
Security Engineer
Posted Jun 10

Posted Jun 10
This is a fully remote position, open to applicants in Poland.
• Conducting security assessments and threat modeling on features and systems throughout Primer's product line, transforming findings into clear and actionable recommendations for the teams involved.
• Independently organizing and executing your own security projects, from the initial design phase to implementation.
• Developing tools and automation to expedite future reviews, making them more efficient and cost-effective.
• Overseeing penetration testing and managing the remediation process until completion.
• Assisting with ongoing compliance initiatives (SOC2, PCI), which includes gathering evidence and tracking remediation within set audit timelines.
• Contributing to the AppSec roadmap efforts across various domains such as application threats, AI security, supply chain security, and ASPM.
• Engaging in proactive security tasks, conducting threat research and hands-on investigations that a single-person function typically lacks the resources for.
• Collaborating with Cloud, Infra, and GRC teams on the security components of their projects.
• Practical experience in product or application security: you have conducted security reviews or threat modeling and can identify significant risks.
• Proficiency in reading and writing code, not merely reviewing it. You are comfortable creating small tools and automations rather than just reporting findings.
• Strong judgment regarding risk. You can evaluate a real threat against a hypothetical one and articulate your reasoning effectively.
• Ability to independently plan and execute your own tasks once you grasp the direction, while knowing when to involve a senior engineer.
• Effective communication with engineers who do not specialize in security, as much of your impact will be realized through their work.
• Nice to have: Familiarity with compliance frameworks such as SOC2 or PCI, or a genuine desire to learn about them.
• Nice to have: Experience in payments, fintech, or another regulated, high-stakes environment.
• Nice to have: Interest in fields such as supply chain security, detection engineering, or AI security.
• Competitive share options.
• Uncapped vacation, with a minimum of 25 days to be taken.
• Access to co-working spaces.
• Opportunities for workations and company retreats.
• Provision of top-notch equipment for your role.
• £500 contribution towards your home office setup.
• Generous budget for learning and development.
• Private Medical Insurance.
• A wide range of additional perks and benefits (*depending on location).
Salesforce
Plurilock
Navitas Business Consulting, Inc.
Foresite Cybersecurity
Get handpicked remote jobs straight to your inbox weekly.