Senior Product Security Engineer at Red Hat focusing on security and compliance for digital sovereign products while collaborating across global teams and enhancing automation.
About the role
- Senior Security Engineer managing security across the company for an AI healthcare startup. Overseeing vulnerability management and incident response to enhance security standards.
Responsibilities
- Manage security across the company, including running the bug bounty program, reviewing incoming reports, coordinating fixes, and maintaining automated security updates.
- Design and enforce secure architecture and engineering practices that prevent vulnerabilities and raise security standards across all teams.
- Regularly test infrastructure and applications to find weaknesses early and strengthen the organization's security.
- Lead security incident response with urgency, reducing detection and fix times while driving long-term improvements.
- Ensure ongoing compliance with security frameworks and certifications, playing a key role in achieving and maintaining HIPAA and C5.
- Monitor emerging threats and assess their impact on services to keep systems resilient in a high-stakes healthcare environment.
Requirements
- Several years of experience in vulnerability management, incident response, or security engineering in cloud-native environments.
- Strong backend engineering fundamentals, ideally with Kotlin.
- Hands-on security expertise across modern infrastructure including Linux, networking, storage, Kubernetes/Docker/containers, AWS cloud services, Infrastructure-as-Code/GitOps, and databases such as PostgreSQL, Redis, MongoDB, and DynamoDB.
- Several years of experience in assessing vulnerabilities, prioritizing risks, and designing effective long-term solutions.
- A proactive mindset, you identify weaknesses before they can be exploited.
- Clear communication and collaboration skills that influence and elevate teams.
- Experience working with security or compliance frameworks such as HIPAA, SOC 2, or C5 is beneficial but not required.
Benefits
- 30 vacation days plus your birthday off
- Germany Transport Ticket
- Urban Sports Club
- Regular company off-sites
- Access to learning platforms such as Blinkist and Audible
- Flexible working hours and a good hybrid set-up.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Security Engineer safeguarding K - 12 student data in several locations for EduTech startup. Designing secure software systems and ensuring data protection to comply with privacy standards.
Security Engineer focusing on data protection and privacy for Kira Learning's educational technology. Safeguarding K - 12 student data while collaborating with engineering teams on secure software development.
Senior Cybersecurity Engineer responsible for protecting Advansys and its clients' IT infrastructure. Designing, implementing, and managing security solutions, while mentoring junior engineers.
Security Engineer responsible for incident response and security protocol design at Sinch. Joining a global team to safeguard sensitive information and enhance cybersecurity measures.
Content Developer creating engaging and effective learning materials for coding education online. Collaborating with a team to develop tailored resources for K - 12 learners in Egypt.
Campus Security Officer ensuring safety at Bright Horizons early childcare centers in Seattle. Responsible for access control, surveillance, and emergency response.
Sounding and Security Watch responsible for Navy asset security at NSF Diego Garcia. Conducting checks and ensuring safety during designated watch hours with strong situational awareness.
Sales Enablement Manager creating technical content for Upwind Security. Collaborating across teams to translate cloud security concepts into clear narratives for engineers and security leaders.
Security Engineer designing and implementing security measures to protect Snap Inc.'s infrastructure. Collaborating across teams while focusing on threat detection and response strategies.