Logo of Huzzle

Home

Matches

Explore

Manage

Staff Security Engineer

image

Back Market

17d ago

  • Job
    Full-time
    Expert Level
  • Software Engineering
    IT & Cybersecurity
  • Berlin
  • Quick Apply

AI generated summary

  • You have 10+ years in web service security, strong cybersecurity knowledge, project planning skills, automation experience, coding proficiency (Python, TypeScript, Golang), and excellent communication skills.
  • You will enhance security posture, lead projects, mentor engineers, automate controls, investigate incidents, and align security efforts with organizational goals.

Requirements

  • You are a talented and experienced engineer, with at least 10 years experience of securing web services in dynamic cloud environments
  • With proven experience as a Security Engineer / SOC analyst with cross-team influence
  • A strong understanding of cybersecurity principles, techniques, and best practices
  • Acting as a role model for facilitating and balancing product and engineering concerns, including long-term sustainability
  • Demonstrable ability to plan & execute large, complex projects with interdependencies
  • Collaborating with leaders across the company to get maximum business impact with minimum resources
  • You believe in the importance of security automation following a secure development lifecycle, with the ability to develop your own scripts and tools to succeed in your mission
  • Be comfortable conducting Security Requirement Analysis & propose cybersecurity architectures based on the analysis
  • Threat intelligence and attack patterns expertise
  • Proficient in vulnerability analysis and remediation, with knowledge about setting up and tuning scanners
  • Understanding of edge protection technologies including WAF, Bot management, rate limiting etc
  • Familiarity with SIEM tools, network and endpoint security technologies
  • Passion for cybersecurity, hands-on, and eager to contribute code to our in-house modern security technologies
  • You are curious, rigorous, and enjoy exploring new methods and technologies.
  • Transparency in communications and able to find solutions by partnering with your team when you don't have the answer
  • You like to share knowledge, and make your colleagues aware of good cybersecurity practices, by supporting your proposals with concrete examples and demonstrations
  • It would be a plus if your skills are recognized by a certification such as (ISC)² CISSP, CCSP or CSSLP, SANS GCTI, GDSA, CSA CCSK, BTL2 - or you are ready to obtain it in the near future
  • You want to join a challenging technical environment: GCP, Kubernetes, ArgoCD, Terraform, Datadog, Cloudflare, Google Chronicle, Github, CircleCI etc., where you can spread your influence and help secure our environment
  • Proficient in several coding languages such as Python, TypeScript, Golang, etc
  • Great verbal and written communication skills, in English

Responsibilities

  • Leading a technical focus on continuous improvement of the company's security posture, ensuring resilience to threats
  • Strategically guiding and executing large, complex projects, driving technical vision and Security architecture, fostering collaboration, and effectively communicating to impact the entire organization's tech quality and growth
  • Identifying blockers to organizational efficiency and effectively advocating for remediations
  • Ensuring focus is on the highest impact, most critical, future-facing decisions
  • Assisting managers to ensure proper delegation at all levels of the organization, appropriate decision-making, and free flow of information
  • Sharing time between supporting and advising technical teams, automating and enhancing security controls, improving our security framework, mentoring fellow Security Engineers, and leading the design, build, and operation of modern security solutions that scale
  • Contributing to monitoring security alerts & events to identify potential threats & incidents, investigating & analyzing security incidents to determine the extent and impact of the breach, collaborating with other teams to gather and analyze threat intelligence & maintaining and enhancing security incident detection and response procedures
  • Informing and defining the best approaches to address challenges, aligning company goals and objectives with minimal effort expenditure

FAQs

What is the main objective of the Staff Security Engineer role at Back Market?

The main objective is to safeguard Back Market's information assets, focusing on security architecture, incident response, and remediating security threats.

How many years of experience are required for the Staff Security Engineer position?

A minimum of 10 years of experience in securing web services in dynamic cloud environments is required.

What type of projects will the Staff Security Engineer be involved in?

The Staff Security Engineer will guide and execute large, complex projects, driving technical vision and security architecture across the organization.

What skills and expertise should candidates possess for this role?

Candidates should have a strong understanding of cybersecurity principles, experience in threat intelligence, vulnerability analysis, and familiarity with security tools and automation.

Is there a specific focus on security automation in this role?

Yes, the role emphasizes the importance of security automation following a secure development lifecycle, along with the ability to develop scripts and tools for mission success.

What technologies will the Staff Security Engineer be working with?

The position involves working with technologies such as GCP, Kubernetes, Terraform, Datadog, Cloudflare, and more.

Are there opportunities for professional development in this role?

Yes, Back Market offers hands-on career development and encourages employees to further their skills and obtain relevant certifications.

How does Back Market support diversity and inclusion in the workplace?

Back Market is committed to hiring diverse teams and integrates diversity, equity, and inclusion principles into its culture, supported by dedicated staff and employee resource groups.

What is the interview process for this position?

The interview process includes initial calls with a tech talent acquisition specialist, leadership interviews, technical interviews, and team fit discussions.

Is knowledge of coding languages required for this position?

Yes, proficiency in multiple coding languages such as Python, TypeScript, and Golang is required.

image

Back Market

Manufacturing & Electronics
Industry
501-1000
Employees
2014
Founded Year

Mission & Purpose

Founded in 2014 by Thibaud Hug de Larauze, Quentin Le Brouster, and Vianney Vaute, Back Market is a global marketplace for premium refurbished electronics. We’re here to help make refurbished tech trustworthy, reliable, and affordable. As a certified B-Corp, Back Market’s mission is to do more with what we already have. Because, well, what we already have is pretty great. That’s why all the tech you find on Back Market is better than new — because not only is it in perfect working condition, independent scientific research shows that refurbished electronics have a significantly smaller footprint on the environment than brand new. Every time someone chooses refurbished tech, we avoid additional environmental impact on the planet. Of course, it’s not just about the tech sold by sellers on our marketplace, it’s also about how we run our business — we hold ourselves to high standards when it comes to our own sustainability practices, too. We work across the refurbishment industry to develop new technologies, support environmental initiatives related to electronic waste (e-waste), and work with local governments across the globe to pass legislation that supports sustainability and the Right to Repair in the tech industry. We know we’re not alone in our vision for a world where tech respects the planet. With 884M€ raised to date and over 10 million customers around the world, we’re well on our way to the joyful revolution of Tech Reborn.