CrawlJobs Logo
SmartRecruiters Logo SmartRecruiters · IT - Administration

Senior Information Security Engineer

Poland · Job Posted June 29, 2026
Apply Position
Job Link Share

Job Description

SmartRecruiters is looking for a Senior Information Security Engineer to join the Governance, Risk & Compliance (GRC) team. This role is critical to ensuring that SmartRecruiters' applications, systems, and processes remain compliant with industry standards and regulatory requirements, including ISO 27001, ISO 22301, ISO 42001, SOC 2 Type II, Cyber Essentials, GDPR, and the EU AI Act. The successful candidate will combine strong GRC expertise with a technical, engineering mindset - someone who can drive compliance programmes across multiple frameworks while also stepping into complex technical topics such as business continuity, AI security, and cloud compliance. Critically, this is not a purely audit-focused role; we need someone who can dig into technical details, assess security architectures, support forensic investigations, build automation to replace manual processes, and provide hands-on guidance to engineering and security teams. A core part of this role is identifying opportunities to engineer scalable, repeatable solutions, from compliance evidence collection to policy enforcement, rather than relying on manual effort.

Job Responsibility

  • Identify manual, repetitive GRC processes and design automation blueprints to streamline them, including evidence collection, control monitoring, access reviews, policy enforcement checks, and compliance reporting
  • Build and maintain automated workflows using compliance platforms, scripting, or integration tools to reduce manual effort and improve audit-readiness
  • Develop reusable templates, playbooks, and standardised blueprints for recurring GRC activities (e.g., vendor assessments, internal audits, risk reviews) to ensure consistency and scalability
  • Collaborate with engineering and IT teams to integrate security and compliance checks into existing toolchains and CI/CD pipelines where applicable
  • Continuously evaluate and improve GRC tooling, data flows, and reporting to drive operational efficiency across the team
  • Manage stakeholder expectations and partner with internal teams to ensure effective management of IT risks and compliance obligations
  • Maintain regional and local stakeholder relationships, meeting schedules, minutes, and reports
  • Support the maintenance of the SOC 2 Type II framework, including evidence collection, control testing coordination, and audit support
  • Effectively manage ISO 27001 and ISO 22301 audit lifecycles and coordinate with stakeholders on ISMS and BCMS improvements
  • Support the maintenance and continuous improvement of the ISO 42001 (AI Management System) framework in alignment with the EU AI Act
  • Support vendor risk management activities, including third-party security assessments and due diligence reviews
  • Serve as a subject matter expert or key contributor for the Business Continuity Management System (BCMS), supporting the strategy, framework, and audit programme under ISO 22301
  • Support Business Impact Analysis (BIA), BCP/DRP development, recovery exercises, and continuity metrics management
  • Support AI security and compliance activities, including the assessment of AI-related risks, alignment with ISO 42001 controls, and regulatory readiness under the EU AI Act
  • Collaborate with product and engineering teams to evaluate security controls for AI/ML features and services

Requirements

  • 5+ years of experience in information security, governance, risk, and/or compliance roles with a technical orientation
  • Demonstrated compliance or auditing experience with at least one major framework
  • Solid understanding of controls auditing principles and evidence management
  • Knowledge of risk management methodologies and experience conducting or supporting risk assessments
  • Ability to manage and deliver on multiple complex projects simultaneously, with minimal supervision
  • The ability to investigate, question, and interpret internal and external IT security and compliance issues at both a governance and technical level
  • A strong understanding of technology, cloud-based products, and SaaS environments
  • Experience working across business units and geographical boundaries to engage engineering, business, and operational teams
  • Experience with ISO 27001
  • Excellent written and verbal communication skills in English

