Senior Platform Engineer (Security & Compliance)

We want to create a different kind of banking and shopping experience. Northmill was founded in 2006 and the main office is in Stockholm and Poland Engineering Center site is located in Katowice. Grab this opportunity to be a part of us and our journey!

The scope of your role:

• As a Senior Platform Engineer, you will take part in the process of designing, developing, and improving security-related platform capabilities used across modern financial systems.

• You will help strengthen the security posture of our AWS-based environments by working on cloud security controls, threat detection, vulnerability management, incident response, and operational security processes.

• You will have an impact on our platform and engineering standards by partnering with development teams, the Security team, and external partners such as penetration testers and auditors.

• You will support product and engineering teams in designing secure solutions and improving the security of applications and platform components used in highly controlled and regulated environments, including web application security practices and secure design reviews.

• You will take part in internal security reviews and technical auditing activities, helping identify risks, improve security posture, and ensure that security-related requirements are properly implemented in practice.

• You will act as one of the main technical owners on the Platform side for selected security, compliance, and audit-related activities, including helping engineering teams understand and implement requirements related to our environment and industry standards such as PCI DSS.

• You will drive vulnerability remediation efforts by helping engineering teams identify, prioritize, and address security findings practically and effectively.

• You will work with AWS security services and tools such as AWS Web Application Firewall (WAF), Amazon GuardDuty, AWS Network Firewall, AWS CloudTrail, AWS Key Management Service (KMS), and AWS Shield, as well as Wiz, Microsoft Sentinel, incident.io, Jira, Confluence, and Git.

• You will work using modern AI dev tools.

Required qualifications:

• 5+ years of commercial experience in platform engineering, cloud security, security engineering, DevSecOps, or similar roles.

• Strong hands-on experience with AWS security services and security controls in cloud environments.

• Practical experience with tools and processes related to vulnerability management, security alerting, and cloud security monitoring.

• Experience with security incident response and operational handling of security-related issues.

• Experience with web application security and secure design practices.

• Experience working with product or engineering teams to improve the security of applications and platform solutions.

• Experience supporting technical audits, compliance activities, or security control reviews in production environments.

• Experience working with technical security controls in regulated or highly controlled production environments.

• Strong understanding of cloud security practices, auditability, and operational security requirements.

• Willingness and interest to collaborate and work in a team.

• Poland as country of residence and Polish citizenship or EU country citizenship

Preferred qualifications:

• Experience working with production systems that require strong security, auditability, and operational controls.

• Experience in working in regulated environments or in the financial sector.

• Experience with PCI DSS or similar regulatory or industry security frameworks.

• Experience collaborating with penetration testers and supporting remediation activities.

• Experience with cloud security, vulnerability management, CNAPP, SIEM, or incident management tooling.

• Experience with AWS services such as AWS Web Application Firewall (WAF), Amazon GuardDuty, AWS Network Firewall, AWS CloudTrail, AWS Key Management Service (KMS), and AWS Shield.

• Experience with Wiz, Microsoft Sentinel, or similar security platforms.

• Exposure to Infrastructure as Code and platform engineering practices.

• Exposure to Agile development methodologies.

About you?

You are a creative and curious person. We are always looking for new knowledge and have a curiosity out of this world, we think that you have the same mindset and you are excited to read about the latest tech trends.

We hope you are not afraid to inform about problems and have your thoughts on various solutions.

You are a team player and used to work in an Agile environment.

Since we are a multicultural team English is the required language.

We offer:

• Work on projects (including greenfield ones) within a team of top experts — the best in Europe 💪

• Real impact on company products and culture, with small project teams (max. 9 members)

• A non-corporate atmosphere with a strong focus on innovation, continuous improvement, teamwork, and a data-driven approach

• Flexible working hours in a hybrid model — office in Katowice city center or remote work if you live outside Silesia region

• Support for your professional growth, including access to training, workshops, and industry conferences

• Benefits package: private medical care, life insurance, Multisport (including a partially funded family card), library, concierge service

• Internal conferences, trainings, and events: Northcon (annual company conference in great locations like Spain, Austria, Sweden, Croatia), Northchill, Study Group, Summer Party

About Northmill

A Swedish bank with the heart in the technique. 2.500 merchants. 600.000 end users.
260 employees in four different countries, including Engineering Center hiring c.a. 80 experienced engineers. The goal? To improve financial life by being digital, yet personal.