Security Engineer

We are a dedicated security team of 9 working to ensure we strictly follow the principles of secure-by-design zero trust and the principle of least privilege. We have the luxury of building a security function in a greenfield environment which means we operate at the cutting edge with modern best practices. We are always seeking out and open to new and novel ways to improve the security posture of our company.

Security isnt just about our team though at Upvest its part of the culture. The team itself is one of the oldest within (our young) company which should show you how its always been a central tenet of how Upvest defines itself. Within the security team you will have a large view of the whole organisation and work closely with every department.

Act as a security subject matter expert for the entire company operating across multiple disciplines from application and cloud security to GRC. While your work will be broad your primary focus will be on partnering with our Product Engineering teams to embed a secure by default mindset

Work with our team and Product and Engineering to perform detailed security architecture reviews of new functionality (facilitating threat modeling is a plus)

Field security questions and requests with confidence and an aim to mentor and educate

Scale the security team by finding areas where security tasks can be automated (and improved)

Be comfortable working with the cloud (specifically Google Cloud is a plus) and how to tackle its security challenges

Ensure that across the product and cloud we have the technical measures in place to continue meeting our own standards obligations regulations and certifications (ISO27001 ISAE3402 Type 2 DORA etc)

Drive high-impact initiatives and be a present security advocate

A real passion for information security staying abreast of developments in the field and a desire for knowledge sharing and educating others

Experience working in the field of Cyber Security and a degree in a related field

A strong foundation in cybersecurity principles and an understanding of frameworks and methodologies including MITRE ATT&CK Cyber Kill Chain incident response frameworks (NIST SANS) and threat hunting techniques

Experience with being on the security side of an SSDLC; i.e. improving it socialising it and implementing it

Excellent communication skills and empathy security is a complex topic which you have to be able to explain to audiences of various levels of previous exposure or learning

Relevant cloud experience (familiarity with Google Cloud)

Passion for DevSecOps

Experience with Go

Ideally you will be based in Berlin. If youre currently located elsewhere but would like to move were happy to support your relocation

Make it easy for others. Team over Egos.

Own the outcome. Progress over Perfection.

Rise to the challenge. Growth over Comfort.

Tell the story. Clarity over Ambiguity.

At Upvest were dedicated to building an inclusive environment where every Upvenger feels a true sense of belonging and is empowered to do their best work. We are a proud equal opportunity employer. We welcome applications from all backgrounds regardless of race color religion gender sexual orientation age or disability. Your unique path is what we value.

• These benefits apply if you will be hired in Germany Estonia or the UK. If you live elsewhere within Europe some of the benefits might be slightly different.

Remote Work : No

Employment Type : Contract

Splunk,IDS,Network security,Computer Networking,Identity & Access Management,PKI,PCI,NIST Standards,Security System Experience,Information Security,Encryption,Siem

Experience : years

Vacancy : 1