Security Engineer (Europe-based, remote)

Sherpany is the Swiss market leader for meeting management software. Since its founding in 2011, it has pursued the goal of creating a world in which every meeting counts. Over 400 European companies and 12,000 decision-makers are already using Sherpany with the aim of making their business relevant meetings more productive and thereby increasing corporate success. With headquarters in Zurich and 130 Sherpanees from 27 different nationalities, we are an international company with a flat hierarchy, in which you can take lot of responsibility and your ideas are always welcome.

Your mission:

As a Security Engineer you will be a vital link between the security team and Sherpany's Product and Tech Teams, ensuring security is deeply integrated into company/product processes and technologies. You will join a security team that constantly pushes maturity boundaries and that thrives in pursuing excellence. Your main responsibility is to ensure (1) that Sherpany consistently builds secure technologies by providing impactful security engineering support and (2) that Sherpany maintains safety and resilience by driving consistent security improvements to key company processes and technologies

What we will love about you:

• Experience in threat modelling using common frameworks like STRIDE, PASTA, LINDDUN etc. Experience with threat modelling LLM AI solutions a plus
• Experience managing either penetration testing or vulnerability management programs
• Ability to work with Google Looker Studio
• Proven ownership of technical cybersecurity topics and ability to become a trusted partner with technical teams, being able to influence or advise technical stakeholders
• Fluency in English (spoken, written)
• Nice to have:
  • Ability to write scripts using Python a plus
  • You speak and understand German at a native or “expert” level"

How you can imagine us:

• You will be part of an international company with a flat hierarchy, in which you can take lot of responsibility and your ideas are always welcome
• In order to maintain your work-life balance we offer flexible working hours and remote-workin
  
• Your personal and professional development is important to us which is why we offer financial support for further education, trainings etc.
• Last but not least: Our corporate culture means a lot to us which is why we organize regular team events and cultivate a value-driven cooperation

Recruiting process:

1. Interview with our Talent Acquisition Specialist
2. Interview with our CISO
3. Final interview: Meet our VP Engineering
4. Job offer

Milestones
1-3 months

• Understand Sherpany vulnerability management and penetration testing services
• Understand Sherpany security issue triaging process
• Understand Sherpany as a product and technology, the Product Team organization, how we work inside and with other departments.
• Understand our Infrastructure and get familiar with our repositories and key services of the application.
• Become familiar with packaging and deploying process for both: application as well as IaC.
• Schedule coffee chats with Sherpybuddy, security team members, tech leads and product managers

3-6 months:

• Develop a catalogue to track ongoing projects requiring threat modelling within the company
• Develop a roadmap to coordinate the execution of reactive threat modelling activities
• Own vulnerability and pentest management sections of the weekly security meeting

6+ months

• Develop a 2026 roadmap for the improvement of security engineering services (covering vulnerability management, penetration testing and threat modelling)
• Design and implement Sherpany’s new and evolved threat modelling process
• Take over ownership of vulnerability management and penetration testing services

Are you ready for the challenge? 🚀 We look forward to receiving your application!