AI Security Engineer focusing on adversarial machine learning and enterprise security architecture. Leading red team engagements and translating technical risk into governance frameworks.
About the role
- Security Engineer ensuring core security in product development at Trustly. Collaborating with teams on security practices and automating controls.
Responsibilities
- Own and continuously improve our vulnerability management program, ensuring full coverage and accurate exposure visibility across all assets
- Build and maintain automation around security tooling to ensure data quality, consistency, and actionable insights
- Perform security assessments across the SDLC: design reviews, threat modeling, code reviews, and dynamic testing, working closely with engineering teams
- Integrate and enforce security controls within CI/CD pipelines (SAST, DAST, secrets detection, dependency scanning), with a strong focus on developer experience
- Conduct internal offensive security activities (penetration testing, red teaming, exploitation) to validate real-world risk and identify control gaps
- Translate vulnerabilities into real business risk by validating exploitability and prioritizing remediation based on impact
- Contribute to incident response and security investigations, including root cause analysis and improvement of detection and response capabilities
- Actively participate in improving our security posture by challenging assumptions, refining detection logic, and improving how we measure exposure
- Collaborate with infrastructure and platform teams (AWS, Kubernetes, IAM) to ensure secure-by-design architectures
- Contribute to threat intelligence efforts by identifying relevant threats and mapping them to our internal stack and exposure
- Support the evolution of our security practices, tooling, and processes as we continue to scale our business and security capabilities
Requirements
- You have hands-on experience in cybersecurity engineering, application security, or infrastructure security
- Strong understanding of modern cloud environments (preferably AWS), including networking, IAM, and containerized workloads
- Experience with vulnerability management and security tooling, with a good understanding of asset exposure and data accuracy
- Familiar with integrating security controls into CI/CD pipelines (SAST, DAST, secrets detection, dependency scanning)
- Comfortable performing technical security assessments (web, APIs, infrastructure), including validation and exploitation of vulnerabilities
- Solid understanding of core security concepts and protocols (DNS, TLS, authentication, CVEs, etc.)
- Able to think in terms of risk and prioritize based on real-world impact rather than theoretical vulnerabilities
- Experience working in regulated environments such as financial services is a strong plus
- Strong collaboration and communication skills, able to work closely with developers and infrastructure teams
- Pragmatic mindset, able to balance security requirements with engineering constraints
- Curious and proactive, not afraid to challenge existing setups and improve them
- Certifications (e.g. OSCP, OSWE or similar) are a plus but not required
Benefits
- 20 to 30 days of holiday to support a healthy work-life balance
- Monthly team outing allowance to enjoy social events with your colleagues
- Parental leave top-up additional support for new parents
- Daily breakfast and on-site perks to make your workday smoother
- Well being support our health allowance covers gym memberships, massages, and much more to help you feel your best
- PLUS additional benefits designed to enhance your work-life experience!
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
AI Security Architect leading adversarial testing for enterprise AI products, integrating security findings into governance frameworks. Collaborating with engineering and compliance functions in a hybrid work environment.
Leading GRC & IT Security Consulting at Orange Cyberdefense in Zürich. Drive business growth and manage client relationships while leading a technical consulting team.
Senior Endpoint Security Engineer at Metric5 managing CrowdStrike Falcon deployment for Department of Treasury. Overseeing sensors rollout and resolving high - tier architectural issues in diverse IT environments.
Cybersecurity Sales Specialist responsible for driving sales across Fortune 250 accounts. Engage with C - suite leaders to enhance cybersecurity solutions and strategies across global enterprises.
Sales Specialist for Data Security driving growth in Public Sector and MidMarket teams at Proofpoint. Partnering with core sales reps and delivering value in Data Security portfolio.
Principal Product and Process Security Certification Expert at NXP driving security evaluation and certification for embedded products. Responsible for compliance with cybersecurity standards and certifications in emerging markets.
Physical Security Technology Manager responsible for administering and optimizing security technology platforms at Dominium. Engaging in multiple locations to enhance system performance and reliability.
Junior Consultant in Cyber Security at MKS4U IT - Beratungs GmbH providing security assessments and client consulting. Focused on developing and implementing security strategies within a hybrid working environment.
Teamlead for IT Perimeter Security Engineering at Axians Switzerland, leading a security team and managing client consultations. Engaging in technical engineering of security solutions while fostering team development.