We’re hiring a Senior Security Engineer to take full ownership of vulnerability management and embed security into the heart of engineering. This is a high-impact, high-visibility role where you’ll influence how software is built, not just review it after the fact.
Responsibilities:
- Own the vulnerability management programme end-to-end
- Embed security across the SDLC —from design to deployment
- Be a visible voice in engineering —raising issues early, not reacting late
- Manage inputs from SAST, pen testing, and bug bounty programmes
- Lead responsible disclosure & CVE coordination with external researchers
- Secure cloud environments across AWS, Azure, Kubernetes & containers
- Drive standards for hardened, secure base images
- Escalate risks when needed—you’ll have leadership backing
Requirements:
- Proven experience in vulnerability management within a tech environment
- Strong understanding of how security fits into engineering workflows
- Hands-on cloud security experience (AWS, Azure, Kubernetes)
- Experience with CI/CD and code scanning tools
- A proactive mindset —you speak up, challenge, and influence
- Experience with responsible disclosure / external researchers
- Comfortable operating cross-location (Dublin ↔ Porto)
Nice to Have:
- Terraform / IaC security experience
- SaaS or product-led environment exposure
- Pen testing coordination
- Threat modelling / secure-by-design knowledge
Why This Role?:
- Own and shape a growing product security function
- Work directly with engineering & product teams
- Strong backing from leadership to drive real change
- International exposure across two key tech hubs
If you’re someone who leans into engineering, not away from it , and wants to build security into products, not bolt it on, this is worth a conversation.
