Cloud Security Engineer

 Be part of a movement to change the way Europe pays

In today's digital world, payments often still feel outdated: random delays and confusing rules make it harder than it should be to pay and get paid. The European Payments Initiative (EPI) is here to change all that, forever.

With Wero, our digital wallet, we make sending and receiving money simple, seamless and secure across France, Belgium and Germany, with more countries and omnichannel solutions coming soon. Supported by 16 major banks and the two largest European acquirers, EPI is building a new, proudly European payment system: easy, instant and transparent, all for the greater good.

What's in it for you

Are you ready to play a pivotal role in ensuring the highest standards of security for the future of digital payments across Europe? We are seeking a dedicated Cloud Security Engineer to join our team at the forefront of Europe's most ambitious payment initiative. This is your chance to be on the ground floor of security, shaping and implementing cutting-edge solutions in the fintech space.

About the team

You'll be part of a pan-European Product & Engineering organization working at the forefront of secure payment solutions. Spread across Europe, your teammates bring diverse backgrounds and deep expertise, creating a collaborative environment where application security is a shared responsibility and a real driver of innovation.

Your impact

• Secure our cloud platform end-to-end by embedding security into every stage of the lifecycle: design, code, deployment and operations. You will participate in infrastructure decisions, lead and review threat modeling exercises, perform security-focused code reviews, and ensure our AWS–Kubernetes–Terraform stack remains robust, observable and resilient.
  

• Act as a trusted cloud security authority for engineering and infrastructure teams, helping them design scalable, secure-by-default systems. Your deep understanding of cloud threats, mitigations and DevSecOps best practices will directly influence how features are built and delivered.
  

• Continuously strengthen our security architecture by contributing to strategic and tactical decisions on tooling, service configuration and underlying platform design. You will be accountable for the ongoing improvement of the platform's security posture at the cloud layer in a complex, highly regulated environment.
  

• Elevate the organisation's security maturity by documenting security architecture and patterns, sharing best practices and fostering a culture where security is an enabler, not a gate. Your ability to communicate clearly and influence without formal authority will accelerate the adoption of secure engineering practices across teams.
  

Technology stack

AWS, Kubernetes, Terraform, MongoDB, OpenAPI, Docker, Kotlin, SAST/DAST/SCA tooling, Datadog

To succeed, you should meet at least 70% of these requirements

• At least 5 years of experience securing highly scalable web applications and modern cloud-native systems (preferably on AWS).

• Proven track record in hardening architectures and applying DevSecOps practices, from threat modeling and secure design to security-focused code reviews and operational hardening.

• Deep hands-on expertise with our core cloud stack: AWS (IAM, networking, logging/monitoring, security services), Kubernetes (cluster & workload security, RBAC, network policies, admission control), and Terraform (secure IaC patterns, modules, policy-as-code).

• Experience in highly regulated domains such as payments or financial services would be a strong plus.

• Share our values around security as an enabler: you see security as a way to accelerate safe delivery rather than as gatekeeping, and you care about the "why" behind security measures as much as the "how".

• Fluent in English (CEFR C1 or C2); French, German or Dutch or any additional European languages is a plus.
  

If this looks like you, the recruitment steps are:

1. A first call with one of our recruiters

2. An interview with our Security expert

3. A final interview with our Head of Engineering

4. Hopefully, an offer you can't refuse
   

Turn back if …

• You're looking for an already highly structured environment with no ambiguity

• You see security primarily as gatekeeping or slowing things down, rather than as an enabler for fast, safe delivery and better products.

• You are not interested in and understand the history and the "Why" of security measures and best-practices as much as the "How" for applying them.
  

Otherwise apply

Our commitment to equal employment opportunities

EPI offers the same job opportunities to all, without distinction of gender, ethnicity, religion, sexual orientation, social status, disability or age. EPI promotes the development of an inclusive work environment that mirrors the diversity of the clients our product is serving.