Senior Security Engineer

Overview

Pwrteams are seeking a Senior Security Engineer to join the Security Platform team, which owns and maintains a unified and overarching CDN & WAF capability at TUI for our digital services. You will be working alongside the Security Practice team which provides solutions, consultancy, education and guidance across the Product & Engagement area. The team’s focus is to drive forward maturity in developing secure software components and products.

This a great opportunity to join a team of innovative and passionate people, working with other practice teams who are driving the development, operation and ongoing evolution of a new global cloud-based e-commerce platform, a fundamental and strategic element of our digital transformation.

The Senior Security Engineer is a practitioner and an advocate of state-of-the-art secure coding, secure design and security automation practices with a broad toolkit of technologies and methods and with a strong DevSecOps mindset, being able to tackle the whole software development cycle of designing, building, testing and deploying applications. Working in an agile environment and keeping up with the ever-evolving technical landscape the Senior Security Engineer is a lifelong learner and likes to think outside the box.

About TUI GroupTUI is a global business with over 70,000 employees and a legacy of excellence in the travel industry. We operate travel agencies, hotels, airlines, cruise ships, and retail shops around the world, all united by our goal to deliver exceptional travel experiences. TUI is focused on building a digital future, embracing new technologies and solutions that will shape the next generation of travel.

Responsibilities

• You will use your deep technical skills to create software products that are secure by default and work collaboratively with software engineers, cloud engineers and architects to ensure information security is considered throughout the design and implementation of software products and services. 
• You stay up to date with TUI group practices and foster a “security first” mindset. You work alongside engineering teams to understand the threat landscape, business requirements and to describe security risks and goals. 
• You provide your team with tooling and automation to identify possible threats and vulnerabilities before they are promoted to production, thereby helping them to protect our customers’ data.
• You tackle the whole cycle of designing, building, testing and deploying software artefacts.
• You take an engineering approach to solving security problems, selecting and guiding teams to use the right tools for the right jobs and thus solve the given business and technical problems in an efficient way.
• You show a commercial mentality, focusing on solving business problems in the best way.
• You are able to verbalise your thoughts and ideas and take the initiative to translate ideas into outcomes.
• You will research, evaluate and test new approaches, processes and tools and help teams to use them effectively. 
• You are well-connected across the domain, within the broader TUI community and relevant Communities of Practice.
• You are responsible for the operation and constant security optimisation and adoption of TUI’s Web Application Firewall infrastructure. Furthermore, you work with global teams in the organisation to enhance their security posture.
• You love to learn and acquire new skills and keep up to date with latest developments in your focus areas

Qualifications

• Proficient experience in working with CDN and WAF solutions like Akamai or Cloudflare 
• Advanced experience in designing secure, highly available, distributed applications in an Amazon Web Services (AWS) environment 
• Ability to understand and analyse complex security events as well as adjust the resulting ongoing security profiles 
• Experience in defining, planning, implementing, maintaining, and upgrading security measures, guardrails and controls for WAF and CDN 
• Familiar with information security standards & practices and their practical implications 
• Experienced in securing APIs 
• Deep automation skills, hands-on with some programming languages such as Python 
• Advanced experience with CI/CD, preferably Gitlab CI 
• Being customer centric, passionate about delivering great digital products and services 
• Passionate about continuous improvement, collaboration and great teams  
• Strong problem-solving skills coupled with good communication skills  
• Understanding of social and ethical implications of software engineering 
• Open minded, inquisitive, life-long learner  
• Comfortable with ambiguity, highly autonomous  

Pwrteams offers:

• Benefit Café with various categories like sport, leisure, books, etc
• Family-like environment and personal attention to each specialist
• Interesting projects with innovative products
• Competitive salary and regular reviews
• The work-life balance you deserve. Flexible working hours
• Educational support, funded language classes
• Luxmed private healthcare packages
• Cozy workplace. Fresh fruits Mondays. WFH opportunities
• Exciting events

In your resume please allow our company to use your personal data

Pwrteams is a pioneering force in connecting individuals across tech projects, harnessing their combined strengths to drive innovation. Since 2007, we have been in the vanguard of assembling cross-border IT and engineering teams strategically positioned within Eastern Europe’s dynamic tech ecosystems to cater to the global business landscape.  We're at the forefront of travel, media and fintech innovation, healthcare efficiency enhancements, and others. Our goal? To make a meaningful difference worldwide. Become a part of our distinguished team and discover your potential to pioneer transformative solutions for tomorrow!  

*Following the applicable legal regulations, particularly Directive (EU) 2019/1937 of the European Parliament and of the Council on the protection of persons reporting breaches of Union law and its implementation into Polish law under the Act of December 4, 2021, on the Protection of Persons Reporting Breaches of Law (Journal of Laws 2021, item 2105), including Articles 4-6 governing whistleblower protection and reporting procedures, the company has implemented a Whistleblower Support Policy, ensuring anonymity, protection, and support for individuals reporting irregularities.

#PwrteamsCareers