Security Engineer

We are the platform turning browsing into shopping. We connect 200 million shoppers with deals they love while boosting local sales for hundreds of top retailers and brands.

We help consumers save time and money while making smart shopping decisions, and we support retailers and brands in engaging customers from online research to in-store purchases.

Ready to spark your growth with us? 🚀

WHO WE LOOK FOR 🦄

We are seeking a highly skilled and motivated Security Engineer to be the foundational member of our new cybersecurity team. This role is a unique opportunity for a versatile and "big head thinker" to work directly with the DIrector Information Security in shaping and executing the cybersecurity strategy for a dynamic, fast-paced, and global environment. This position will be critical in building a mature and resilient security posture across the entire Flipp and Shopfully group, touching upon all aspects of our security program, from technical implementation to governance and application security.

The ideal candidate has a strong technical background with a broad understanding of the security landscape, including hands-on experience in both GRC and application security. As the a key team member, you will be instrumental in a wide range of activities and will serve as a key technical partner to the Director Information Security, with the potential to specialize in a GRC or Application Security role as the team grows.

 

WHAT YOU WILL DO 🏄

Technical Implementation & Operations:

• Work closely with the CISO to implement and operate core security tools and technologies (e.g., WAF, DDoS protection, security scanners, SIEM).
• Serve as the first point of contact (Tier 1) for user-reported security issues and incidents.
• Collaborate with engineering teams to troubleshoot and fix vulnerabilities discovered during penetration testing and security assessments.
• Actively participate in the design and implementation of a Zero Trust security model and mandatory 2FA deployment.

Governance, Risk & Compliance (GRC):

• Assist in the creation and implementation of a unified Information Security Policy and other security-related policies.
• Conduct security assessments and due diligence on third-party vendors, helping to create a robust vendor risk management program.
• Work with the legal team on activities related to GDPR and DPO (Data Protection Officer) requirements.

Application & Cloud Security:

• Engage with engineering and product teams to integrate security into the development lifecycle (SSDLC).
• Provide support to developers on secure coding practices and help address application-level vulnerabilities.
• Contribute to the ongoing security assessment of our AWS cloud environment, including configurations, access, and security state.

Strategic & General Security Tasks:

• Support the overall cybersecurity strategy and roadmap, ensuring alignment with business objectives.
• Perform risk assessments and assist in prioritizing security initiatives based on a risk-based approach.
• Act as a key partner to the CISO in day-to-day security operations and special projects.

 

WHAT YOU WILL NEED 🪄

Experience:

• 7-10 years of hands-on experience in cybersecurity, with a strong background in startup or fast-paced, high-growth environments.
• Proven experience in IT security, including managing and securing AWS cloud environments.
• Demonstrable background in managing security processes, with some exposure to both GRC and Application Security principles.

Skills:

• Excellent interpersonal and communication skills, with the ability to effectively collaborate with a wide range of stakeholders from technical teams to legal and executive management.
• Strong problem-solving and critical thinking abilities, with a capacity to think strategically ("big head thinker") and act tactically.
• High level of responsibility and a proactive approach to security challenges.
• Fluency in English.
• Knowledge of Italian and/or German is an advantage.

Education & Certifications (Advantageous):

• A bachelor's degree in Software Engineering, Computer Science, or equivalent practical experience.
• Relevant security certifications such as CISSP, CISM, CCNA, or equivalent professional qualifications.

👉 At our company, we value diversity and actively encourage it — we believe a variety of perspectives and backgrounds makes us stronger. We focus on potential rather than on having a “perfect” CV. If this role excites you and you believe you could grow into it — even if you don’t tick every single box in the requirements — we’d love to hear from you!

 

WHAT YOU'LL FIND AT SHOPFULLY 

🌎 An opportunity to thrive in a rapidly scaling multinational company

🕶️ A vibrant, informal, and inclusive work environment

🧠 We champion autonomy, flexibility, and a hybrid work model, empowering you to own your work

📚 Access to learning opportunities and regular feedback sessions

🍓 Enjoy our central, modern offices featuring fresh snacks, coffee (including vegan options!), and ergonomic setups

🎉 Engage in meaningful team events: offsites, happy hours, company parties and celebrations that unite us beyond daily tasks

💻We provide all the necessary equipment for you to work effectively and set up your workspace, wherever you are

🧰 Benefit from additional country-specific advantages based on local contracts and practices

 

🌎 LOCATION: Looking for an exciting international career opportunity while staying in Italy? This is your chance!

ShopFully is part of the same group as Flipp, a leading Canadian company, and we’re looking for talented professionals to join us. You’ll be hired in Italy while working directly within Flipp’s organization, in a fast-paced, innovative environment. 

Since you’ll be collaborating with colleagues across different time zones, a bit of schedule flexibility will help you stay connected with our amazing teams in Canada!

If you’re excited about joining a dynamic, international team, working on cutting-edge projects, and expanding your career globally—without leaving Italy—we’d love to hear from you! 🚀

 

WHO WE ARE 💜 

We’re a team of 450 people (and counting!), from 30 different nationalities. We’re on a mission to innovate, and we believe the key to that is seeing the world through a variety of perspectives. That’s why building a more diverse team, as well as bringing in even more talent, is so important for us.

If you choose to apply for this specific job position and submit your application, which may include personal data such as your identifying details, contact information, curriculum vitae, cover letter, professional qualifications, and/or employment history, please be informed that your data may be shared with our Affiliates*, including Offerista Group GmbH and Flipp Operations Inc. The aforementioned entities will act as joint controllers for the limited purpose of intra-group sharing related to the evaluation of candidates’ applications. This means that your data may be processed by the Affiliate to assess your application and, if deemed suitable, to contact you regarding potential employment opportunities. However, please note that from the moment an Affiliate initiates direct contact with you and engages in any further processing of your personal data beyond the initial intra-group sharing for evaluation purposes, such Affiliate shall act as an independent data controller. In such cases, the processing of your personal data will be subject to the specific privacy policies that can be found here.

* Affiliates shall mean any entity that directly or indirectly controls, is controlled by or is under common control with ShopFully SpA and its Affiliates’ subsidiaries, meaning any entity which is directly or indirectly controlled by the Affiliates.