Senior Security Engineer

We are seeking a Senior Security Engineer to help monitor, investigate, and respond to security activity across cloud, identity, endpoint, and Linux-based environments. This role requires hands-on technical ability, strong scripting skills, and practical experience working with AWS, with GCP experience preferred.

• Monitor and investigate security alerts across cloud, identity, endpoint, and network environments.
• Review logs and activity from AWS, GCP, Active Directory, Linux systems, Windows systems, and security tools.
• Support incident response by gathering evidence, validating suspicious activity, and documenting findings.
• Write scripts to automate repetitive security tasks, log analysis, reporting, or enrichment.
• Assist with security reviews, including IAM, storage exposure, compute workloads, and network configurations.
• Investigate authentication activity, user behavior, privilege changes, and potential account compromise.
• Work with internal teams to understand systems, identify risks, and support remediation, compliance and audit activities.
• Be available for after-hours incident response when urgent security events require investigation or support.

• Experience with cloud security concepts, services, logs, and IAM.
• Strong scripting ability, preferably with Python, Bash, or PowerShell.
• Experience with SIEM platforms such as Splunk, Chronicle, Sentinel, or similar tools.
• Working knowledge of Linux and Windows systems, command line usage, permissions, processes, and logs.
• Basic to intermediate understanding of Active Directory, including users, groups, authentication, and privilege changes.
• Ability to read and interpret logs from cloud platforms, operating systems, and security tools.
• Understanding of common security concepts such as phishing, credential compromise, privilege escalation, lateral movement, and exposed services.
• Strong analytical, documentation, and communication skills.

Preferred Skills

• Experience with Google Cloud Platform security, including IAM, Cloud Logging, Compute Engine, Cloud Storage, VPCs, and service accounts.
• Exposure to Kubernetes, containers, or cloud-native workloads.
• Experience creating automation for security monitoring or response.

Minimum Qualifications

• 3-5 years of experience in security operations, incident response, systems administration, cloud operations, or a similar technical role.
• Hands-on experience using scripts to solve operational or security problems.
• Comfortable working in both cloud and Linux command-line environments.

What we offer:

• Friendly and welcoming environment focused on people, learning & development
• 25 vacation days and extra vacation days after age and after children
• Cafeteria benefit via SZEP card
• Medicover private health insurance for employees and their family members
• 10% of your time to work on anything you like, reading groups, tech talks
• Flexible working and working from home
• An extensive people development program, including access to Udemy

Please note:

• Candidates must be available for after-hours incident response when urgent security events require investigation or support.
• The interview process will include a hands-on practical exercise conducted through screen sharing, where candidates will be asked to demonstrate relevant technical skills.