Partner Company logo
Partner Company

Security Engineer

🕐 30 dias atrás📍 Germany🌍 Remoto
Candidaturas encerradasVer outras vagas

Accountabilities:

  • Conduct security reviews and threat modeling across product features and system designs, translating findings into clear, actionable recommendations for engineering teams.
  • Take ownership of end-to-end security initiatives, from initial design and planning through implementation and rollout.
  • Build and maintain internal security tooling and automation to streamline reviews, detection, and remediation workflows.
  • Coordinate penetration testing activities and ensure timely tracking and resolution of identified vulnerabilities.
  • Support compliance programs such as SOC2 and PCI, including evidence gathering, audit preparation, and remediation tracking.
  • Contribute to the broader Application Security roadmap, including initiatives in cloud security, supply chain security, AI-related risks, and ASPM.
  • Engage in proactive security research and incident investigation to continuously improve system resilience.
  • Partner closely with Cloud, Infrastructure, and Engineering teams to embed security into daily development practices.

Requirements:

  • Proven experience in product or application security, including conducting threat modeling and security reviews in production environments.
  • Strong ability to read and write code, with a hands-on mindset for building security tools and automation rather than only reviewing findings.
  • Solid understanding of risk evaluation, with the ability to balance real-world threats against theoretical vulnerabilities and communicate trade-offs clearly.
  • Experience delivering security projects independently while aligning with broader technical direction and collaborating with senior engineers when needed.
  • Strong communication skills, particularly in translating security concepts to non-security engineering teams.
  • Familiarity with cloud, distributed systems, or modern software architectures is highly beneficial.

Nice to have:

  • Exposure to or interest in compliance frameworks such as SOC2 or PCI DSS.
  • Experience in fintech, payments, or other regulated, high-security domains.
  • Interest in advanced security areas such as supply chain security, detection engineering, or AI-related security challenges.

Benefits:

  • Fully remote-first work environment with global flexibility.
  • Competitive share options as part of long-term alignment.
  • Minimum 25 days of paid vacation, with uncapped holiday allowance.
  • Access to co-working spaces worldwide.
  • Workations and annual company retreats to support team connection.
  • Top-tier equipment and home office support (including setup budget).
  • Generous learning and development budget for courses, certifications, and training.
  • Private medical insurance and additional location-based benefits.
  • Flexible, distributed culture designed to support deep technical work and autonomy.

🇧🇷 Essa vaga exige inglês. Você está pronto?

A DevSpeak Academy prepara desenvolvedores brasileiros para conquistar vagas internacionais. Domine o inglês técnico com professores que entendem o mundo dev.

Conheça a DevSpeak Academy
Candidaturas encerradasVer outras vagas