Lead Security Engineer

We’re looking for a Lead Security Engineer to join our Security team in Helsinki HQ. 

In this role, you will… 

• Be a key player in shaping and executing our comprehensive security strategy
• Lead the charge in protecting our SaaS solutions, internal infrastructure, and data, ensuring compliance with industry standards and regulatory requirements (including SOC 2 Type II, GDPR, and CCPA)
• Work closely with development, operations, and other teams to embed security best practices across the entire software development lifecycle (DevSecOps)

Your day-to-day work and responsibilities include…

Security Architecture & Engineering: Design, implement, and maintain security controls across our SaaS platform and internal infrastructure. This includes automating vulnerability and threat detection (SAST, SCA, IAC, container image analysis), ensuring robust audit logging via SIEM, implementing and managing IAM policies, and proactively identifying and mitigating security risks.

Compliance & Governance:  Lead and manage our security and compliance programs, ensuring adherence to industry best practices and regulatory requirements (SOC 2 Type II, GDPR, CCPA, etc.). Work closely with external auditors and internal teams to streamline audits and ensure timely completion.

Threat Response & Incident Management: Develop and improve incident response plans and processes. Lead investigations and remediation efforts for security incidents, ensuring timely resolution and minimizing impact.

Team Leadership & Mentorship: Guide and mentor junior security engineers, fostering their professional development and technical skills.
Collaboration & Communication: Collaborate closely with development and operations teams to integrate security into the Software Development Life Cycle (DevSecOps). Effectively communicate security risks and solutions to technical and non-technical stakeholders, including customers and executive leadership.

Security Assessments & Procurement: Conduct thorough security reviews as part of the procurement process. Represent Supermetrics' security posture in pre-sales discussions with prospective clients.

Security Culture: Champion a security-first culture, embedding security principles into all aspects of our operations and product development.

This position is for you if you have…

• 5+ years of experience in information security, with a focus on SaaS or cloud environments (AWS or GCP preferred).
• Proven experience in applying and managing security frameworks such as OWASP Top 10, SANS Top 25, and CIS Benchmarks. Familiarity with risk assessment and remediation methodologies is essential.
• Expertise in securing Kubernetes clusters in complex, multi-cloud environments (a significant plus).
• Strong experience with Identity and Access Management (IAM) and threat modeling.
• Hands-on experience with SIEM and other security tools.
• Software development experience, including proficiency in at least one high-level programming language (e.g., Python, Go) and a deep understanding of secure coding practices, is required. Experience reviewing and improving source code is also required.
• Proven track record of managing compliance projects, particularly related to SOC 2 or similar frameworks.
• Excellent communication, leadership, and interpersonal skills. Ability to effectively communicate complex technical information to both technical and non-technical audiences.
  
• A passion for fostering a strong security culture throughout the organization

Bonus points...

• Experience with container security technologies.
• Relevant security certifications (e.g., CISSP, CISM, etc.).
  

Benefits we offer…

• Competitive compensation package, including equity 
• Excellent work equipment, and home office allowance for those working in our fully remote locations
• Health care benefit and leisure time insurance
• Annual 1000 euros of personal learning budget
• Sports and wellbeing allowance

Benefits may vary depending on location. You’ll find more information at supermetrics.com/careers#benefits. 

Hear why our team likes it here at supermetrics.com/careers/life-at-supermetrics.

Get to know our Engineering team at supermetrics.com/careers/engineering.

#LI-Remote #LI-Hybrid

Join us on our mission to make data a marketing superpower

Supermetrics is a frontrunner in data integration technology, with 15% of global advertising spend reported through our products. 

Our technology streamlines marketing data for over 200,000 businesses through a network of agencies and customers like Shopify, HubSpot, and Nestlé. We help marketers master their data and turn it into insights that improve business results and predict the best next step. Since our founding in 2013, we've grown profitably to reach 750K+ users and over 50M€ in annual recurring revenue.

We're a team of 360+ growth-minded people from diverse backgrounds. Together, we make a multicultural, resourceful, and collaborative team.

Supermetrics operates on trust, transparency, and a keen customer focus. Forward-looking and action-oriented, we work hard to be the leader in our industry. As team players, we help each other and win together.

We're hiring for a diverse, competent, and collaborative team and building an inclusive workplace where everyone is treated fairly and respectfully.

It all started with a Google t-shirt... Read the rest of our growth story at supermetrics.com/about.