Security Engineer

Join the AutoScout24 security team and be part of our Information Security team that is a highly skilled group supporting all our teams to build and run secure digital products. We have understood that cyber security is an essential part of our business and including it in all our initiatives is natural. We are looking for Security Engineer that who really cares for you!

• Own end-to-end risk management. Youll identify areas of risk assess our environment and validate whether the risk is present build detective and preventive controls to quickly identify indicators track risks in our risk registry and partner with teams to mitigate issues
• Design and build security products and ensure they align with our infrastructure strategy and integrate smoothly into the software development lifecycle.
• Define and improve our security best practices and lead initiatives to increase their company-wide adoption.
• Promote adoption of the security products our team provides and support other teams in understanding our best practices and applying them to their use cases and needs.
• Be responsible for multiple technical areas or processes within the team. Lead technical discussions and improvements around them.
• Participate in the on-call rotation and cop of the day duties: triage and respond to security alerts support user requests monitor our tools for errors and coordinate with engineering teams as needed.
• Implement security compliance controls owned by our team for SOC 2 and PCI and support the GRC team in the broader compliance effort.
• Investigate and remediate security incidents and occasionally serve as the incident commander.

• A genuine interest in security.
• More than two years of working experience as a Security Engineer.
• Hands‑on experience with AWS and a solid understanding of secure architecture and secure development principles in cloud environments.
• Strong knowledge of common attack vectors and defence strategies (for example OWASP Top 10).
• Experience designing and building security products ideally leveraging open‑source solutions.
• Experience partnering with software engineers and providing security guidance throughout the software development lifecycle.
• Deep understanding of SAST and other code security detective and preventive controls and their integration in development process and pipelines of engineers.
• Proficiency with at least one programming language (preferably Python but it’s not a must).
• Experience with our stack of technologies: (AWS CDK ECS Docker) SaaS solutions (e.g. GitHub SonarQube Okta) Python based backend tools and authentication protocols (OAuth and OpenID).
• Enjoy working with Unix environments and command‑line tools.
• Experience using AI and GenAI to improve engineering productivity automate repetitive tasks and streamline workflows.
• A proactive approach to exploring and adopting AI tools that help teams move faster.
• Understanding of emerging AI‑related threats and practical approaches to reducing those risks.

• Enjoy solving large‑scale complex challenges.
• Take ownership of the solutions you design and build seeing them through from idea to production.
• Pragmatically balance short‑and long‑term priorities and make decisions based on data.
• Are comfortable with ambiguity and enjoy tackling open‑ended problems.
• You have a customer first mindset and care about improving developer experience by applying effective well‑designed security controls.
• You make every system you work inherently better.
• A pragmatic view of GenAI: you understand its limitations and risks and know how to put guardrails in place (reviews tests policies) to keep usage safe compliant and sustainable at scale.

With over 50 nationalities represented we’re proud to welcome people of all backgrounds to our growing community and were always finding new ways to help people feel welcomed and included. Here you’ll have the tools training and support you need to work in a way that suits you learn new skills and reach your potential.

Required Experience:

IC

Key Skills

Splunk, IDS, Network security, Computer Networking, Identity & Access Management, PKI, PCI, NIST Standards, Security System Experience, Information Security, Encryption, Siem

Employment Type : Full Time

Experience: years

Vacancy: 1