Security Engineer

As a Security Engineer at Qargo, you will be a key stakeholder in our engineering organization. You'll own security across the full stack, from hardened cloud infrastructure and CI/CD pipelines to application logic and internal compliance.

This is a high-impact, hands-on role where you will act as the technical authority for our defensive strategy. You will work closely with our engineering and product teams to integrate security into every phase of our development, ensuring that as we scale across Europe, our platform remains resilient and trusted by the largest players in the industry., * Security Strategy: Lead and evolve Qargo's security roadmap across infrastructure, applications, and internal ecosystems.

• Engineering Partnership: Partner with development teams to "shift left," embedding security through threat modeling, automated code reviews, and architectural deep-dives.
• Vulnerability Management: Own the end-to-end lifecycle of vulnerability discovery-from automated scanning and prioritization to hands-on remediation.
• Cloud & Infrastructure: Design and maintain a secure, least-privilege cloud architecture (AWS/GCP/Azure), focusing on IAM, network segmentation, and advanced logging.
• Security Tooling: Implement and optimize our security stack, including SIEM, EDR, WAF, and secrets management.
• Incident Response: Drive our incident response capabilities-managing triage, containment, and post-mortem analysis to ensure continuous improvement.
• Platform Hardening: Secure our Kubernetes clusters, container workloads, and deployment pipelines against modern attack vectors.
• Compliance & Audits: Support our ISO 27001 and SOC 2 efforts by building scalable, automated compliance workflows.
• Knowledge Sharing: Create clear security guidelines, runbooks, and playbooks that empower the wider engineering team.

Do you have experience in TCP/IP?, Core Security Knowledge

• Deep understanding of Secure-by-Design principles, defense-in-depth, and the principle of least privilege.
• Extensive experience in threat modeling and security architecture reviews.
• A strong grasp of the OWASP Top 10 and common API/application vulnerabilities.

Technical Skills

• Strong Linux and Networking fundamentals (TCP/IP, DNS, TLS, HTTP/S).
• Hands-on experience securing Public Cloud environments (IAM, VPC, Logging).
• Ability to script and automate (Python, Go, or Bash) to scale security operations and reduce manual toil.

Application and Platform Security

• Proficiency in modern AuthN/AuthZ patterns (OAuth2, OIDC, JWT).
• Experience with Kubernetes and container security (image scanning, runtime policies).
• Familiarity with securing CI/CD pipelines and automated deployment workflows.

Operational and Compliance

• Experience working within security frameworks such as ISO 27001, SOC 2, or NIST.
• A strong mindset for observability, monitoring, and proactive alerting.

Ways of Working

• Pragmatism: The ability to balance robust security with the delivery speed and usability required in a scale-up environment.
• Communication: Skilled at partnering with engineering teams to solve complex problems collaboratively.
• Prioritization: Comfortable navigating technical ambiguity and focusing on high-impact security wins.

What We Offer * Technical Ownership: The authority to shape the security posture of a major European SaaS platform. * Innovation: Work with a modern tech stack in a company that values technical craftsmanship over bureaucracy. * Ghent Tech Hub: Be part of a talented, international engineering team based in the heart of Ghent. * Scale-up Growth: Opportunities to grow professionally as the company expands its footprint across Europe. * Flexible Working: A supportive, hybrid work environment that trusts you to manage your own impact.   You must create an Indeed account before continuing to the company website to apply