Nice to have

  • Professional certifications such as CISA, CRISC, CISM, CISSP, CCSK, CCSP, or equivalent
  • Experience with ISO 9001, 27017, and 27018
  • Experience with ISO 22301 (Business Continuity), including BIA, BCP/DRP, and recovery testing
  • Experience with BSI C5 (Cloud Computing Compliance Criteria Catalogue) or similar cloud-specific compliance frameworks
  • Knowledge of AI security principles, experience with ISO 42001, or familiarity with the EU AI Act and its technical requirements
  • Technical understanding of cloud infrastructure (AWS preferred), networking fundamentals, identity management, and SaaS security architectures
  • Experience with enterprise risk management frameworks and tools
  • Understanding of threat modelling methodologies and secure development lifecycle (SDLC) principles
  • Hands-on experience with incident response - including participation in security incident investigations, containment, and post-mortem processes
SmartRecruiters - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Information Security Engineer

8 matching positions

Senior Information Security Engineer

Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
July 27, 2026
Flip Icon
Requirements
Requirements
  • 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
Job Responsibility
Job Responsibility
  • Lead or participate in computer security incident response activities for moderately complex events
  • Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
  • Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
  • Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
  • Review and correlate security logs
  • Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
  • Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
  • Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

Mastercard is seeking candidates to join the Data Protection team with a focus o...
Location
Location
Ireland , Dublin 18
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
October 10, 2026
Flip Icon
Requirements
Requirements
  • Experience operating or designing security governance or enforcement programs in large, complex environments
  • Strong understanding of information security, data protection, and risk management, particularly as applied to SaaS and third party technologies
  • Demonstrated ability to make and defend risk based decisions that balance security, policy, and business impact
  • Experience working cross functionally with Legal, Privacy, Compliance, and Technology teams
  • Ability to clearly document decisions and articulate technical and business impact to diverse audiences
  • Strong verbal and written communication skills, including executive ready summaries
  • Demonstrated technical competency in security engineering through hands on experience or relevant qualifications
  • Design and implement data models and analytics frameworks to support Shadow IT blocking decisions, escalation tracking, and governance reporting
  • Develop automated processes and dashboards to provide visibility into blocking activity, unblock requests, escalation outcomes, and trend analysis
  • Evaluate and integrate data sources (e.g., SaaS discovery tools, cloud telemetry, intake systems) to ensure accurate and timely Shadow IT decisioning data
Job Responsibility
Job Responsibility
  • Contribute to the execution of the Shadow IT and Data Protection roadmap, with primary ownership of enforcement, escalation, and governance processes
  • Develop and maintain a Shadow IT blocking strategy framework for unapproved applications, including: Blocking criteria and decision thresholds, Risk scoring aligned to data sensitivity, access, and exposure, Defined escalation paths for exceptions and high impact cases
  • Document all blocking decisions with clear business justification, technical impact assessment, and alignment to security and data protection policy
  • Establish and maintain communication protocols to notify stakeholders of application blocks, including timelines, approved alternatives, and available support resources
  • Manage unblock requests and escalations and exception processing, coordinating with Security Operations and business stakeholders to evaluate risk and determine outcomes
  • Partner with application, platform, and business teams to define paths to compliance, including remediation, onboarding to approved services, or decommissioning
  • Track and report Shadow IT metrics, including blocking trends, unblock volumes, escalation outcomes, incidents, and stakeholder satisfaction
  • Work side by side with other team members to build and mature the Shadow IT governance process, while taking lead ownership of defined processes such as: Escalations and exception handling, Cross functional coordination, Technical impact assessment, Policy alignment and enforcement
  • Build and operationalize a next generation Shadow IT governance model that provides transparency, consistency, and defensibility across the enterprise
  • Develop a way to automatically tag approved apps
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

