Security Engineer

As a Security Engineer, you'll join our Security function and work closely with Platform Engineers, development teams, Legal, IT, Trust & Safety teams to ensure the protection of our platform, our users, and their data. You'll help build and maintain a strong security foundation across our systems - including our emerging use of AI - making security a natural part of how we design, build, and operate at scale.

In this role, you'll operate in a highly collaborative, engineering-driven environment where security is a shared responsibility. You'll combine hands-on technical work with cross-functional partnership, enabling secure product development, guiding teams through best practices, and helping Catawiki maintain user trust while continuing to grow securely and responsibly in an AI-enhanced environment.

What You'll Do

• Identify, assess, and remediate security vulnerabilities across applications, infrastructure, internal services, and AI/ML pipelines.
• Conduct secure code reviews, threat modeling, and security assessments for new features, architectural changes and legacy components.
• Implement and maintain secure storage mechanisms, encryption practices, secrets management, and key management solutions.
• Define, document, and enforce security policies, standards, and best practices throughout the software development lifecycle (SDLC), including AI-related data handling and model governance.
• Collaborate closely with Platform Engineers to integrate security into CI/CD pipelines, infrastructure-as-code, runtime environments.
• Work with Legal, IT, Trust & Safety teams to ensure compliance, support investigations, manage security requirements.
• Participate in incident response - investigate security events, triage issues, support remediation, and strengthen preventive controls.
• Raise security awareness across the company by providing guidance, training, and proactive support for secure development, AI safety, and system design.
• Contribute to long-term security strategy by evaluating emerging threats - including those involving AI - identifying opportunities for automation, and recommending new tools or processes.

• You have development experience in Ruby, Python, or a similar language, and you're comfortable reviewing and contributing to backend codebases.
• You bring 3+ years of hands-on security engineering experience, ideally in a cloud-based or high-traffic environment.
• You understand application, infrastructure, and AI/ML security principles, and you can navigate risk within data pipelines and model-driven systems.
• You have strong knowledge of secure coding practices and common vulnerabilities (OWASP, SANS) across both traditional and AI-enabled services.
• You're experienced with secure code reviews, threat modeling, and designing practical and scalable mitigations.
• You have a solid understanding of cryptography, encryption, key management, secrets handling, and secure data storage.
• You're familiar with integrating security into modern SDLC practices - including pipelines, IaC, cloud-native environments, and emerging AI workflows.
• You communicate clearly and collaborate effectively with engineering and non-engineering teams.
• You're proactive, curious, and comfortable driving initiatives that strengthen our long-term security posture.

At Catawiki, every day brings the extraordinary! Whether it's Daniel Ricciardo's Formula 1 Car, a Woolly Mammoth's Skeleton, Lady Gaga's Jumpsuit or Usain Bolt's running shoe, we encounter exceptional objects every day. We're a one-of-a-kind marketplace for buying and selling special objects! Each week we offer over 110,000 unique items in auction, carefully curated by our passionate in-house experts. As a growing, diverse and sustainable scale-up, we proudly live by our core values: * Taking ownership and driving impact * Being open to change and feedback * Being passionate about our mission and our customers., * Celebrate Life's Moments with us at Catawiki. When you join us, you'll receive a €100 Catavoucher, and on each birthday, you'll get a €50 Catavoucher to celebrate. Enjoy an extra day off each year to "Pursue Your Passion". We also recognise significant work anniversaries (3, 5, 8, 10 years) with additional time off, plus extra leave for life's big moments like marriage, engagements, or moving house. Our Offices and Way of Working Our vibrant offices in Amsterdam, Paris and Lisbon are designed to inspire and connect. Most Catawikians are within commuting distance of one of our offices and enjoy the flexibility of a hybrid work model. That said, some roles may be an exception: if the job description states that the position is fully remote or 100% office-based, that arrangement will apply instead. Catawiki Catawiki is the leading online marketplace to buy and sell special objects. Over 75,000 objects are offered in auction every week - each reviewed and selected by one of Catawiki's hundreds of in-house experts specialised in Art, Design, Jewellery, Fashion, Classic Cars, Collectables and much more. Catawiki is headquartered in Amsterdam with over 750 employees across the world. Fulfil your passion on catawiki.com or download the app. Other Amsterdam Active in 7 countries 745 employees 60% men - 40% women Average age is 31 years