Senior Infrastructure & Security Engineer (AWS, Compliance-Focused)

Company Overview

At TPF, we are pioneers in the ever-evolving landscape of fintech and payments technology. Driven by innovation and powered by a dynamic team, we are dedicated to crafting groundbreaking solutions that redefine the industry's standards.

Who We Are

TPF stands at the intersection of technology and finance, leveraging cutting-edge advancements to streamline financial transactions and revolutionize payment processes. Our commitment to excellence is reflected in every aspect of our work, from conceptualization to implementation.

What Sets Us Apart

What truly sets TPF apart is our unwavering dedication to staying ahead of the curve. We pride ourselves on our ability to anticipate industry trends and proactively develop solutions that address the evolving needs of our clients. By embracing emerging technologies and embracing a forward-thinking mindset, we remain at the forefront of innovation in the fintech and payments landscape.

Job Overview

We are looking for a hands-on Infrastructure & Security Engineer to own and operate our cloud infrastructure and implement security and ICT compliance controls across our fintech platforms.  This role focuses on execution and ownership, not policy design. You will work closely with internal stakeholders (Engineering, Compliance, Risk) and external advisors to translate regulatory requirements into practical, implemented, and auditable controls across systems and infrastructure.  This position also replaces an existing contractor, ensuring continuity, stronger internal ownership, and alignment with regulatory expectations.

Key Responsibilities

• Own AWS infrastructure with accountability for the design, implementation, maintenance and continuous improvement of TPF's network and infrastructure environment, including cloud and on-premises connectivity, firewalls, routing, switching, identity and access services, endopoint and server infrastructure, resilience, monitoring and operational support.  Accountable to ensure that infrastructure is secure, highly available, scalable, reliable, resilient and fit for purpose to support regulated financial services operations.

• Implement and operate core security controls:
  • Access management (IAM/RBAC)
  • Logging, monitoring and audit trails
  • Encryption and secrets management

• Ensure implementation and effectiveness of security controls accross systems annd integrations

• Be responsible for adherence to ICT compliance policies and the maintenance and adherence to procedures, including but not limited to:
  • Access control
  • Incidence response (detection, escalation, technical readiness)
  • Change management and secure deployment practices

• Be respobsible for maintenance and testing of:
  • Backup and disaster recovery (RTO/RPO)
  • Operational resilience controls

• Maintain ICT incident classification inline with policy and escalation of reporting procedures inline with regulatory requirements, including major incident notification obligations

• Act as a primary technical security contact for Compliance and external advisors

• Support vendor risk processes:
  • Technical due diligence
  • Control validation for critical vendors

• Support and coordinate the maintenance of the Register of Information (RoI), ensuring it remains up to date and acting as the primary internal point of contact.

• Provide evidence and support for audits, regulatory reviews and reporting.

Required Profile

• 5+ years in Infrastructure / DevOps / Security Engineering
• Strong hands-on AWS experience (security best practices)
• Proven experience implementing and operating security controls (IAM, logging, encryption)
• Experience with infrastructure-as-code and CI/CD
• Strong ownership mindset with ability to operate across security and engineering

Good to Have

• 
  Experience acting as security lead or CISO delegate in a small/medium organisation
• Exposure to regulatory frameworks (e.g. DORA, PSD2, ISO 27001)
• Experience with incident management, audits and vendor risk