Cloud Security Engineer (GCP)

Our engineering team sits at the heart of the company. We have a well-rounded team that cares about building great products that matter. You'll be part of a modern fintech company where you can try things, break things, fix them, and learn fast. Your work is visible, your input matters, and you help shape both the product and how we build it. We stay close to what's happening in the world of investing and fintech, and we share what we learn. It's a place where you can stretch your skills, contribute to something real, and grow alongside people who take their craft seriously and enjoy building things together. What you will do In a fintech environment, security is not just about protecting systems; it's about safeguarding user trust, ensuring regulatory compliance, and maintaining the integrity of financial operations. You'll have the opportunity to strengthen BUX's security posture, implement cutting-edge security solutions, and drive security awareness across our engineering organisation. As a Senior Cloud Security Engineer (GCP), you will serve as the security subject-matter expert for our engineering teams. This could mean: Strengthen the BUX security posture through proactive risk management and continuous improvement Implement and manage Google Cloud Security Command Center Enterprise Configure and maintain security monitoring, threat detection and alerting Conduct regular security assessments and vulnerability scans Develop and maintain security dashboards for visibility across cloud assets Implement and maintain security standards across the organisation Define and document security policies, standards and best practices Establish secure development guidelines and support teams in adoption Ensure compliance with regulatory requirements and industry standards (SOC 2, ISO 27001, GDPR, DORA) Work with the platform team to integrate security into CI/CD pipelines Support engineering teams with security questions, issues and guidance Act as the security subject matter expert for development teams Review and advise on security aspects of system designs and architectures Assist with security incident investigation and response Provide security training and awareness programs for engineering staff Manage cloud security operations Configure and tune threat detection rules and security alerts Develop automated response playbooks for common security scenarios Monitor and respond to security findings, vulnerabilities and misconfigurations Coordinate with external security partners and auditors as needed Drive continuous security improvement Stay current with emerging threats, vulnerabilities and security technologies Evaluate and recommend security tools and solutions Track security metrics and report on security posture improvements Includes on-call duties for security incidents Our tech stack Java, Kotlin, Spring Boot, Google Cloud Platform (GCP), Kubernetes, Terraform, GitHub Actions, Security Command Center Enterprise, SIEM/SOAR platforms, Kafka, CloudSQL, PostgreSQL, Cassandra, Elasticsearch

We are looking for you if you are passionate about security, you have strong technical and communication skills, and you thrive in a collaborative fintech environment. Furthermore, we require: Senior-level experience in cloud security Expert knowledge of Google Cloud Platform (GCP) security Hands-on experience with Google Cloud Security Command Center Strong knowledge of SIEM/SOAR platforms and security operations Experience with cloud security posture management Knowledge of threat detection, vulnerability management and incident response Experience with Infrastructure as Code security (Terraform, Kubernetes) Strong communication skills to collaborate across engineering teams, Business Security Officer and other relevant stakeholders Ability to translate complex security concepts for technical and non-technical audiences Nice to have Understanding of regulatory compliance requirements (e.g., SOC 2, ISO 27001, GDPR, DORA) Security certifications (e.g., CISSP, CCSP, GCSA, GIAC) Experience with AWS or Azure in addition to GCP Knowledge of DevSecOps practices and tooling Experience with container security and Kubernetes security best practices Familiarity with penetration testing and ethical hacking techniques Experience in regulated industries, particularly fintech or financial services Knowledge of secure coding practices and application security testing (SAST/DAST)

Why join BUX as a Google Cloud Security Expert? You will shape the security strategy for a high-growth fintech company that impacts millions of users, establishing security best practices from the ground up as we scale You will work with modern cloud technologies and have the freedom to introduce security tools and practices You'll collaborate with intelligent, passionate peers who value security and continuous improvement You'll be part of a company that values your ideas and encourages innovation at every level You will help build secure products that democratize investing and make a real difference in people's financial lives How we hire To learn more about our approach to hiring and how to prepare for your interviews, check out our section. Adjustments for the hiring process We want you to feel empowered to show your best self during the application process. If there's anything we can do to accommodate you better (interview timing, place, etc), please let us know in your application form. Our benefits International work environment Company pension plan Flexibility is at our core; we offer a hybrid work environment (1-2 days at the office) Working from home allowance Mobility benefit Gym membership contribution via Urban Sports Learning budget and full access to our learning and development platform A1 Dutch language course for you (and your partner) Delicious lunches at the office The possibility to work from abroad for 1 month every 12 months Take care of your mental and emotional well-being with unlimited appointments with psychologists or coaches through Regular team gatherings and fun company events BUX for everyone At BUX, we're committed to making investing accessible and affordable for everyone through our intuitive app. We believe that a diverse team with a range of backgrounds, skills, and perspectives is key to achieving this mission. By embracing diversity, we strengthen our ability to innovate and serve our customers better. To fully benefit from our diversity, it's essential that everyone feels safe, included, and valued. We are dedicated to creating a workplace where each of us can bring our full selves to work and contribute to our shared goals.