Senior Security Engineer (100% remote-friendly within Poland)

📋 Description

• • We are seeking a highly experienced and dedicated Senior Security Engineer to join our dynamic team, playing a pivotal role in safeguarding our digital assets and ensuring the integrity of our operations. This is a 100% remote-friendly position within Poland, offering the flexibility to work from anywhere in the country while contributing to a globally recognized organization.
• • In this critical role, you will be at the forefront of our security efforts, taking the lead on incident response initiatives. This involves meticulously investigating cybersecurity incidents, identifying root causes, and implementing effective mitigation strategies to minimize potential risks and impact.
• • You will be instrumental in enhancing our overall security program. This includes the continuous improvement and maintenance of our security processes, the optimization of existing tooling, and the development of new solutions to bolster our cybersecurity posture against an ever-evolving threat landscape.
• • As a Senior Engineer, you will be responsible for the strategic design and implementation of advanced threat detection and mitigation strategies. This will span across our diverse technology environments, encompassing both cloud-native infrastructure and traditional on-premises systems.
• • A key aspect of your role will be your ability to communicate complex technical risks and incident details clearly and concisely to a wide range of stakeholders. This includes technical teams, executive leadership, and business decision-makers, ensuring transparency, fostering trust, and enabling informed decision-making.
• • You will ensure our security practices align with and comply with relevant industry standards and regulations, such as NIST, ISO 27001, and SOC 2 Type 2, contributing to our reputation as a secure and trustworthy organization.
• • This is a global position that requires a degree of flexibility. Occasional out-of-hours and weekend work may be necessary to address critical security events and ensure continuous protection.
• • You will help define the security operations roadmap by designing and implementing long-term strategies that anticipate future threats and technological advancements.
• • A significant part of your contribution will involve improving and maintaining the processes, tooling, documentation, and training programs that underpin our cybersecurity incident response capabilities, ensuring our team is well-equipped and our procedures are robust.
• • You will be responsible for designing, implementing, and maintaining our security events monitoring systems, ensuring comprehensive visibility across our infrastructure.
• • Daily alert investigation and incident response will be a core responsibility, requiring swift and accurate analysis of security events in both cloud-native and traditional environments.
• • You will identify, scope, and manage ongoing security incidents for our customers, developing detailed remediation plans to enhance their security maturity and reduce future risks.
• • A crucial task involves normalizing, analyzing, and identifying security events from application logs, extracting valuable insights to detect and respond to threats.
• • You will actively assist our development and operations teams in enhancing our log monitoring capabilities, promoting a culture of security awareness and best practices.
• • You will implement threat intelligence feeds and automation to proactively identify and respond to emerging threats, staying ahead of malicious actors.
• • Your expertise will be vital in the deployment and management of our Security Operations Center (SOC) tech stack, including SIEM platforms, threat detection tools, and log analysis solutions.
• • You will contribute to application security initiatives, including the management and configuration of Web Application Firewall (WAF) platforms.
• • Experience with Infrastructure as Code (IaC) tools like Terraform will be leveraged to automate and manage our security infrastructure efficiently.
• • Familiarity with container orchestration platforms like Kubernetes will be essential for securing our modern application deployments.
• • You will leverage your understanding of secure software development practices and common vulnerabilities, such as the OWASP Top 10, to advise and guide development teams.
• • Your ability to articulate complex technical issues to diverse audiences in a clear, authoritative, and actionable manner will be a cornerstone of your success in this role.