• Design and strengthen security in multi-account AWS environments, focusing on identity (IAM), networking (VPC, Security Groups) and data protection (KMS, Secrets Manager). • Implement automated security controls in CI/CD pipelines (CodePipeline, GitHub Actions, Terraform). • Configure and maintain AWS native security services: GuardDuty, Security Hub, CloudTrail, Config, Inspector, Macie, WAF, and Shield. • Establish continuous monitoring with CloudWatch, SIEM, and proactive alerts for anomalies or incidents. • Conduct internal pentesting, threat modeling, and security validation on APIs, serverless functions, and critical components. • Lead the detection and incident response (IR) strategy, including playbooks, drills, and basic forensics. • Ensure compliance with fintech regulatory frameworks (ISO 27001, SOC 2, GDPR, PCI DSS). • Collaborate with Platform, Data, and Core teams to ensure a 'secure by default' architecture.

• Deliver priority roadmap features across frontend and backend systems • Develop and maintain applications using Node.js, React, and TypeScript • Support and enhance NHS and third-party integrations • Contribute to scalable, reusable platform architecture • Maintain and optimise cloud infrastructure (AWS preferred) • Build, maintain, and improve CI/CD pipelines and release processes • Improve monitoring, logging, and system observability • Strengthen deployment reliability and platform stability • Implement and support security improvements and secure coding practices • Ensure alignment with compliance standards (e.g., GDPR, ISO27001) • Improve engineering quality and release discipline by: Reducing defect leakage, Strengthening testing practices and • Supporting test-first / automated testing approaches • Collaborate with Product and stakeholders to translate complex requirements into pragmatic technical solutions • Work across multiple concurrent workstreams and manage priorities effectively

• Design, build, and maintain CI/CD pipelines for automated testing, building, and deployment • Manage and optimize cloud infrastructure (AWS, GCP, or Azure) using Infrastructure as Code (Terraform preferred) • Implement and maintain containerised environments using Docker and Kubernetes • Set up and manage monitoring, alerting, and logging systems (e.g., Prometheus, Grafana, ELK, Datadog) • Improve system reliability, scalability, and performance , ensuring high availability and SLA compliance • Automate operational processes and reduce manual intervention (toil reduction) • Manage database infrastructure , including backups, replication, scaling, and disaster recovery • Enforce security best practices (IAM, secrets management, network policies, vulnerability scanning) • Collaborate with engineering teams to improve developer experience (local setups, CI/CD speed, debugging tools) • Participate in on-call rotations , incident response, and postmortem analysis

• Work cross-functionally with teams, promoting a DevSecOps culture throughout the entire development lifecycle; • Implement and monitor security controls for applications, APIs, infrastructure, and cloud environments; • Support the evolution of security practices without compromising the teams' agility. • Enhance pipelines and processes with a focus on automation, quality, and security; • Support the implementation of secure CI/CD and versioning best practices; • Contribute to the continuous improvement of the platform's infrastructure and architecture. • Manage identity and access (IAM), including authentication and authorization; • Work with tools such as Keycloak and integrations between systems; • Ensure security best practices for APIs and integrations. • Support incident troubleshooting and root cause analysis; • Propose and implement preventive improvements; • Document standards, processes, and best practices for the teams; • Assist squads in adopting more secure and efficient practices.