DevOps Security Engineer

Amex GBT is a place where colleagues find inspiration in travel as a force for good and through their work can make an impact on our industry. We're here to help our colleagues achieve success and offer an inclusive and collaborative culture where your voice is valued.

Ready to explore a career path? Start your journey.

Amex GBT Neo1 is a fullstack innovation hub and is looking to accelerate the growth of our spend management platform while maintaining engagement of our rapidly growing customer base of SMEs. The platform serves the spending needs of SMEs (Small and Medium Enterprises) as a B2B SaaS platform currently focused in the UK and US.

We are seeking a skilled and motivated DevSecOps Engineer to join our team with a primary focus on security.

What We're Looking For

1. Proven experience as a DevOps Engineer, Security Engineer, or a combined role (7 years preferred).
2. Hands-on experience with AWS services including ECS, RDS, API Gateway, S3, Lambda, CloudFront, CloudWatch Logs, Infrastructure as code, and Scripting (e.g. Python, Bash) for automation.
3. Proven experience in data manipulation using SQL queries, Excel, and scripting languages.
4. Proficiency in scripting and automation using Python and Bash to support operations and security tasks.
5. Experience with Dockerized and serverless applications.
6. Comprehensive understanding of the web ecosystem encompassing everything from HTTP protocol and HTTPS flow details to security headers and foundational knowledge of JavaScript.
7. Strong practical experience with Git coupled with a solid understanding of its underlying concepts and workflows.
8. Basic Linux system administration skills (familiarity with macOS systems is a plus).
9. Proven ability to troubleshoot complex technical problems in distributed systems.
10. Skilled in conducting root cause analysis and proactive risk assessment on requests.
11. Knowledge of security frameworks (PCIDSS in particular).
12. Hands-on experience managing vulnerability scans, penetration testing, and audit preparation.
13. Excellent written and verbal communication skills in both French and English to work with internal teams and external partners. You will collaborate with internal and external security teams to manage vulnerability scans, penetration tests, and other security assessments.
14. Attention to detail with a process-oriented approach to documenting procedures and runbooks.
15. Ability to stay informed about technological advancements through active monitoring, identifying relevant innovations, and integrating them into professional practices.
16. Demonstrates autonomy in researching and exploring new concepts such as ARM migration and AI-driven log analysis to create actionable plans.
17. Adaptability in a remote-first international team.
18. Willing to and agree to work flexible working hours to support the needs of customers and colleagues in US time zones (e.g., start at 11 AM and finish at 7 PM as requested).

Certifications: AWS Certified DevOps Engineer, AWS Certified Solutions Architect, or equivalent.

Experience with CI/CD tools (e.g., Jenkins, GitLab CI, CircleCI).

Familiarity with containerization tools (e.g., Docker, Kubernetes).

Familiarity with Security Control Systems and Frameworks (e.g., SOX, PCIDSS, ISO).

Knowledge of database systems (SQL / NoSQL).

Location: Paris, France

The #TeamGBT Experience

Work and life: Find your happy medium at Amex GBT.

Flexible benefits are tailored to each country and start the day you do. These include health and welfare insurance plans, retirement programs, parental leave, adoption assistance, and more.

Travel perks: get a choice of deals each week from major travel providers on everything from flights to hotels to cruises and car rentals.

Develop the skills you want when the time is right for you with global tuition assistance, access to over 20,000 courses on our learning platform, leadership courses, and new job openings available to internal candidates first.

We strive to champion Diversity, Equity, and Inclusion in every aspect of our business at GBT. You can connect with colleagues through our global Inclusion Groups centered around common identities or initiatives to discuss challenges, obstacles, achievements, and drive company awareness and action.

Wellbeing resources to support mental and emotional health for you and your immediate family.

And much more!

This role is for Klee Data Systems (KDS or the Company), a member of the American Express Global Business Travel family of companies.

All applicants will receive equal consideration for employment without regard to age, sex, gender (and characteristics related to sex and gender), pregnancy (and related medical conditions), race, color, citizenship, religion, disability, or any other class or characteristic protected by law.

Furthermore, we are committed to providing reasonable accommodation to qualified individuals with disabilities. Please let your recruiter know if you need an accommodation at any point during the hiring process. For details regarding how we protect your data, please consult GBT Recruitment Privacy Statement.

What if I don’t meet every requirement? If you’re passionate about our mission and believe you’d be a phenomenal addition to our team, don’t worry about checking every box; please apply anyway. You may be exactly the person we’re looking for!

Key Skills: Splunk, IDS, Network security, Computer Networking, Identity & Access Management, PKI, PCI, NIST Standards, Security System Experience, Information Security, Encryption, Siem

Employment Type: Full-Time

Experience: years

Vacancy: 1