We are seeking a Senior Security Engineer to design, build, and maintain critica...
Location
Location
Spain , Madrid
Salary
Salary:
Not provided
onetrust.com Logo
OneTrust
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BA/BS in Computer Science, Engineering, Mathematics, or a related field
  • 4+ years of security engineering or related security experience
  • 3+ years of cloud experience
  • Solid understanding of information security principles around confidentiality, integrity, and availability
  • Experience with logging platforms such as Splunk or similar tools
  • Experience with endpoint security platforms (e.g., CrowdStrike, SentinelOne, traditional AV)
  • Scripting proficiency in one or more: Unix/Shell, Python, Golang, Rust, PowerShell
  • Experience with IaC tools such as Terraform or CloudFormation
  • Strong organizational, analytical, and problem-solving skills
  • Ability to make sound decisions in a complex, fast-changing environment
Job Responsibility
Job Responsibility
  • Design, build, scale, and maintain core security infrastructure and controls
  • Respond to security tickets requiring engineering-level configuration changes or enhancements
  • Assist with the investigation and remediation of security incidents
  • Serve as a Security SME for secure cloud infrastructure
  • Provide guidance and feedback on cloud and hybrid security solutions
  • Partner with internal teams to provide security requirements for key initiatives
  • Conduct POCs and collaborate with vendors to evaluate and recommend solutions
  • Implement new security technologies as part of project-based initiatives
  • Communicate project and issue status to management and business stakeholders
  • Create and maintain documentation for security projects and processes
What we offer
What we offer
  • comprehensive healthcare coverage
  • flexible PTO
  • equity RSUs
  • annual performance bonus opportunities
  • retirement account support
  • 14+ weeks of paid parental leave
  • career development opportunities
  • company-paid privacy certification exam fees
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

The Sr. Information Security Engineering job collaborates with various business ...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Information Security or IT Technology
  • 3+ years of experience leading complex enterprise-wide integration programs and efforts as an individual contributor
  • 3+ years of engineering experience with vulnerability management tools such as Nexpose, Tenable
  • 3+ years of engineering experience with operating systems such as Linux and Windows Server
  • 2+ years of self-leadership experience
  • 2+ years of experience writing Python, GRAPH (GQL)
  • 2+ years of experience working with services in AWS, GCP, OCI, and Azure
Job Responsibility
Job Responsibility
  • Provides operations and engineering support for critical security systems and services including servers, endpoint security, computer forensics, vulnerability/penetration assessment/mitigation, and security event management
  • Leads the cost/benefit evaluation of cloud solutions compared to virtual private networks, dedicated hosting, and in-house solutions
  • Reviews technical feasibility of adopting external cloud based IT platform and infrastructure services within the organization
  • Leads the identification of portions of the organization's IT platform/infrastructure with the highest potential return for cloud deployment
  • Facilitates implementation of the organization's global strategies and initiatives to enhance Information Technology plans, operations and procedures
  • Ensures the execution of vulnerability analysis and exploitation of applications, operating systems and networks
  • Reports identified intrusion or incident paths and methods discovered through testing and evaluation procedures
  • Designs, develops and implements countermeasures, systems integration and tools specific to cyber and information operations
  • Resolves and documents complex malware and intrusion issues within the system as they occur
  • Functions as an internal information security consultant on the standards, complex issues and best practices for the organization
Read More
Arrow Right

Senior Information Security Engineer

At Qualia, we've built the leading B2B real estate technology that transforms th...
Location
Location
United States
Salary
Salary:
180000.00 - 200000.00 USD / Year
qualia.com Logo
Qualia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of professional information security experience, with both a strong defensive foundation and familiarity with offensive techniques
  • Genuine curiosity about how systems work and how they break
  • The ability to write code—whether it's a quick automation script or a more substantial detection tool
  • Hands-on experience with: Security operations tooling (e.g., SIEMs, IDS/IPS, WAFs, log monitoring platforms)
  • Core IT domains, including endpoint management, networking, web applications, and cloud infrastructure
  • Identity and access management concepts (e.g., SSO, MFA, role-based access controls)
  • Navigating the security implications of emerging technologies—including AI and large language models—as the company evaluates and adopts new tools
  • Security automation and orchestration: experience connecting tools, writing integrations, or building workflows that reduce response times and manual effort
  • Penetration testing tools (e.g., Nmap, Nessus, Metasploit, Burp Suite, or similar)
  • The ability to translate complex security concepts into clear, actionable language for technical and non-technical audiences alike
Job Responsibility
Job Responsibility
  • Partner with stakeholders across the business to identify gaps and strengthen Qualia's security posture
  • Uncover security weaknesses in technologies and processes through threat modeling, security assessments, and the development of practical security baselines
  • Build and operate tooling across the full security lifecycle: prevention, detection, investigation, and response
  • Evaluate the security posture of cloud environments, including reviewing configurations, monitoring for drift, and ensuring alignment with organizational security baselines
  • Serve as a point of escalation for customer-reported security concerns, triaging issues, communicating clearly with affected parties, and driving issues to resolution
  • Triage and reproduce vulnerability findings from penetration tests, internal tooling, and external reports—and communicate associated risk clearly to the right audiences
  • Scale security impact through automation and education, making the whole organization more security-aware
What we offer
What we offer
  • competitive equity and benefits package
  • comprehensive health plans
  • a 401k program
  • commuter benefits
  • professional development
  • parental leave
  • a flexible time off policy
  • robust online onboarding program
  • biweekly all hands meetings
  • a variety of internal virtual events to keep employees connected
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

