Cardlay - Banking and Finance industry.


  • Malmo, Sweden (Security Officer and Security Engineer)
  • Skopje, Macedonia (DevOps Engineers, IT Operations and Support Engineers, Security Engineers, PM)
  • Belgrade, Serbia (DevOps Engineers)
  • Minsk, Belarus (DevOps Engineers)


The main challenge was to accomplish PCI-DSS compliance within the cloud environment, which was a relatively new concept for the finance/banking payment processing industry during the time when the project started.

Although the cloud providers have been validated as PCI-DSS compliant, this validation does not apply to the provider’s customers who deploy servers within the provider’s infrastructure. The main responsibility for Security services consisted of PCI-DSS Compliance for the Finance industry, including regular vulnerability and penetration tests for compliance with PCI DSS.

Let’s connect

We’d love to help you start exceeding your business goals.


The Client is located in Copenhagen and Odense, Denmark.


With the business model provided, the client was offered to completely outsource the work related to the application platform, by forming a new team with Seavus employees for Development, Operations, and support in the cloud and on-premise environment.


The client’s strategy was to improve businesses by digitalizing commercial banking transactions while continuing to challenge the endless possibilities of business process automation and bringing transactions to life through machine learning and intelligent solutions.


Providing professional Operations and Maintenance services covering strict Security Solutions based on experience and best practice:

  • Cloud System / Network architecture Administration
  • 24x7 Monitoring and Operation of IT system landscapes
  • Customized Monitoring and customized automation Scripting
  • Quarterly Vulnerability and Penetration Scans
  • Audit and PCI DSS controls
  • GDPR compliance
  • Change request and task ticketing
  • Support Security Project change requests
  • Improved service and user satisfaction with a single point of contact and knowledge base
  • Minimized downtime with Automated Red Alerting for critical systems and processes


  • Setup monitoring (Server, OS, Database, and application)
  • Monitor the system for availability or performance issues
  • Resolve reported Incidents and Problems related to the Server and OS
  • Handle all types of Incidents and hereby coordinate Incident resolution with all involved parties, such as Client’s clients and Third Parties (including without limitation other operators) related to System and OS
  • Fulfill requests related to configuration changes
  • Provide necessary information for the system on an ad-hoc basis
  • Perform deployment of new software versions
  • Monitor of backup processes
  • Creation of new servers and DBs
  • Manage network configurations and firewall setting
  • Managing access to servers and environment
  • Execution of daily, weekly and monthly tasks
  • Execution of quarterly, semi-annually, yearly and ad-hoc PCI DSS standard requirements
  • Keeping documentation up to date with all relevant information included
  • Security value with PCI DSS audit solutions
  • Best Practice Security Documentation


Amazon Web Services (AWS), VMWare virtualization software, Windows server, MSSQL, Postgres, ElasticSearch, Atlassian JIRA, Confluence.