Security Engineer

Position: Security Engineer – Vulnerability ManagementSalary: up to 17 000 PLN gross/month, COE (UoP)Working mode: Hybrid / RemoteOur client is a global technology company providing a cloud-based platform that helps organizations manage large volumes of data and complex workflows. Their product is widely used by enterprise clients across various industries. The company operates in a modern cloud environment and places strong emphasis on security, scalability, and reliability. Security teams work closely with engineering to proactively identify and mitigate risks. The organization promotes a collaborative culture and continuous improvement.Role summaryAs a Security Engineer focused on Vulnerability Management, you will be responsible for identifying, assessing, and driving remediation of vulnerabilities across the organization’s systems and applications.Responsibilities:Support the Vulnerability Management program by contributing to scalable processes and enabling the adoption of security services.Assist in developing and maintaining automation and reusable tooling to improve efficiency across the program.Maintain and optimize vulnerability scanning tools by performing updates, resolving issues, monitoring performance, and coordinating with vendors to ensure reliable and accurate risk data.Implement and direct Vulnerability Management processes. Oversee the entire vulnerability management lifecycle: Discovery, Prioritization, Assessment, Reporting, Remediation, and Verification.Assist in improving configuration management practices by identifying misconfigurations, contributing to standards, and supporting efforts that enhance efficiency, effectiveness, and compliance.Actively swarm on high‑urgency vulnerability response events by rapidly triaging findings, determining impact radius, coordinating with responsible teams, and driving swift remediation to reduce risk as quickly as possible.Contribute to team objectives aimed at reducing overall risk and identifying new areas of exposure.Collaborate with internal teams to validate and remediate findings from vulnerability scans, third-party assessments, and the Bug Bounty Program.Improve configuration management practices to enhance efficiency, effectiveness, and compliance.Perform threat modeling to assess the severity of a vulnerability.Participate in sessions and events to enhance the skills and expertise of the team, fostering a culture of continuous learning and improvement.Enhance risk visibility by reporting on relevant metrics.Minimum qualifications: Familiarity with common software vulnerabilities (ex: OWASP Top 10) and their remediations.Bachelor’s degree in Computer Science, Cybersecurity, or related field OR equivalent experience.Experience with cloud platforms (e.g., Azure, AWS) and containerization technologies.Excellent verbal and written communication skills, with the ability to articulate complex security concepts to both technical and non-technical stakeholders.Strong analytical and problem-solving skills, with a proactive approach to identifying and addressing security challenges.Preferred qualifications:1 year of experience on a security team.Knowledge of professional software engineering practices & software development life cycle (SDLC), including coding standards, code reviews, source control management, build processes, testing, and operations.Experience with modern vulnerability scanning tools.Experience deploying Infrastructure as Code using Pulumi.Proficiency in at least 1 modern Object-Oriented Programming (OOP) language, preferably .NET.Experience working in a SaaS environment operating on a global scale.Experience in the legal space.Experience working with container vulnerability scanning tools.Experience working with Azure.Experience working with FedRAMP.Benefit Highlights:Comprehensive health, dental, and vision plansParental leave for primary and secondary caregiversFlexible work arrangementsTwo, week-long company breaks per yearAdditional time offLong-term incentive programTraining investment program