Senior Product Security Engineer (d/f/m)

Requirements

• Threat Modeling: Conduct code reviews and threat modeling on applications and relevant supporting services and tools.
• Code: Write efficient, maintainable and testable code.
• Services: Implement security services, automation, and monitoring tools to protect Personio services.
• Mentoring: Mentor engineering team members on security best practices.
• Stakeholder Management: Communicate to stakeholders, providing advice on vulnerability remediation and risk mitigation.
• Tooling: Develop innovative and scalable tools, solutions, and processes to detect security threats and threats to data security.
• Operations: Participate in security operations, responding to security incidents and providing security expertise for Personio customers and internal stakeholders.

Nice to Haves

• You have at least 5 years of experience in areas such as application security, offensive security, systems security, and/or incident response.
• You understand security vulnerabilities, threat modeling, attacker exploit techniques, and methods for remediation.
• You have the ability to drive technical, security, and architectural reviews.
• You know at least one programming language. Plus if you have experience with PHP (e.g: Go, Python, Kotlin, Ruby, etc.).
• You have experience with the implementation of security tools and practices in modern, cloud-native environments for customer-facing web-based applications.
• You have a clear understanding of the balance between security and user friction.

What You'll Be Doing

• Receive a competitive reward package – reevaluated each year – that includes salary, benefits, and pre-IPO equity.
• Enjoy 28 days of paid vacation, plus an additional day after 2 and 4 years (because we love what we do, but we also love vacation!).
• Make an impact on the environment and society with 2 (fully paid) Impact Days – one for an individual project of your choice and one for a company-wide initiative.
• Receive generous family leave, child support, mental health support, and sabbatical opportunities with PersonioCares.
• Find your best way to work with our office-led, remote-friendly PersonioFlex! Most teams offer a roughly 50% remote, 50% in-office working framework.
• Invest in your development with an annual personal development budget to use on professional memberships, external certifications, conferences, and more.
• Connect with your fellow Personios at regular company and team events like All Company Culture Week and local year-end celebrations and onsite and offsite events with the Security Organisation.
• Engage in a high-impact working environment with flat hierarchies and short decision-making processes.