Senior Platform Security Engineer

We are seeking a hands-on Platform Security Engineer to join Checkout.com's Global Technology & Security Office. This role will provide technical depth and oversight across our security tooling and guardrails, ensuring our controls are not just deployed but properly configured, monitored, and effective.

This is a delivery-oriented role focused on DLP, SIEM, and AI governance guardrails, with responsibility for helping us close key gaps in our posture and ensuring security controls keep pace with business growth. The role reports directly to the CISO & VP IT and will work closely with InfoSec, the SOC, Legal, Procurement, and the AI Centre of Excellence., DLP & Endpoint Security

• Design, configure, implement and maintain DLP policies across email, endpoints,SaaS apps and cloud storage.
• Configure and maintain DLP, EDR and endpoint controls to detect and block sensitive data exfiltration via cloud sync, removable media, Git repos, and clipboard misuse.
• Work with Legal on legal hold , eDiscovery workflows and sensitive case management.

Security Threat and Vulnerability Monitoring

• Provide oversight and input on the SentinelOne SIEM rollout to ensure correct architecture, configuration, and use-case coverage.
• Define security logging and alerting standards for high-risk activity (privileged actions, insider risk, exfil events, OAuth app abuse).

Ransomware Resilience

• Configure, tune tune and maintain EDR/anti-ransomware policies to block encryption tools, malicious scripts, and lateral movement techniques.
• Develop and validate detection use cases for early ransomware indicators (e.g., abnormal file access, shadow copy deletion, mass encryption).
• Design and execute red-team and tabletop ransomware simulations to assess readiness and validate security incident response effectiveness.

AI Architecture and Design

• Implement technical guardrails for managed AI/ML use (MCPs, model registries, prompt/response logging with redaction and monitoring for sensitive information leakage).
• Experience with AI LLM security threat modeling (prompt injection, data leakage, model misuse) or strong willingness to learn.
• Integrate AI oversight tools with DLP and SIEM for consistent detection and auditing..
• Partner with the AI Centre of Excellence to define and enforce secure AI development workflows (secure MCPs, approved APIs, model risk classification)
• Partner with the Information Security team to run periodic AI risk assessments to identify gaps in model usage, access and data handling.

Identity & Messaging Hardening

• Support phased deprecation of insecure protocols and ciphers
• Deploy and enforce conditional access policies for high-risk user groups and privileged accounts.
• Harden file-sharing and collaboration posture across Google Drive, Slack, Hangouts by applying least privilege access and monitoring risky sharing.

Cross-functional Enablement

• Act as the technical partner to Information Security, SOC, Procurement and Legal to ensure policy decisions are backed by enforceable technical guardrails.
• Provide reference architectures, documentation and training to Workplace Technology and Engineering teams to continue an established security-by-default mindset and ensure enhancing this mindset within the business.
• Work with Procurement on vendor onboarding security assessments, ensuring new SaaS and cloud providers meet DLP, SIEM and logging requirements before production use.
• Deliver metrics and reporting to leadership ( e.g. % coverage of DLP policies, log source completeness, AI usage compliance ).

Do you have experience in SIEM?, Do you have a Master's degree?, * Proven experience as a Security Engineer, Platform Security Engineer, or similar role, with hands-on configuration of DLP, SIEM, and endpoint tooling.

• Strong working knowledge of Microsoft and Google enterprise environments.
• Familiarity with cloud-native logging pipelines (AWS CloudTrail, GCP Audit Logs, Azure monitor) and SIEM content development.
• Familiarity with AI/ML governance challenges (prompt injection, data leakage, model misuse)and tooling a strong plus - supported by a strong willingness to learn and share knowledge
• Experience collaborating with SOCs, Legal, and Compliance teams.
• Comfortable working independently, taking ownership of configurations, and delivering measurable improvements.
• Pragmatic and solutions-oriented: able to balance strong controls with business usability.
• Bonus: exposure to PCI DSS, GDPR, ISO 27001, or SOC 2 controls in a fintech or high-growth SaaS environment.

We're Checkout.com - you might not know our name, but companies like eBay, ASOS, Klarna, Uber Eats, and Sony do. That moment when you check out online? We make it happen. Checkout.com is where the world checks out. Our global network powers billions of transactions every year, making money move without making a fuss. We spent years perfecting a service most people will never notice. Because when digital payments just work, businesses grow, customers stay, and no one stops to think about why. With 19 offices spanning six continents, we feel at home everywhere - but London is our HQ. Wherever our people work their magic, they're fast-moving, performance-obsessed, and driven by being better every day. Ideal. Because a role here isn't just another job; it's a career-defining opportunity to build the future of fintech., We create the conditions for high performers to thrive - through real ownership, fewer blockers, and work that makes a difference from day one. Here, you'll move fast, take on meaningful challenges, and be recognized for the impact you deliver. It's a place where ambition gets met with opportunity - and where your growth is in your hands. We work as one team, and we back each other to succeed. So whatever your background or identity, if you're ready to grow and make a difference, you'll be right at home here. It's important we set you up for success and make our process as accessible as possible. So let us know in your application, or tell your recruiter directly, if you need anything to make your experience or working environment more comfortable. Life at Checkout.com We understand that work is just one part of your life. Our hybrid working model offers flexibility, with three days per week in the office to support collaboration and connection.