Lead Security Engineer driving security initiatives that embed secure - by - design principles at Pipedrive. Over 100,000 companies trust our cloud - based software for sales and marketing.
About the role
- Technical Security Expert at Spendesk enhancing security for one of Europe's fastest-growing fintechs. Collaborating with teams to embed security in every project while staying ahead of threats.
Responsibilities
- Champion security-by-design: Advise and collaborate with development and infrastructure teams to embed security best practices from the start of every project.
- Lead technical security reviews: Conduct in-depth code reviews (TypeScript, Node.js, Python) to uncover and remediate vulnerabilities.
- Analyze third-party libraries and dependencies, including reverse engineering when needed.
- Review Infrastructure-as-Code (Terraform) and multi-tenant AWS setups.
- Drive security audits & testing: Plan and execute penetration tests and intrusion campaigns on systems, applications, and internal tools (CI/CD, authentication, etc.).
- Propose actionable remediation strategies to strengthen our defenses.
- Own security monitoring: Oversee and maintain our SIEM (ElasticSearch, multi-node Linux).
- Develop automation tools and scripts for proactive threat detection and incident response.
- Shape security culture: Help update policies and procedures, and raise awareness across teams through coaching, workshops, and communication.
- Stay ahead of threats: Monitor emerging vulnerabilities and attack techniques, and recommend adaptive defense strategies.
Requirements
- Extensive technical experience in information security (typically 8+ years), with hands-on expertise in at least two of the following: code auditing (TypeScript/Node.js/Python), infrastructure security (AWS/Linux/Terraform), penetration testing, or SIEM management.
- Deep understanding of secure development practices and modern web architectures (microservices, cloud/PaaS/SaaS).
- Strong scripting ability (Python, Bash, etc.).
- Experience with ElasticSearch in production environments.
- Excellent communication and collaboration skills; ability to explain complex security concepts to diverse audiences.
- Fluent English.
- Nice-to-haves:
- Experience with reverse engineering and analysis of minified/obfuscated code.
- Knowledge of security standards (ISO 27001, OWASP, etc.).
- Experience with GCP, Datadog, or Snowflake.
- French language skills.
Benefits
- Flexible on-site and remote policy
- Lunch 60% funded by Spendesk (Swile Card)
- Alan Premium health insurance
- A Gymlib pass to let off steam after a productive day at work
- Access to Moka.care for emotional and mental health wellbeing
- Latest Apple equipment
- Great office snacks to fuel your day
- A positive team to work with daily!
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Lead Security Engineer driving security initiatives for cloud - based software company. Focused on scalable tooling for automated detection and response while mentoring security engineers.
Lead Security Engineer responsible for developing security solutions and mentoring team members. Join Pipedrive to enhance security across cloud - native environments.
Lead Security Engineer driving security initiatives that embed secure - by - design principles at Pipedrive. Collaborating with teams to strengthen security posture across platforms and products.
Lead Security Engineer at Pipedrive focusing on secure - by - design principles. Drive security initiatives and mentor engineering teams to strengthen overall security posture.
Lead Security Engineer driving security initiatives for Pipedrive, a cloud - based software company. Focus on building scalable tooling for automated detection and response while mentoring engineers.
Cybersecurity consultant at HiQ helping businesses enhance their cyber defense and security posture. Engaging with various industries to implement security standards and strategies.
Principal Advisor providing strategic leadership in health, safety, and security at DOC. Focused on driving long - term maturity, strengthening assurance, and lifting performance across the organisation.
Cybersecurity Senior Consultant responsible for evaluating cybersecurity and resilience capabilities. Collaborating with clients to enhance security posture and compliance through assessments and advisory engagements.
Security Architect leading security strategy development and implementation for Kyndryl. Conducting performance testing and ensuring compliance with security guidelines and audits.