Concerning the role
We are looking for a Lead Security Engineer to join our security team in our Helsinki headquarters.
You will in this role. Engage in the active development and implementation of our comprehensive security plan. Lead the charge in protecting our data, internal systems, and SaaS solutions while ensuring compliance with all applicable laws and industry standards, including the CCPA, GDPR, and SOC 2 Type II. Work collaboratively with development, operations, and other teams to integrate security best practices across the software development lifecycle (DevSecOps).
Your everyday responsibilities and tasks include...
Security Architecture & Engineering: Develop, implement, and oversee security protocols for our SaaS platform and internal infrastructure. This includes proactive security risk identification and mitigation, IAM policy creation and administration, robust audit logging through SIEM, vulnerability and threat detection (SAST, SCA, IAC, and container image analysis) automation, and more.
Governance & Compliance: Manage and oversee our security and compliance programs, ensuring adherence to legislative standards, including SOC 2 Type II, GDPR, CCPA, and others, as well as industry best practices. Work collaboratively with internal teams and external auditors to speed audits and ensure their timely conclusion.
Threat Response & Incident Management: Develop and improve incident response protocols and strategies. Oversee the investigation and repair of security incidents, ensuring timely resolution and minimizing harm.
Team Guidance & Leadership: Mentor and guide junior security engineers to enhance their technical and professional skills.Collaboration and Interaction: Work collaboratively with the development and operations teams to integrate security into the Software Development Life Cycle (DevSecOps). Both technical and non-technical stakeholders, including executives and clients, should be given a clear explanation of security dangers and solutions.
Procurement and Security Assessments: Conduct thorough security assessments as part of the procurement procedure. Represent Supermetrics' security position in pre-sales discussions with prospective clients.
Security Culture: By incorporating security principles into all aspects of our company operations and product development, we can foster a culture where security is given top priority.
If you have, you ought to apply for this position. five or more years of expertise in information security, with a focus on cloud or SaaS settings (GCP or AWS preferable). shown expertise in implementing and overseeing security frameworks, including CIS Benchmarks, SANS Top 25, and OWASP Top 10. It is crucial to be knowledgeable about risk assessment and remedial techniques. proficiency in protecting Kubernetes clusters in intricate multi-cloud settings (a big advantage). strong knowledge of threat modeling and Identity and Access Management (IAM).
practical knowledge of SIEM and other security solutions. It is essential to have prior software development experience, be proficient in at least one high-level programming language (such Python or Go), and have a solid understanding of safe coding practices. Experience assessing and improving source code is also required, as is a demonstrated capacity to manage compliance activities, particularly those employing SOC 2 or similar frameworks. exceptional communication, leadership, and interpersonal skills. the ability to communicate complex technical ideas to both technical and non-technical audiences; a strong dedication to creating a security culture throughout the whole business
Extra points...
knowledge of container security technologies and relevant security certifications (such as CISSP, CISM, etc.).
benefits that we offer. a competitive benefits package with equity included. Excellent workplace and a home office for staff members who operate from our far-flung locations. insurance for leisure and health advantages. €1000 is spent annually on personal education. Sports and wellness allowance. Benefits may vary depending on location. You may find more information at supermetrics.com/careers#benefits.
Over 360 growth-minded people from diverse backgrounds make up our team. Our staff is diversified, resourceful, and cooperative.
The foundations of Supermetrics' business are openness, trust, and a strong client focus. We want to be leaders in our industry by being proactive and forward-thinking. We help each other out and work well together.
We are looking for a diverse, competent, and collaborative team in addition to establishing an inclusive environment where everyone is treated equally and with respect.
It all started with a Google t-shirt. Visit supermetrics.com/about to read the whole narrative of our growth.