Software Security Engineer

We are looking for an experienced Security Engineer to join our Digital Research & Innovation organization and help embed security from the design phase across SICPA's digital products worldwide.You will play a global, transversal role, working closely with development and DevOps teams to identify vulnerabilities early, streamline security practices, and integrate security controls into modern cloud-native environments., * Shift security left by addressing security early in the design and development process

• Automate and maintain security checks within CI/CD pipelines
• Reduce vulnerabilities before deployment
• Ensure compliance with security regulations and standards
• Promote collaboration between development, security, and operations teams worldwide

KEY RESPONSABILITIES

• Define and review security requirements and architectural designs across application, infrastructure, and network layers
• Provide security support during design and development phases of digital products
• Develop, maintain, and improve security and vulnerability scanning tools integrated into build pipelines
• Perform security reviews of pull requests, analyze vulnerabilities, and support remediation actions
• Execute preliminary audits, document findings, and contribute to risk mitigation strategies
• Identify vulnerabilities in applications and cloud-native environments, including Kubernetes / OpenShift platforms and public cloud (AWS)
• Support secure deployment in public cloud environments
• Monitor industry security trends and assess potential impacts on products
• Contribute to quarterly planning and long-term security improvement roadmaps
• Provide visibility on the security level per product and team
• Collaborate actively with global security teams across departments and regions
• Report security incidents and escalate issues when required
• When relevant, organise security workshops for technical teams

• University degree in Computer Science, Engineering, or equivalent
• 5+ years of experience in security engineering, application security, or secure software architecture
• Experience in application security testing tools (e.g. SonarQube is a plus)
• Experience in penetration testing or offensive security
• Software development experience, preferably in Java, JavaScript, and Python
• Experience with automation and infrastructure-as-code tools (Ansible, Terraform) is a plus
• Knowledge of Kubernetes / OpenShift is a strong advantage
• Knowledge of AWS security is a strong advantage
• Security certifications (OSCP, CEH, CISA) are a plus
• Strong communication and analytical skills in a global, cross-functional environment
• Fluent in English; French is an asset

• Respectful entrepreneurship and a long-term vision are key for success
• Our people contribute to a more secure world
• Diversity at all levels of an organisation is a strengths

We offer an exciting and challenging role, with great potential for personal development within a unique organization in a fascinating industry. Your file will be handled with upmost confidentiality and discretion.