Threat Modeling: Conduct code reviews and threat modeling on applications and relevant supporting services and tools.
Code: Write efficient, maintainable and testable code.
Services: Implement security services, automation, and monitoring tools to protect Personio services.
Mentoring: Mentor engineering team members on security best practices.
Stakeholder Management: Communicate to stakeholders, providing advice on vulnerability remediation and risk mitigation.
Tooling: Develop innovative and scalable tools, solutions, and processes to detect security threats and threats to data security.
Operations: Participate in security operations, responding to security incidents and providing security expertise for Personio customers and internal stakeholders.
Nice to Haves
You have at least 5 years of experience in areas such as application security, offensive security, systems security, and/or incident response.
You understand security vulnerabilities, threat modeling, attacker exploit techniques, and methods for remediation.
You have the ability to drive technical, security, and architectural reviews.
You know at least one programming language. Plus if you have experience with PHP (e.g: Go, Python, Kotlin, Ruby, etc.).
You have experience with the implementation of security tools and practices in modern, cloud-native environments for customer-facing web-based applications.
You have a clear understanding of the balance between security and user friction.
What You'll Be Doing
Receive a competitive reward package – reevaluated each year – that includes salary, benefits, and pre-IPO equity.
Enjoy 28 days of paid vacation, plus an additional day after 2 and 4 years (because we love what we do, but we also love vacation!).
Make an impact on the environment and society with 2 (fully paid) Impact Days – one for an individual project of your choice and one for a company-wide initiative.
Receive generous family leave, child support, mental health support, and sabbatical opportunities with PersonioCares.
Find your best way to work with our office-led, remote-friendly PersonioFlex! Most teams offer a roughly 50% remote, 50% in-office working framework.
Invest in your development with an annual personal development budget to use on professional memberships, external certifications, conferences, and more.
Connect with your fellow Personios at regular company and team events like All Company Culture Week and local year-end celebrations and onsite and offsite events with the Security Organisation.
Engage in a high-impact working environment with flat hierarchies and short decision-making processes.