Security Engineer

Join the AutoScout24 security team and be part of our Information Security team that is a highly skilled group supporting all our teams to build and run secure digital products. We have understood that cyber security is an essential part of our business and including it in all our initiatives is natural. We are looking for Security Engineer that really care – for you!

What You'll Do:

• Own end-to-end risk management. You’ll identify areas of risk, assess our environment and validatewhether the risk is present, build detective and preventive controls to quickly identify indicators, track risks in our risk registry, and partner with teams to mitigate issues
• Design and build security products and ensure they align with our infrastructure strategy and integrate smoothly into the software development lifecycle.
• Define and improve our security best practices and lead initiatives to increase their company-wide adoption.
• Promote adoption of the security products our team provides and support other teams in understanding our best practices and applying them to their use cases and needs.
• Be responsible for multiple technical areas or processes within the team. Lead technical discussions and improvements around them.
• Participate in the on-call rotation and “cop of the day” duties: triage and respond to security alerts, support user requests, monitor our tools for errors, and coordinate with engineering teams as needed.
• Implement security compliance controls owned by our team for SOC 2 and PCI, and support the GRC team in the broader compliance effort.
• Investigate and remediate security incidents, and occasionally serve as the incident commander. 

What We're Looking For:

• A genuine interest and passion in security.
• More than two years of working experience as a Security Engineer.
• Hands-on experience with AWS and a solid understanding of secure architecture and secure development principles in cloud environments.
• Strong knowledge of common attack vectors and defence strategies (for example, OWASP Top 10).
• Experience designing and building security products, ideally leveraging open-source solutions.
• Experience partnering with software engineers and providing security guidance throughout the software development lifecycle.
• Deep understanding of SAST and other code security detective and preventive controls and their integration in development process and pipelines of engineers.
• Proficiency with at least one programming language (preferably Python but it's not a must)
• Experience with our stack of technologies: (AWS, CDK, ECS, Docker), SaaS solutions (e.g. GitHub, SonarQube, Okta), Python based backend tools and authentication protocols (OAuth and OpenID).
• Enjoy working with Unix environments and command-line tools. 
• Experience using AI and GenAI to improve engineering productivity, automate repetitive tasks, and streamline workflows. 
• A proactive approach to exploring and adopting AI tools that help teams move faster. 
• Understanding of emerging AI-related threats and practical approaches to reducing those risks. 

You will succeed in this role if you: 

• Enjoy solving large-scale, complex challenges.
• Take ownership of the solutions you design and build, seeing them through from idea to production.
• Pragmatically balance short- and long-term priorities and make decisions based on data.
• Are comfortable with ambiguity and enjoy tackling open-ended problems.
• You have a customer first mindset and care about improving developer experience by applying effective, well-designed security controls.
• You make every system you work inclemently better. 
• A pragmatic view of GenAI: you understand its limitations and risks and know how to put guardrails in place (reviews, tests, policies) to keep usage safe, compliant and sustainable at scale. 

A culture of growth  

With over 50 nationalities represented, we’re proud to welcome people of all backgrounds to our growing community, and we’re always finding new ways to help people feel welcomed and included. Here, you’ll have the tools, training and support you need to work in a way that suits you, learn new skills and reach your potential.  

For a career where you can drive our business and shape your future, apply now.