Senior Information Security Engineer

Netherlands

Applications have closed

Bitrise Ltd.

Streamline your mobile development process with Bitrise. The Mobile DevOps platform that helps you build, test, and deploy your apps quickly and reliably.

View company page

As a Senior Information Security Engineer, you will be responsible to secure, improve and protect Bitrise data assets and services. You will be mostly working together with R&D, IT, HR and Office teams in order to maintain and improve the state of security at Bitrise. You will understand how Bitrise systems and its security controls work and you will be responsible for improving them. You will also be responsible for incident detection and respond, including setting up and fine-tuning security alerts, vulnerability scanners and other security tools and processes which can help detect and react to incidents more effectively. In this position, you will have a direct impact on the whole company because your decisions will contribute to Bitrise’s success both in the short and long-term.
Bitrise Security Team’s mission is to support and provide a secure environment where Bitrise can achieve its business goals. The team consists of highly skilled security people with a DevSecOps mentality and strong focus on our customers (be it internal or external). We are a small but continuously growing team with new challenges (and company-wide impact) every day.

As a Senior Information Security Engineer at Bitrise you will

  • Increase security: Develop a set of tools, security standards and best practices for the organization and recommend projects to management as needed and implement security enhancements in order to increase the overall security of Bitrise. Develop procedures to respond to and recover from a security breach. Be responsible for educating the workforce on information security through training and building awareness.
  • Implement protections: install and use software, such as firewalls and vulnerability scanners to protect organizations’ sensitive information. Assist the company with installation of new security products and other software (e.g. vuln scanners, WAF, SIEM, MDM).
  • Vulnerability management: perform automated and manual testing for vulnerabilities. Check and evaluate vulnerability reports (e.g. coming from vulnerability scanners, bug bounty reports) and make sure the issue and remediation plan is clearly communicated to the stakeholders.
  • Shift left security: perform threat model exercises, review code and RFCs before implementation
  • Monitor for security breaches: constantly monitor the organization’s networks and systems for security breaches or intrusions. Install software that helps to detect intrusions and watch out for irregular system behavior.
  • Investigate security breaches: if a breach has occurred, lead the incident response activities to minimize the impact. Afterwards, lead a technical and forensic investigation into how the breach happened, the extent of the damage and how to prevent or detect such breach more effectively next time (post-mortem)

Key skills and characteristics

  • Have 4+ years of experience in a similar role (e.g. IT Security Engineer)
  • Security and software development (DevSecOps/SecDevOps) knowledge
  • Cross-team mindset: can resolve dependencies and push Bitrise forward (e.g. by liaising between teams) to achieve bigger goals
  • Fluent English speaking and writing skills
  • Good communication skills (both internally and with customers/prospects)
  • End to end ownership (be able to own security within the company)
  • Strong feedback and continuous learning mindset

What would really knock our socks off

  • Conducted internal penetration tests before
  • Built up a “blue team” before
  • Have OSCP, OSCE, OSWE or similar certification

What we offer

  • A massive amount of freedom and trust while your contributions help shape and grow Bitrise for years to come
  • A commitment to invest in your personal growth and development in the form of courses, conferences, book allowance and more
  • The opportunity to learn about app development by playing a crucial role in the mobile development process for the world’s most successful companies
  • The security of working in a financially stable, growing company with an ever-expanding global customer base
  • A modern, recently renovated office environment optimized for comfort and collaboration, stocked with the latest tech*
  • The opportunity to travel the world to meet, learn from, and connect to end-users at conferences and meetings, as well as the chance to occasionally work from one of our international offices.*

  • * Dear Applicant, please note that due to COVID-19, our team is completely remote (included the interview process) in all locations until we truly feel that working from the office is a super safe and risk-free solution for our colleagues. As our Bitrisers’ health and protection are so important for us the travel opportunities and global in-person team building events are on hold for a while. 
About Bitrise
Bitrise is a continuous integration and delivery platform, built by and for mobile app developers. Our mission? To help everyone build and operate better mobile apps. By streamlining, automating and optimizing recurring mobile development processes, we free up time and resources for creative, interesting and impactful development tasks, resulting in better, faster releases.
As a successful graduate of Y Combinator, we are born of the same DNA as Airbnb, Reddit and Dropbox. Since Bitrise was launched in 2015, we have grown exponentially: Today, tens of thousands of developers release apps via Bitrise, that end up on billions of mobile devices around the world.
Current customers include fortune 500 companies like Virgin or SIXT, and rapidly scaling unicorns like Transferwise, Mozilla and Get Your Guide. Pick up any mobile device, and chances are you’ll encounter multiple apps that were built on Bitrise. Working at Bitrise means contributing to all of that.

Tags: Blue team DevSecOps Firewalls Incident response OSCE OSCP OSWE R&D SIEM Vulnerabilities Vulnerability management

Perks/benefits: Career development Conferences Home office stipend Team events

Region: Europe
Country: Netherlands
Job stats:  8  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.