Security Engineer (DevSecOps / Code Security)
About The Position
We are seeking a highly skilled Security Engineer with strong software engineering foundations and expertise in application security, DevSecOps, and cloud-native security. This role is ideal for someone who understands modern engineering workflows and can partner closely with software engineering, platform, and DevOps teams to embed security into the software development lifecycle. You will play a key role in securing applications, improving developer security practices, supporting Kubernetes and AWS environments, and helping Owkin scale secure engineering practices across its AI-driven platform.
Requirements
- Strong frontend and backend software engineering experience
- Expert-level knowledge of Git and modern version control workflows
- Hands-on application security experience in modern engineering environments
- Experience performing manual and automated secure code reviews
- Strong understanding of CI/CD pipelines and DevSecOps principles
- Practical experience with Kubernetes security and containerised environments
- Strong AWS cloud security knowledge
- Knowledge of OWASP Top 10, secure coding practices, and vulnerability remediation
- Ability to communicate effectively with developers and engineering leadership
- Collaborative and pragmatic approach to security
Nice To Haves
- Experience with Wiz Code or similar application security tooling
- Familiarity with Infrastructure as Code tools such as Terraform or CloudFormation
- Knowledge of container security and Kubernetes hardening
- Experience integrating security tooling into developer workflows
- Relevant certifications such as AWS Security Specialty or Kubernetes Security certifications, would be a bonus
- French-speaking would be a bonus, but not essential
Responsibilities
- Conduct in-depth application security assessments and secure code reviews across frontend and backend systems
- Partner with engineering teams to remediate vulnerabilities and improve secure coding standards
- Review and secure Git-based development workflows and branching strategies
- Integrate security controls into CI/CD pipelines in GitHub and DevSecOps processes
- Support cloud-native security initiatives across Kubernetes and AWS environments
- Use modern application security tooling, including Wiz Code, to identify and prioritise risks
- Develop automation and tooling using Python to support security operations and engineering workflows
- Advise developers on secure architecture, threat modelling, and security best practices
- Collaborate with DevOps, Platform Engineering, and Software Engineering teams to improve overall security posture
- Assist with vulnerability management, risk assessment, and remediation tracking
- Contribute to security standards, policies, and developer enablement initiatives
- On-call rotation for Wiz alerts (paid at an additional rate)
Benefits
- Flexible work organization
- Friendly and informal working environment
- Opportunity to work with an international team with high technical and scientific backgrounds
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
