Intel 471
Senior Security Engineer (Europe, Remote)
Remote Security Engineering role with clear candidate location fit.
PostedJul 6, 2026
Eligible countries1 accepted country
Seniority signalSenior
Work settingRemote
Accepted candidate locations
USA
Role overview
Senior Security Engineer (Europe, Remote)
Requirements and responsibilities
Readable role content extracted into sections for faster review.
Product and application security
- Application security: Lead application security across the product portfolio - threat modeling, secure design reviews, code-review support, and hands-on remediation work alongside developers.
- Secure SDLC and tooling: Embed security into the SDLC and CI/CD without creating unnecessary delivery friction. Build, own and tune security tooling (SAST, DAST, dependency and container scanning, secrets detection) and implement policy-as-code and pre-merge gates in our Terraform and Terragrunt pipelines yourself.
- Vulnerability management: Identify, validate, prioritize and remediate vulnerabilities in applications, APIs, infrastructure and third-party integrations, working hands-on with engineering and advising pragmatically on risk trade-offs.
Cloud infrastructure and detection
- Cloud security: Own the security posture across AWS and Kubernetes - IAM and network design, encryption, logging baselines, configuration drift and cloud security posture management.
- Detection and response: Build and tune cloud detections (CloudTrail, GuardDuty, Security Hub), write runbooks, and act as the technical security lead for product and cloud incidents, partnering with DevOps for investigation and containment. This role is the security escalation point for incidents; there is no primary tier-1 pager rotation.
Compliance and customer trust
- Audit ownership: Own and drive our SOC 2 and ISO 27001 programs end to end - control design, evidence automation and primary auditor liaison - and maintain policies and control documentation in Confluence. The internal Security Engineer runs the day-to-day evidence pipeline and supports you.
- Customer assurance: Support sales and customer trust by completing security questionnaires, explaining our technical controls, and handling follow-up from customer audits and assessments.
Architecture and leadership
- Security review: Drive the security review of new features, architecture decisions, integrations and platform changes, especially where customer data, authentication, authorization or data-processing risks are involved.
- Manage and mentor the Security Engineer: Manage, mentor and develop our internal Security Engineer, including 1:1s, performance reviews, leave approvals and day-to-day delegation. Corporate IT, identity and endpoint security are owned by them, not by you, so you can focus on product and cloud security.
Ideal Profile
- Hands-on builder, not an advisor: You implement security yourself - controls, fixes, tooling and detections - rather than handing work to others and waiting for it to happen. This is a doing role.
- Product and cloud security depth: Strong hands-on background in application security and secure software development in cloud-native environments (AWS, Kubernetes, CI/CD, containers, infrastructure-as-code).
- Comfortable in code: Comfortable reading code, reviewing APIs and architecture, and working directly with developers on remediation.
- Compliance driver: Proven ability to drive SOC 2 and ISO 27001 workstreams, from control design to auditor interaction, not only evidence collection.
- People leadership: Able to manage and develop one engineer, including delegation, 1:1s and performance.
- Pragmatic communicator: Balances hands-on technical work with the process discipline of enterprise B2B SaaS, and explains risk clearly to engineers, leadership, auditors and occasionally customers.
- AI-forward: Comfortable using AI and LLM tools day to day and genuinely open to adopting them further. Deep AI-security expertise is not required, but a fundamental willingness to engage with AI is expected; an unwillingness to work with AI is not a fit.
- Atlassian native: Works day to day in the Atlassian stack (Jira, Confluence) as our primary documentation and workflow systems.
Nice to haves
- Experience securing AI/LLM or agent-based features (prompt injection, tool and agent permissions, model-access controls).
- Hands-on familiarity with the security and observability platforms we use, such as Snyk, Rapid7 and Grafana Cloud, and with Microsoft Sentinel for cross-team investigations.
- Experience in cyber threat intelligence, attack surface management, threat hunting or other security-product environments.
- Prior experience in a PE-backed or scale-up software company where security, compliance and delivery speed all matter.
- Prior experience working as a software engineer or in a DevOps role.
- Certifications such as CISSP, CSSLP, OSCP, AWS Security Specialty, CKS, ISO 27001 Lead Implementer or similar, helpful but not required.
Benefits
- Competitive compensation
- Remote-friendly culture
- Wellness programs
- Employee recognition program
- A variety of professional development opportunities
- Inclusive culture focused on people, customers and innovation
Similar roles
Keep a backup shortlist.
AWS, Kubernetes 13 accepted countries
Senior Backend Engineer (AdTech)Leap ToolsView role AWS, Kubernetes 13 accepted countries
Senior Backend EngineerLeap ToolsView role AWS 13 accepted countries
Senior Software EngineerBaltimore BannerView role AWS 8 accepted countries
Talent Community| Senior JavaScript Full Stack EngineerHiring teamView role Stack
Use these tags to compare similar remote roles.
Location eligibility
Candidates should apply only when their profile country is listed here.
Your profileCountry not setSign in to check your country against this role.
Hiring flow
WithMira shows the role, then sends candidates to the company application.
1Check role fit, stack, and location eligibility in WithMira.
2Open the company application page from the tracked apply link.
3Save the role or subscribe for similar opportunities before leaving.