We are looking for a Security Engineer to own and scale our vulnerability management program across infrastructure and our Software Development Lifecycle (SDLC) pipeline. You will work at the intersection of detection, automation, and developer enablement, partnering with infrastructure and engineering teams to reduce exposure, accelerate remediation, and integrate security into the SDLC. The security engineer also provides support to the incident response, forensic, application, and networking teams and works with IT infrastructure, application development, security operations, security audit, and end-user sources of information to ensure collection, correlation, and reporting, as well as facilitation of corporate-wide security events.
The role ensures that our Vulnerability Management solution aids in the output of metrics to senior management to help maintain a safe and secure enterprise technical operation. Daily, the engineer ensures the scan agents'/sources' alerts are healthy, false positives are tuned out, and true alerts are surfaced to the right parties. To be successful, a solid understanding of and practical hands-on experience with security principles, host configurations, and networking are required.
Must be detail oriented, able to manage multiple tasks, and work independently as well as in a team setting. Excellent communication skills, collaboration skills and ability to adapt to shifting priorities are critical.
This role provides a hybrid way of working with an onsite presence of 2 days/week.
Key Job Responsibilities and Duties

• Own end-to-end infrastructure vulnerability management, including scanner deployment, agent lifecycle management, scan policy tuning, and SLA-driven remediation workflows.
• Deploy and maintain scanning agents at scale using IaC/CM tooling such as Puppet, Ansible or Chef across heterogeneous environments.
• Integrate vulnerability scanning into CI/CD pipelines and conduct supply chain security assessments, tracking open-source dependencies and third-party components for known CVEs and emerging threats.
• Monitor and triage threat intelligence feeds (NVD, CISA KEV, vendor advisories, OSINT sources) to assess new vulnerability disclosures and translate them into prioritized remediation actions.
• Build and maintain SOAR playbooks to automate alert triage, ticket creation, enrichment, and escalation, reducing manual toil across the vulnerability management lifecycle.
• Define and enforce vulnerability severity thresholds and SLA policies in collaboration with other teams.
• Drive actionable metrics, prioritization and reporting for operations and leadership transparency
• Participate in security reviews of new infrastructure and application designs to identify vulnerability exposure early in the development lifecycle.
• Previous experience with SIEM dashboards and other reporting tools for incident response is nice to have
• Be readily available for incident response, forensics, troubleshooting, and security issues requiring event details.
• Maintain an up-to-date level of knowledge related to security threats, vulnerabilities, and mitigations set forth to reduce attack surface.
• Connect events to contextual security reports that security management and technical teams can easily comprehend.
• You will form repeatable processes for prioritizing and responding to alerts and developing playbooks.
• Develop enrichment pipelines and automation to enhance the fidelity of threat detections.
• Strong communication skills are required as well as the ability to work both independently and with a team.
• Assist with the creation and/or maintenance of operational security metrics with dashboards and reports

Benefits:

• Health insurance
• Prepaid medical subscription (Regina Maria)
• Life insurance
• Meal vouchers
• Learning wallet
• Travel benefit
• Annual vacation leave of 25 business days, pro rata with the working period
• Birthday day off
• Summer break (short Fridays during summer)
• Work from Abroad program (up to 20 days/year in EU)
• Floating days off
• 2 Volunteer days/ year
• Home office one-time bonus
• Bookster
• Linkedin learning platform
• Employee discounts (travel, gym, dental, vision)