Senior Information Security Engineer


Full Time Senior-level / Expert
Bitrise Ltd. logo

Bitrise Ltd.

Continuous integration and delivery built for mobile: Automate iOS and Android builds, testing and deployment from your first install to the one millionth.

View all employer listings

Apply now Apply later

As a Senior Information Security Engineer, you will be responsible to secure, improve and protect Bitrise data assets and services. You will be mostly working together with R&D, IT, HR and Office teams in order to maintain and improve the state of security at Bitrise. You will understand how Bitrise systems and its security controls work and you will be responsible for improving them. You will also be responsible for incident detection and respond, including setting up and fine-tuning security alerts, vulnerability scanners and other security tools and processes which can help detect and react to incidents more effectively. In this position, you will have a direct impact on the whole company because your decisions will contribute to Bitrise’s success both in the short and long-term.
Bitrise Security Team’s mission is to support and provide a secure environment where Bitrise can achieve its business goals. The team consists of highly skilled security people with a DevSecOps mentality and strong focus on our customers (be it internal or external). We are a small but continuously growing team with new challenges (and company-wide impact) every day.

As a Senior Information Security Engineer at Bitrise you will

  • Increase security: Develop a set of tools, security standards and best practices for the organization and recommend projects to management as needed and implement security enhancements in order to increase the overall security of Bitrise. Develop procedures to respond to and recover from a security breach. Be responsible for educating the workforce on information security through training and building awareness
  • Implement protections: install and use software, such as firewalls and vulnerability scanners to protect organizations’ sensitive information. Assist the company with installation of new security products and other software (e.g. vuln scanners, WAF, SIEM, MDM)
  • Vulnerability management: perform automated and manual testing for vulnerabilities. Check and evaluate vulnerability reports (e.g. coming from vulnerability scanners, bug bounty reports) and make sure the issue and remediation plan is clearly communicated to the stakeholders
  • Shift left security: perform threat model exercises, review code and RFCs before implementation
  • Monitor for security breaches: constantly monitor the organization’s networks and systems for security breaches or intrusions. Install software that helps to detect intrusions and watch out for irregular system behavior
  • Investigate security breaches: if a breach has occurred, lead the incident response activities to minimize the impact. Afterwards, lead a technical and forensic investigation into how the breach happened, the extent of the damage and how to prevent or detect such breach more effectively next time (post-mortem)

Key skills and characteristics

  • Have 4+ years of experience in a similar role (e.g. IT Security Engineer)
  • Security and software development (DevSecOps/SecDevOps) knowledge
  • Cross-team mindset: can resolve dependencies and push Bitrise forward (e.g. by liaising between teams) to achieve bigger goals
  • Fluent English speaking and writing skills
  • Good communication skills (both internally and with customers/prospects)
  • End to end ownership (be able to own security within the company)
  • Strong feedback and continuous learning mindset

What would really knock our socks off

  • Conducted internal penetration tests before
  • Built up a “blue team” before
  • Have OSCP, OSCE, OSWE or similar certification

What we offer

  • Accelerated learning, and a commitment to invest in your personal growth and development in the form of courses, conferences, book allowance and more
  • A massive amount of freedom and trust while your contributions help shape and grow Bitrise for years to come
  • The opportunity to play a role in the mobile development process for the world’s most successful companies
  • The security of working in a financially stable, growing company with an ever-expanding global customer base
  • The opportunity to travel the world to meet, learn from, and connect to end-users at conferences and meetings, as well as the chance to occasionally work from one of our international offices
About Bitrise
Bitrise is a mobile DevOps platform and a mobile CI/CD service. It’s where tens of thousands of mobile teams build, test and deploy their apps, including companies such as Transferwise (now “WISE”), Virgin Mobile, Grindr, Tonal, Compass, Mozilla, Philips Hue, Babbel and others. With customers ranging from startups and mobile unicorns to centuries-old enterprises, applications built, tested, and deployed through Bitrise have made their way to billions of end users around the world. Chances are, you have at least some of those apps on your phone right now. We’re proud Y-combinator alumni.
Job region(s): Europe
Job stats:  7  0  0
  • Share this job via
  • or

Explore more Information Security career opportunities