Senior Security Engineer (DevSecOps & Automation)

On Ag
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Tech stack

API
Artificial Intelligence
Amazon Web Services (AWS)
Azure
Cloud Computing
Cloud Computing Security
Configuration Management
Static Program Analysis
Computer Security
Github
Identity and Access Management
Python
Network Security
Secure Coding
Software Engineering
TypeScript
Google Cloud Platform
Software Security
Infrastructure as Code (IaC)
Kubernetes
Terraform
Devsecops
Static Application Security Testing
Dynamic Application Security Testing

Job description

  • Design and implement "golden paths" for secure software development lifecycle (SSDLC), integrating security tools (SAST, DAST, SCA) directly into CI/CD pipelines (e.g., GitHub Actions)
  • Build and maintain automated security controls and policies for Infrastructure as Code (IaC), with a focus on Terraform
  • Code tools and scripts to automate security operations, enforce policies, and respond to threats

Cloud & Application Security:

  • Partner with Engineering and Infra as the subject matter expert on secure architecture, threat modelling, and secure coding practices
  • Engineer and manage security solutions for our cloud environments (GCP, Azure, AWS) and Kubernetes, focusing on IAM, network security, and configuration management
  • Conduct security design reviews and provide actionable, hands-on guidance for new systems and applications

Foundational Program Development:

  • Establish and document security engineering standards, playbooks, and best practices for engineering teams.

  • Evaluate, prototype, and onboard new security technologies and vendors, As a leading running brand, On's technology division operates in a dynamic, fast-paced environment and plays a critical role in driving our business success. You will play an active role in accelerating the maturity of our security posture; this is the foundational hire for a new Security Engineering function. Your mission is to protect the company's cloud infrastructure and applications by being a pragmatic, trusted, and a collaborative partner to Engineering. Your scope is broad, covering Application Security (AppSec), Cloud Security (CloudSec), and Network Security (NetSec). Key Stakeholders:

  • Engineering & Infrastructure: close, daily collaboration with Developers, Staff Engineers, SREs, and Platform teams (our primary partners) to embed security

  • Technology Leadership: partnering with Engineering Managers and Architects to drive security-by-design principles

  • Security Team (peers): working with the wider security team (e.g. IAM Lead, Incident Response) to automate solutions and support the team with expertise on security engineering matters, Vivek DIRECTOR OF ENGINEERING We're closely connected to the whole business. Every day, we're making quick decisions to improve the customer experience. Because these live changes impact the whole business, we deeply respect individual opinion and what others think about the end customer experience. Gioia HEAD OF OPERATIONS PROJECT PORTFOLIO MANAGEMENT My journey has evolved for sure and, actually, change can lead to infinite possibilities. Those core values that were there when I joined are still here today and I really find them extraordinary every day. Vivek DIRECTOR OF ENGINEERING We're closely connected to the whole business. Every day, we're making quick decisions to improve the customer experience. Because these live changes impact the whole business, we deeply respect individual opinion and what others think about the end customer experience. Gioia HEAD OF OPERATIONS PROJECT PORTFOLIO MANAGEMENT My journey has evolved for sure and, actually, change can lead to infinite possibilities. Those core values that were there when I joined are still here today and I really find them extraordinary every day. Vivek DIRECTOR OF ENGINEERING We're closely connected to the whole business. Every day, we're making quick decisions to improve the customer experience. Because these live changes impact the whole business, we deeply respect individual opinion and what others think about the end customer experience.

Requirements

Do you have experience in Terraform?, At On, our technology moves fast - and our Security Engineering team ensures it moves securely fast. We don't slow innovation; we amplify it by building intelligent, automated "golden paths" that make security seamless for every engineer. We're looking for a Senior Security Engineer with a defender's mindset and a builder's heart - someone who thrives on transforming detection insights, incident learnings, and threat intelligence into code, automation, and AI-driven solutions. If you've ever thought "there has to be a smarter way to stop this before it happens", this role is for you. You'll design, automate, and scale security capabilities that let our developers move with confidence - turning lessons from today's incidents into tomorrow's prevention., * Hands-on builder mindset - you have 5+ years of experience in DevSecOps, Application Security, or Security Engineering, with a strong track record of using automation to solve real-world security problems

  • Coding fluency - you're comfortable writing tools and automating workflows in languages like Python, Go, or TypeScript, and you thrive in API-driven environments
  • Engineering depth - you know your way around CI/CD pipelines (e.g., GitHub Actions) and Infrastructure as Code (e.g., Terraform), and you've successfully embedded security tools and controls directly into them
  • AI curiosity meets security impact - you're passionate about exploring how AI can revolutionise threat detection, secure code analysis, and automation - and you're ready to turn that curiosity into production-grade solutions
  • Collaborative DNA - you partner naturally with engineers and developers. You see security not as a blocker, but as an enabler of speed, innovation, and trust

Benefits & conditions

On is a place that is centered around growth and progress. We offer an environment designed to give people the tools to develop holistically - to stay active, to learn, explore and innovate. Our distinctive approach combines a supportive, team-oriented atmosphere, with access to personal self-care for both physical and mental well-being, so each person is led by purpose. On is an Equal Opportunity Employer. We are committed to creating a work environment that is fair and inclusive, where all decisions related to recruitment, advancement, and retention are free of discrimination. Build the better you

What to expect

We want to set everyone up for success, so here's the lowdown on how we hire. Our process is a two-way street - bringing you into our culture, while helping us learn how you think.

Our full process can last about eight weeks from application to offer, because we care about getting it right. These steps explain how we usually do things. Before you get started, feel free to consider if you want to work with us. Strange question? Well, we give people a lot of space to navigate their day-to-day and that style isn't for everyone. We want you to be passionate about what you do and be sure this is the right fit. Because when skills and passion combine - it creates that 'Wow' moment.

About the company

Zürich Just by the banks of the Limmat you'll find our largest global hub in Zürich West - On Labs - where you can hike up 12 floors through our custom-built spiral trail. Förrlibuckstrasse 190, 8005 Switzerland Gioia HEAD OF OPERATIONS PROJECT PORTFOLIO MANAGEMENT My journey has evolved for sure and, actually, change can lead to infinite possibilities. Those core values that were there when I joined are still here today and I really find them extraordinary every day.

Apply for this position