Security Engineer

Needless to say, you must have a strong track record in security engineering and be ready to tackle a new challenge in an exciting environment.

Responsibilities:

• Design, deploy, and continuously improve security controls across our environments, including network segmentation, IAM hardening, secrets management, and key management.
• Drive Application, Development & Code Security across all engineering teams, including secure coding standards, threat modeling, and security architecture reviews.
• Embed security into the SDLC by integrating SAST, DAST, SCA, secret scanning, and IaC scanning into CI/CD pipelines and partnering with engineering teams on secure design reviews and threat modeling.
• Identify, prioritize, and help remediate vulnerabilities in applications, APIs, and thirdparty dependencies; track them to closure together with the responsible development teams.
• Conduct internal penetration tests, threat modeling sessions, and security design reviews for new and existing services.
• Engineer and tune detections within our SIEM/XDR stack (Wazuh, InsightIDR) and build SOAR playbooks that automate triage, containment, and response.
• Monitor and analyze trends, security logs, and alerts from Threat Prevention, firewalls, network appliances, Linux servers, Web Application Firewalls, DDoS and API attacks, identity management, Microsoft AntiSpam, Microsoft Identity Protection, etc. to identify and mitigate security incidents.
• Harden Linux servers, Kubernetes clusters, WAF, DDoS, and API protection layers; perform configuration reviews against CIS benchmarks and close the gaps.
• Support incident response as a hands-on responder: investigate alerts, perform forensics, contain incidents, and drive post-incident actions to prevent recurrence.
• Work with all departments (Engineering, Operations, IT, Product, Legal & Compliance) to define and implement security requirements, controls, and processes.
• Build internal security tooling and automation (Python, bash, Terraform) to scale the security function and reduce manual effort.

Qualifications:

• Solid experience in Application Security: secure SDLC, OWASP Top 10, OWASP ASVS, threat modeling (e.g., STRIDE), and API security.
• Solid experience securing cloud environments, ideally GCP.
• Hands-on experience with SAST, DAST, SCA, IaC, and container scanning tools (e.g., SonarQube, Semgrep, Snyk, Trivy, OWASP ZAP, Burp Suite).
• Strong programming and scripting skills (e.g., Python, Bash, Go, Java, JavaScript/TypeScript) and the ability to read and review code across multiple languages.
• Experience with CI/CD pipelines (GitLab CI, GitHub Actions, Jenkins) and embedding security checks into them.
• Experience operating and tuning Wazuh (or comparable SIEM/XDR solutions), including log sources, decoders, rules, and dashboards.
• Solid understanding of cloud security (AWS, GCP) and Microsoft 365 security controls.
• Familiarity with security frameworks (e.g., ISO 27001, NIST, CIS, OWASP) and their implementation and auditing.
• Knowledge of network security, Identity & Access Management (IAM, PAM), authentication protocols (OAuth2, OIDC, SAML), and cryptography basics.
• Experience with vulnerability management, penetration testing concepts, and structured remediation workflows.
• Familiarity with container and orchestration security (Docker, Kubernetes) and Infrastructure as Code (Terraform, Ansible) is a plus.
• Strong problem-solving skills and initiative.
• Collaborative, team-oriented approach with the ability to work effectively across multiple departments.
• Excellent communication skills, both written and verbal, able to translate complex security topics for technical and non-technical audiences.
• Highly motivated and eager to learn new skills, tools, and stay up to date with the threat landscape.
• Pragmatic mindset, balancing security, business needs, and developer experience.
• Familiar with cyber threat management, esp. using the MITRE ATT&CK framework.