Senior Product Security Engineer

Belgrade, Vojvodina, Serbia

Apply now Apply later

Come on board with Neo Group! Here's your chance to stir things up in the scene with us. We're not just expanding; we're revolutionizing the entire game, mastering profitability with every new venture. But you know what truly fuels our drive? It's people like you.

Neo Group is on the lookout for a Senior Product Security Engineer to join our Engineering Team.

Responsibilities:

  • Provide expert security guidance throughout all phases of the Software Development Life Cycle (SDLC) to product development teams and business leaders.
  • Lead secure SDLC initiatives, including reviewing system architectures, supporting automated security tools, and conducting threat modeling and penetration testing.
  • Manage the Vulnerability Management process: identify, triage, and oversee the resolution of security vulnerabilities.
  • Design, build, automate, and maintain a suite of internal security tools to support ongoing security operations.
  • Perform technical security reviews and analyses of proposed technical solutions to determine security impact and recommend security controls.
  • Conduct independent internal reviews of security controls and information systems to ensure compliance with established policies and best practices.
  • Provide clear and detailed overviews of the audit process, executing cybersecurity audits across various company departments.
  • Write comprehensive reports for stakeholders, explaining security processes and recommendations in accessible language.
  • Develop and monitor key security metrics to assess the effectiveness of security measures implemented.

Requirements

  • Proven experience in conducting penetration testing and scoping security tests for various services.
  • Hands-on experience facilitating threat modeling sessions with engineering and product teams.
  • Knowledge of selecting, implementing, and maintaining advanced security products and services.
  • Proficiency in automation scripting with popular languages such as Python, PowerShell, Ruby, or similar.
  • Solid understanding of cryptography, authentication, and authorization protocols.
  • Experience in managing security incidents, including developing incident response strategies, conducting post-mortem analysis, and implementing preventative measures.
  • Strong collaboration and communication skills, capable of explaining complex security issues to non-technical stakeholders.
  • Commitment to continuous professional development in the cybersecurity field.

Desirable Skills:

  • Problem-solving aptitude and ability to adapt to rapidly changing technology landscapes.
  • Team-oriented mindset with strong interpersonal skills to foster collaboration across various departments.
  • Familiarity with key security standards and regulatory requirements (e.g., ISO 27001, NIST frameworks, GDPR, HIPAA) relevant to the industry.

Benefits

  • Recharge your batteries with 20 paid working vacation days annually to explore, relax, and rejuvenate.
  • Kick off your birthday month with a bang! Not only do you get heartfelt birthday wishes from your team, but you also enjoy a fully-paid day off. 
  • Prioritize your health with compensation for wellness activities. 
  • Experience an international work environment with a passionate, motivated, and professional team.
  • Foster camaraderie and celebrate achievements through engaging in corporate events throughout the year.
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  1  1  0

Tags: Audits Automation Compliance Cryptography GDPR HIPAA Incident response ISO 27001 NIST NIST Frameworks Pentesting PowerShell Product security Python Ruby Scripting SDLC Vulnerabilities Vulnerability management

Perks/benefits: Health care Team events Wellness

Region: Europe
Country: Serbia

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.