Security Engineer (DevSecOps / Code Security)

We are seeking a highly skilled Security Engineer with strong software engineering foundations and expertise in application security, DevSecOps, and cloud-native security. This role is ideal for someone who understands modern engineering workflows and can partner closely with software engineering, platform, and DevOps teams to embed security into the software development lifecycle. You will play a key role in securing applications, improving developer security practices, supporting Kubernetes and AWS environments, and helping Owkin scale secure engineering practices across its AI-driven platform., * Conduct in-depth application security assessments and secure code reviews across frontend and backend systems

• Partner with engineering teams to remediate vulnerabilities and improve secure coding standards
• Review and secure Git-based development workflows and branching strategies
• Integrate security controls into CI/CD pipelines in GitHub and DevSecOps processes
• Support cloud-native security initiatives across Kubernetes and AWS environments
• Use modern application security tooling, including Wiz Code, to identify and prioritise risks
• Develop automation and tooling using Python to support security operations and engineering workflows
• Advise developers on secure architecture, threat modelling, and security best practices
• Collaborate with DevOps, Platform Engineering, and Software Engineering teams to improve overall security posture
• Assist with vulnerability management, risk assessment, and remediation tracking
• Contribute to security standards, policies, and developer enablement initiatives
• On-call rotation for Wiz alerts (paid at an additional rate)

Do you have experience in Terraform?, * Strong frontend and backend software engineering experience

• Expert-level knowledge of Git and modern version control workflows
• Hands-on application security experience in modern engineering environments
• Experience performing manual and automated secure code reviews
• Strong understanding of CI/CD pipelines and DevSecOps principles
• Practical experience with Kubernetes security and containerised environments
• Strong AWS cloud security knowledge
• Knowledge of OWASP Top 10, secure coding practices, and vulnerability remediation
• Ability to communicate effectively with developers and engineering leadership
• Collaborative and pragmatic approach to security

Preferred qualifications/bonus:

• Experience with Wiz Code or similar application security tooling
• Familiarity with Infrastructure as Code tools such as Terraform or CloudFormation
• Knowledge of container security and Kubernetes hardening
• Experience integrating security tooling into developer workflows
• Relevant certifications such as AWS Security Specialty or Kubernetes Security certifications, would be a bonus
• French-speaking would be a bonus, but not essential, * Flexible work organization
• Friendly and informal working environment
• Opportunity to work with an international team with high technical and scientific backgrounds

Owkin is an AI company on a mission to solve the complexity of biology. It is building the first Biology Super Intelligence (BASI) by combining powerful biological large language models, multimodal patient data, and agentic software. At the heart of this system is Owkin K, an AI copilot and its new LLM fine-tuned on biology called Owkin Zero, used by researchers, clinicians, and drug developers to better understand biology, validate scientific hypotheses, and deliver better diagnostics and therapies faster., * Owkin is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, sex, gender, sexual orientation, age, color, religion, national origin, protected veteran status or on the basis of disability. * Owkin is a great place to work. As a coveted workplace we are, unfortunately, vulnerable to recruitment phishing scams. We urge all job seekers and candidates to be wary of potential scams. Most of these have individuals posing as representatives of prominent companies, including Owkin, with the aim of obtaining personal, sensitive, or financial information from applicants. These scams prey upon an individual's desire to obtain a job and can sometimes "feel" like a genuine recruitment process. Some red flags are identified below. Should you encounter a recruitment process that claims to be for Owkin but is not consistent with the below, please do not provide any personal or financial information: * Legitimate Owkin recruitment processes include communication with candidates through recognized professional networks, such as LinkedIn. * Communication is always through an official Owkin email address (from the @owkin.com domain), over the phone or through our applicant tracking system (Greenhouse). * The Owkin talent team do use platforms such as LinkedIn and Job Teaser, however if you have any concern or doubt about this contact, please ask for them to send an email from @Owkin.com. * The Owkin talent team will not solicit personal data from candidates during the application phase including, but not limited to, date of birth, social security numbers, or bank account information; * Legitimate Owkin interviews may be conducted over the phone, in person, or via an approved enterprise videoconferencing service (Google Meets). They will not occur via Signal, Telegram or Messenger * Owkin offers of employment are based on merit and only extended once a candidate has interviewed with members of the talent and hiring team. Offers will be extended both verbally and in written format.