Security Engineer (Infrastructure & Networks)

At Bumble the security of our customers is a top priority. As a Security Engineer, you will be mission focused on designing and implementing security controls across our enterprise infrastructure (on-prem and cloud environments, collaborating with engineers across security and SRE to ensure security is embedded into our processes.

What you'll do:

• Design and implement security controls across enterprise infrastructure (on-prem and cloud) environments to protect Bumble without impacting the organisation’s ability to innovate.
• Collaborate with SRE to embed security best practices and enforce security across the enterprise.
• Conduct risk assessments and threat modelling exercises to identify potential vulnerabilities and prioritise security measures based on impact.
• Collaborate with engineers across the function to ensure security is embedded into their processes.
• Identify and prioritise risks, driving remediation efforts and offering mitigation strategies to engineering teams.
• Work on call within the security operations team, triaging and solving security incidents with your peers.
• Work on a rota across the security operations function to upskill in other areas such as incident response and threat detection.
• Train engineering teams in secure practices and promote a security-first mindset across the organisation.
• Keep up with the latest security trends and technologies, updating practices as needed to address evolving risks.

Required Experience & Skills

• Expert level knowledge and experience securing enterprise linux environments on premise
• Strong foundational knowledge in enterprise security controls, ideally with experience in scripting to automate repeatable workflows to improve productivity.
• Proven track record of integrating security practices with an infrastructure/SRE team, including upskilling peer teams through education.
• Demonstrated expertise in identifying, analysing, and prioritising risks, as well as working closely with engineering teams on remediation.
• Ability to effectively communicate security concepts to non-security stakeholders and collaborate with cross-functional teams to drive security initiatives.

Experience with any of the following is a big plus:

• On-premise heavy infrastructure with exposure to cloud environments in hybrid infrastructure models.
• Detailed understanding of zero trust architecture models and experience in implementation of ZTNA. 
• Working with colleagues across geographic locations and sharing security best practices through presentations and lunch and learn sessions.