine tuning the SIEM, and progressively taking on the most complex cloud security and detection engineering challenges across the organisation.
What you’ll be responsible for:
- Cloud Security
- Secure and continuously improve our multi-cloud estate (AWS, Azure, GCP) using cloud native tooling to keep our cloud infrastructure hardened and compliant.
- Partner with Engineering and Security Operation team to make security a natural part of how we design and deliver, automating compliance checks so security scales without friction.
- Defining and enforcing cloud security architecture standards, guardrails, and policy-as-code inline with industry best practices including NIST, CIS, and PCI DSS.
- Use Wiz or equivalent CNAPP/CSPM to continuously assess, prioritise, and drive remediation of misconfigurations and vulnerabilities against CIS, NIST, and PCI DSS benchmarks.
- Security Monitoring
- Fine tune, and maintain modern SIEM platform (e.g. Sentinel) including KQL detection rules, workbooks, logging pipelines, and AI-assisted alert triage.
- Map detection coverage against MITRE ATT&CK tactics and techniques. Identify and close visibility gaps across the cloud estate.
- Maintain alignment to PCI DSS, SOC2, ISO27001 NIST, and CIS frameworks. Produce documentation and evidence to support audit and assurance activities.
- AI Security
- Design and implement guardrails for AI/LLM systems, covering data exposure, prompt injection, and model misuse risks.
- Leverage AI and automation to enhance alert investigation, enrichment, and response workflows.
- Maintain technical policies and standards for the secure use of AI tools across the organisation.
What we’re looking for:
- 6+ years of hands-on experience securing AWS, Azure, and GCP environments, including Azure Policy, IAM, Infrastructure-as-code (IAC) security or other cloud native tooling.
- Experience with security tools: Microsoft Sentinel, SentinelOne, NetSkope, Flashpoint, Wiz or similar tooling.
- Strong Microsoft Sentinel expertise: KQL, detection rules, workbooks, and logging pipelines.
- Working knowledge of DLP and threat intelligence monitoring.
- Experience applying AI/ML to security workflows - automated triage, behavioural analytics, or LLM-assisted investigation.
- Understanding of AI security risks and frameworks: OWASP LLM Top 10, NIST AI RMF.
- Scripting proficiency in Python, PowerShell, or Bash for security automation.
- Strong grasp of PCI DSS, NIST CSF, SOC 2, ISO27001, CIS Benchmarks, and MITRE ATT&CK for Cloud.
Nice to have:
- AZ-500, AWS Certified Security – Specialty, or equivalent cloud security certification.
- Experience integrating ATT&CK Navigator into SOC workflows.
We create the conditions for high performers to thrive, through real ownership, fewer blockers, and work that makes a difference from day one. Here, you’ll move fast, take on meaningful challenges, and be recognized for the impact you deliver. It’s a place where ambition gets met with opportunity, and where your growth is in your hands.
We work as one team, and we back each other to succeed. So whatever your background or identity, if you’re ready to grow and make a difference, you’ll be right at home here.
It’s important we set you up for success and make our process as accessible as possible. So let us know in your application, or tell your recruiter directly, if you need anything to make your experience or working environment more comfortable.
Our hybrid working model offers flexibility, with three days per week in the office to support collaboration and connection.
Cloud Platform Security Engineer employer: Checkout.com
At Checkout.com, we pride ourselves on being an exceptional employer that fosters a culture of innovation and collaboration. With our London headquarters, we offer a dynamic work environment where employees are empowered to take ownership of their projects and drive meaningful change from day one. Our commitment to employee growth is evident through our hybrid working model, which promotes flexibility and work-life balance, alongside opportunities for professional development in the rapidly evolving fintech landscape.
StudySmarter Expert Advice🤫
We think this is how you could land Cloud Platform Security Engineer
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your cloud security projects. This gives potential employers a taste of what you can do and sets you apart from the crowd.
✨Tip Number 3
Prepare for interviews by practising common questions related to cloud security. Think about how you’d tackle real-world scenarios and be ready to discuss your past experiences in detail.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in joining our team at Checkout.com.
We think you need these skills to ace Cloud Platform Security Engineer
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Cloud Platform Security Engineer role. Highlight your experience with AWS, Azure, and GCP, and don’t forget to mention any relevant security tools you’ve used. We want to see how your skills align with what we’re looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about cloud security and how your background makes you a great fit for our team. We love seeing enthusiasm and a bit of personality, so let us know what drives you!
Showcase Your Projects:If you’ve worked on any projects related to cloud security or AI, make sure to include them in your application. We’re keen to see real-world examples of your work and how you’ve tackled challenges in the past. It’s all about demonstrating your hands-on experience!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands. Plus, you’ll find all the details about the role and our company culture there, which can help you tailor your application even further!
How to prepare for a job interview at Checkout.com
✨Know Your Cloud Security Basics
Before the interview, brush up on your knowledge of cloud security principles, especially around AWS, Azure, and GCP. Be ready to discuss how you would secure multi-cloud environments and the tools you’ve used, like Microsoft Sentinel or Wiz.
✨Showcase Your Problem-Solving Skills
Prepare to share specific examples of how you've tackled complex security challenges in the past. Think about times when you had to harden infrastructure or improve detection capabilities, and be ready to explain your thought process.
✨Familiarise Yourself with Compliance Standards
Make sure you understand key compliance frameworks like PCI DSS, NIST, and SOC 2. Be prepared to discuss how you’ve implemented these standards in previous roles and how they relate to the responsibilities of the position.
✨Demonstrate Your AI Knowledge
Since the role involves leveraging AI for security, be ready to talk about your experience with AI/ML in security workflows. Discuss any projects where you applied AI to enhance alert investigation or response workflows.
