Security Engineer

What you’ll do

• Responsible for enhancing security posture using advanced threat intelligence solutions for swift detection of malicious threats.
• Collect, analyze, and operationalize real-time threat intelligence feeds to identify emerging risks and adversary tactics and translating these into concrete action points.
• Integrate threat intelligence into security operations to anticipate and respond to threats faster, minimize vulnerabilities, and protect critical systems, platform, and data.
• Be the main technical capacity for information security incidents and help improve incident response workflows.
• Act as a subject matter expert on technical security topics.
• Ensure a security-first approach in all delivery pipelines.
• Write security documentation and provide technical guidance on risk mitigation.
• Platform Engineering is your home but helping other teams on security topics will be a common task as well.
• Influence tooling decisions, vendor selection, and process improvements in alignment with company-wide security goals.
• Collaborate closely with the Legal & Security team to provide expert technical security support.

What you’ll bring to the role

• Solid experience in SIEM and Incident Response.
• Hands-on experience in security engineering or related technical security roles.
• Expertise in cloud platforms (Microsoft Azure), including IAM, networking, monitoring, and data protection.
• Curious, collaborative, and practical mindset.
• Good grasp of modern attack vectors, vulnerability management, and secure software development practices.
• Practical experience with infrastructure-as-code and CI/CD pipelines.
• Good scripting/coding or automation skills in languages like dotnet and typescript.
• Ability to communicate technical security risks and topics to both technical and non-technical audiences.
• Demonstrate high autonomy by transparently prioritizing and effectively managing multiple initiatives..
• Experience with general scripting (Bash, Powershell, Terraform) is a plus.
• Experience working with SaaS products is a plus.

Success looks like

• Security is seamlessly integrated into Planday’s software development lifecycle.
• Automated security testing and secure coding practices are widely adopted across engineering teams.
• Threat intelligence and security processes are actively used to detect and mitigate risk.
• Findings from audits and pen tests are resolved in a timely, structured way, either through delegation of work or direct contribution.
• Engineering teams have access to reusable security tooling and clear guidance.
• Engineering teams feel empowered and supported in delivering secure applications.
• Security threats are proactively identified and mitigated using cloud managed security automation tooling and monitoring.
• Security is proactively addressed at the design stage, reducing the need for last-minute fixes.
• Vulnerabilities are identified, triaged, and remediated efficiently, with clear prioritization based on risk.
• Security incidents are reduced, and response processes are faster and more effective.
• Security testing is implemented and secure code principles are being followed by the teams.
• Development and product teams view security as an enabler, not a blocker.
• The organization has a clear, technically sound approach to securing its infrastructure and applications
This position description is intended merely as a guideline of the responsibilities involved in the position. The employee is expected to perform any other duties as reasonably required by their Manager.