This role offers an exciting opportunity to work on cloud-based transaction systems, including payment card processing infrastructure, in a team that values collaboration, security, and reliability. You’ll work closely with third-party service providers, ensure compliance with PCI DSS, and help build secure abstractions over APIs that interface with our clients. The In-Car Payments Engineering team is responsible for delivering cutting‑edge, in‑car commerce solutions that allow drivers to pay for fueling, EV charging, and parking directly from their vehicles. What you will do

Maintain and expand our serverless card payment infrastructure built with TypeScript, Node.js, and AWS (Lambda, API Gateway, DynamoDB). Ensure continued PCI DSS compliance. Work with others to fix bugs, implement minimal new features, trace errors, and ensure security patches are applied in production and pre‑production environments. Support a clean and well‑documented strategy for all dependent services and infrastructure. Collaborate in daily scrum ceremonies, working closely with engineering, security, and third‑party vendors. Apply TDD/BDD methodologies, maintaining high code quality and resilience.

Who are you

Strong hands‑on experience with TypeScript and Node.js. Frontend familiarity is helpful (e.g. React). Proficiency with AWS services in a serverless context, especially CloudFront, API Gateway, Lambda, DynamoDB and CloudWatch. Commercial experience with Infrastructure‑as‑Code tools such as Terraform, SST, CDK or CloudFormation. Strong understanding of API development, RESTful design, and secure authentication. Demonstrated knowledge of API security and OWASP Top 10 vulnerabilities. Experience with Docker, Linux, Git, and container‑based environments. Hands‑on development experience with PCI DSS, payment systems, or other regulated environments is essential. Excellent communicator with a self‑starter attitude and comfort working autonomously. Demonstrable expertise and understanding of API development/design and experience interfacing with disparate systems. Applicable understanding of software security, common exploits and secure development practices, including the OWASP Top 10. Proven and demonstrable understanding of testing methodologies and frameworks. Commercial experience with AWS and IaC (Terraform/CDK/CloudFormation). Commercial experience with Linux, Docker, Docker Compose, Git and DynamoDB.

#J-18808-Ljbffr