Senior Security Engineer leading security initiatives to protect customer data at an AI - native legal tech company. Collaborating across functions to ensure compliance and security best practices.
About the role
- Security Engineer ensuring core security in product development at Trustly. Collaborating with teams on security practices and automating controls.
Responsibilities
- Own and continuously improve our vulnerability management program, ensuring full coverage and accurate exposure visibility across all assets
- Build and maintain automation around security tooling to ensure data quality, consistency, and actionable insights
- Perform security assessments across the SDLC: design reviews, threat modeling, code reviews, and dynamic testing, working closely with engineering teams
- Integrate and enforce security controls within CI/CD pipelines (SAST, DAST, secrets detection, dependency scanning), with a strong focus on developer experience
- Conduct internal offensive security activities (penetration testing, red teaming, exploitation) to validate real-world risk and identify control gaps
- Translate vulnerabilities into real business risk by validating exploitability and prioritizing remediation based on impact
- Contribute to incident response and security investigations, including root cause analysis and improvement of detection and response capabilities
- Actively participate in improving our security posture by challenging assumptions, refining detection logic, and improving how we measure exposure
- Collaborate with infrastructure and platform teams (AWS, Kubernetes, IAM) to ensure secure-by-design architectures
- Contribute to threat intelligence efforts by identifying relevant threats and mapping them to our internal stack and exposure
- Support the evolution of our security practices, tooling, and processes as we continue to scale our business and security capabilities
Requirements
- You have hands-on experience in cybersecurity engineering, application security, or infrastructure security
- Strong understanding of modern cloud environments (preferably AWS), including networking, IAM, and containerized workloads
- Experience with vulnerability management and security tooling, with a good understanding of asset exposure and data accuracy
- Familiar with integrating security controls into CI/CD pipelines (SAST, DAST, secrets detection, dependency scanning)
- Comfortable performing technical security assessments (web, APIs, infrastructure), including validation and exploitation of vulnerabilities
- Solid understanding of core security concepts and protocols (DNS, TLS, authentication, CVEs, etc.)
- Able to think in terms of risk and prioritize based on real-world impact rather than theoretical vulnerabilities
- Experience working in regulated environments such as financial services is a strong plus
- Strong collaboration and communication skills, able to work closely with developers and infrastructure teams
- Pragmatic mindset, able to balance security requirements with engineering constraints
- Curious and proactive, not afraid to challenge existing setups and improve them
- Certifications (e.g. OSCP, OSWE or similar) are a plus but not required
Benefits
- 20 to 30 days of holiday to support a healthy work-life balance
- Monthly team outing allowance to enjoy social events with your colleagues
- Parental leave top-up additional support for new parents
- Daily breakfast and on-site perks to make your workday smoother
- Well being support our health allowance covers gym memberships, massages, and much more to help you feel your best
- PLUS additional benefits designed to enhance your work-life experience!
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Working Student in Information Security at Allianz Direct supporting security monitoring and managing vulnerability assessments. Collaborating with cross - functional teams to enhance cybersecurity posture and awareness.
Enterprise Security Implementation Specialist at Vodafone supporting customers in implementing security solutions. Responsibilities include onboarding, incident management, and ensuring service quality with Fortinet and Zscaler products.
Cyber Security Specialist at Vodafone responsible for shaping and deploying security measures. Collaborating with business, IT, and Network teams as a trusted security partner.
Manager at PwC contributing to digital transformation in Utilities through technology consulting and stakeholder management. Focused on creating strategies and providing technology solutions in a data - driven world.
Research Associate conducting advanced research in iOS security within a leading institute for applied cybersecurity. Emphasis on secure application development and vulnerability analysis.
Cybersecurity Engineer focused on threat monitoring and incident response for Verizon's network security. Collaborating on security architecture and vulnerability management across multiple locations.
Senior Manager of Application Security leading initiatives to protect applications at Nordstrom through strategic leadership and AI - driven tooling. Collaborating with engineering to ensure secure software development practices.
Information Security Engineer responsible for deploying and supporting security tools across cloud and on - premise systems. Collaborating with IT to mitigate security risks in a hybrid work environment.
Casual Retail Security Officer for MSS Security ensuring safety at Tweed Mall in Tweed Heads. Responsible for patrols, incident response, and customer service.