Security Engineer

We are seeking an experienced Security Engineer with strong expertise in cloud and infrastructure security, combined with a solid understanding of web application security principles. The ideal candidate will play a key role in strengthening beqom's security posture across cloud environments, infrastructure, and application layers.

You will collaborate closely with engineering, DevOps, and product teams to identify and mitigate security risks, perform secure code reviews, and manage vulnerabilities throughout the software development lifecycle (SDLC).

What will you be doing?

• Design, implement, and maintain cloud and infrastructure security controls (e.g., IAM, network segmentation, encryption, logging, monitoring).
• Conduct security reviews and risk assessments for new and existing systems, architectures, and cloud deployments.
• Lead vulnerability management activities, including triaging, tracking, and remediation of findings from SAST, DAST, and SCA tools.
• Perform or support secure code reviews and assist developers in remediating security vulnerabilities.
• Provide expertise on OWASP Top 10 vulnerabilities, common exploitation techniques, and secure coding best practices.
• Support incident response and security investigations related to infrastructure, cloud, or application environments.
• Collaborate with DevOps and Engineering, Compliance teams to embed security automation in CI/CD pipelines.
• Maintain and improve security monitoring, detection, and alerting capabilities across cloud platforms (e.g., AWS, Azure).
• Contribute to security documentation, standards, and playbooks.
• Support compliance and audit activities (e.g., ISO 27001, SOC 2) by providing technical evidence and control validation.

Do you have experience in Terraform?, * 3-5+ years of experience in Cybersecurity Engineering, with a focus on Cloud and Infrastructure Security.

• Hands-on experience with AWS, Azure, security tools and controls.
• Strong understanding of network security, identity and access management, encryption, and container security (e.g., Docker, Kubernetes).
• Experience with vulnerability management tools.
• Solid knowledge of web application security and the OWASP Top 10.
• Experience with secure code reviews, threat modelling, and secure SDLC practices.
• Familiarity with security automation in CI/CD pipelines (GitHub Actions, GitLab CI).
• Working knowledge of incident response, forensics, or SIEM tools
• Strong understanding of ISO 27001, SOC 2, or similar frameworks.
• Excellent communication and collaboration skills.

Bonus points if you have:

• Relevant certifications such as CISSP, CCSP, OSCP, CEH.
• Experience in threat modeling and security architecture design.
• Knowledge of DevSecOps principles and Infrastructure as Code (IaC) scanning (Terraform, CloudFormation).

beqom is a high-growth B2B SaaS company that provides industry-leading tools for pay equity and transparency, compensation, and performance management. Trusted by some of the world's most respected companies, beqom enables HR and business leaders to navigate global compliance and make smarter pay decisions that attract, retain, and motivate top talent. Founded in Switzerland and serving clients worldwide, our powerful, enterprise-ready products are fueled by beqom pay intelligence., * Belong to something bigger. Collaborate with a passionate, diverse and talented team around the globe.