Security Engineer

Do you want to play a crucial role in securing modern cloud and application platforms? Do you have technical expertise in Microsoft Azure and OutSystems, and do you enjoy helping developers and IT administrators become more security-aware? Then this Security Engineer position at Truston is perfect for you!

What will you do at Truston?
As a Security Engineer at Truston, you will be responsible for the technical security of our IT environments and applications. You will work on securing our cloud environment in Microsoft Azure and ensure that our OutSystems applications meet the highest security standards. Additionally, you will train and guide developers and IT administrators to structurally improve security and integrate it into their daily work.

Your tasks and responsibilities:

• Managing and optimizing security measures within Microsoft Azure and OutSystems.

• Implementing and maintaining security policies, such as Zero Trust, Identity, and Network Security.

• Monitoring and analyzing security incidents and actively working on resolving vulnerabilities.

• Setting up and conducting security audits and penetration tests on applications and infrastructure.

• Advising and training developers and IT administrators in secure coding practices and security best practices.

• Securing CI/CD pipelines within Azure DevOps, including security testing and vulnerability scanning.

• Managing and implementing compliance and security standards, such as ISO 27001.

• Identifying and resolving security risks in APIs, databases, and cloud services.

You have a direct (functional) reporting line to the IG&H CISO.

Requirements

What do we expect from you?

We are looking for a technically skilled security engineer with a passion for cybersecurity and a talent for raising awareness of security risks and best practices.

Additionally, we expect you to meet the following requirements:

• Bachelor’s or Master’s degree (or equivalent experience), preferably in an IT or security-related field.

• At least 3-5 years of experience in a technical security role, preferably within a Microsoft Azure environment.

• In-depth knowledge of Microsoft Azure Security Services, such as Azure Security Center, Defender for Cloud, Sentinel, Privileged Identity Management (PIM), and Azure Key Vault.

• Experience with OutSystems Security is a plus, including encryption, secure API integrations, and role-based access control (RBAC).

• Familiarity with security frameworks, such as ISO 27001.

• Experience with Identity & Access Management (IAM), Multi-Factor Authentication (MFA), and Privileged Access Management (PAM).

• Knowledge of secure coding principles, including DevSecOps processes.

• Experience with security monitoring and incident response, including SIEM solutions such as Microsoft Sentinel.

• Experience with scripting and automation (e.g., PowerShell, Python, Terraform).

• Experience with penetration testing and vulnerability assessments is a plus.

• Strong communication skills to share security knowledge with developers and IT administrators.

What do we offer you?

• A challenging and entrepreneurial work environment with plenty of room for initiative.

• Work with the latest security technologies within Microsoft Azure and OutSystems.

• A crucial role in improving security awareness and processes within the organization.

• Working for various clients while maintaining the stability and team spirit of a fixed team.

• A competitive compensation package, depending on your knowledge and experience.

• 25 vacation days and plenty of flexibility to organize your workweek for an optimal work-life balance.

• An excellent remote work policy and infrastructure.

• An informal, dynamic company culture with ample room for personal growth and role development.

Interested?
At Truston you will have the opportunity to play a crucial role in the further development and management of advanced platforms within the pension market. Are you the security expert we are looking for, and do you want to play a key role in strengthening the security of our systems and employees?