About the role

Security Lead at Qargo overseeing security strategy and implementation for a cloud-native transport platform. Collaborating with engineering to ensure compliance and resiliency across Europe.

Responsibilities

Security Strategy: Lead and evolve Qargo’s security roadmap across infrastructure, applications, and internal ecosystems.
Engineering Partnership: Partner with development teams to "shift left," embedding security through threat modeling, automated code reviews, and architectural deep-dives.
Vulnerability Management: Own the end-to-end lifecycle of vulnerability discovery—from automated scanning and prioritization to hands-on remediation.
Cloud & Infrastructure: Design and maintain a secure, least-privilege cloud architecture (AWS/GCP/Azure), focusing on IAM, network segmentation, and advanced logging.
Security Tooling: Implement and optimize our security stack, including SIEM, EDR, WAF, and secrets management.
Incident Response: Drive our incident response capabilities—managing triage, containment, and post-mortem analysis to ensure continuous improvement.
Platform Hardening: Secure our Kubernetes clusters, container workloads, and deployment pipelines against modern attack vectors.
Compliance & Audits: Support our ISO 27001 and SOC 2 efforts by building scalable, automated compliance workflows.
Knowledge Sharing: Create clear security guidelines, runbooks, and playbooks that empower the wider engineering team.

Core Security Knowledge
Deep understanding of Secure-by-Design principles, defense-in-depth, and the principle of least privilege.
Extensive experience in threat modeling and security architecture reviews.
A strong grasp of the OWASP Top 10 and common API/application vulnerabilities.
Technical Skills
Strong Linux and Networking fundamentals (TCP/IP, DNS, TLS, HTTP/S).
Hands-on experience securing Public Cloud environments (IAM, VPC, Logging).
Ability to script and automate (Python, Go, or Bash) to scale security operations and reduce manual toil.
Application and Platform Security
Proficiency in modern AuthN/AuthZ patterns (OAuth2, OIDC, JWT).
Experience with Kubernetes and container security (image scanning, runtime policies).
Familiarity with securing CI/CD pipelines and automated deployment workflows.
Operational and Compliance Experience
Experience working within security frameworks such as ISO 27001, SOC 2, or NIST.
A strong mindset for observability, monitoring, and proactive alerting.

Technical Ownership: The authority to shape the security posture of a major European SaaS platform.
Innovation: Work with a modern tech stack in a company that values technical craftsmanship over bureaucracy.
Ghent Tech Hub: Be part of a talented, international engineering team based in the heart of Ghent.
Scale-up Growth: Opportunities to grow professionally as the company expands its footprint across Europe.
Flexible Working: A supportive, hybrid work environment that trusts you to manage your own impact.