Serve as a technical leader in our Security team reporting to our Information Se...
Location
Location
United States , Boston
Salary
Salary:
150000.00 - 190000.00 USD / Year
whoop.com Logo
Whoop
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.)
  • 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity
  • Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG)
  • Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools
  • Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems
  • Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices
  • Demonstrated leadership in security incident response, investigations, and root cause analysis
  • Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences
  • Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment
  • Experience mentoring engineers and setting operational standards
Job Responsibility
Job Responsibility
  • Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness
  • Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role
  • Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements
  • Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling
  • Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance
  • Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance
  • Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows
  • Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization
  • Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies
  • Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes
What we offer
What we offer
  • competitive base salaries
  • meaningful equity
  • generous equity package
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

This role is your opportunity to lead the charge in maturing e2Open’s security p...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A proven track record in SIEM operations, vulnerability management, and incident response
  • Hands-on experience configuring and running security tools
  • Strong automation skills (e.g., scripting, orchestration)
  • The ability to lead through influence, guiding teams to adopt better practices
  • Experience navigating the challenges of complex, fast-changing environments (M&A exposure a plus)
  • Formal qualifications (CISSP, CISM, or equivalent) are valued
Job Responsibility
Job Responsibility
  • Configure, tune, and operate SIEM platforms to improve detection, response, and visibility
  • Lead vulnerability scanning and remediation
  • Take point in managing security incidents — from detection through investigation and resolution
  • Run and maintain key security tools
  • Drive automation-first approaches
  • Collaborate with engineering and IT teams to embed security into operations and culture
  • Help shape the roadmap for security maturity within e2Open
Read More
Arrow Right

Senior Information Security Engineer - CTFC

Wells Fargo is seeking a Senior Information Security Engineer.
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
June 29, 2026
Flip Icon
Requirements
Requirements
  • 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • 4+ years of hands-on experience in Cyber Security, with a strong focus on Security Operations
  • 4+ years of experience working with enterprise SIEM platforms, preferably Splunk, including use case development, log analysis, and alert tuning
  • Solid understanding of cybersecurity frameworks and methodologies, including the Cyber Kill Chain, MITRE ATT&CK, and NIST frameworks
  • Proven experience in Security Incident Response, including detection, investigation, containment, mitigation, and remediation processes
  • Advanced knowledge of networking concepts, protocols, and security standards, along with deep understanding of Linux/Unix and Windows OS internals and system configurations
  • Strong analytical and problem-solving skills, with the ability to correlate events and identify potential threats across diverse environments
  • Bachelor’s and/or Master’s degree in computer science, Information Systems, or a related field
  • Industry-recognized certifications such as CHFI, OSCP, CEH, or equivalent are highly preferred
  • Experience with SOAR platforms (e.g., XSOAR), threat intelligence integration, and automation/orchestration is an added advantage
Job Responsibility
Job Responsibility
  • Lead or participate in computer security incident response activities for moderately complex events
  • Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
  • Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
  • Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
  • Review and correlate security logs
  • Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
  • Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
  • Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals
  • Monitor, triage, and investigate security alerts, ensuring timely and effective case handling and resolution
  • Conduct detailed security investigations, performing analysis, correlation, and validation of potential threats
  • Fulltime
Read More
Arrow Right