Information Security Engineer

Your new role and environment.
We are looking for an experienced
Information Security Engineer
to strengthen our security posture and play a key role in both the first and second lines of defense. In this role, you will work closely with engineering, operations, and compliance teams to ensure our digital assets and data remain protected, while enabling the business to move quickly and securely.

Our Engineering Enablement Department has a purpose to accelerate our teams worldwide. We strive to provide teams with a set of tools and services to enable them to unlock their full potential. In short, we enable them to deliver quality customer value quickly and autonomously. The tools and services we provide are built with and for our engineering community, it is up to you and your team to ensure that- for all these tools, security standards are in place

Key Responsibilities Of Your Role.

• Act as a subject matter expert for security controls, risk management, and incident response across the organization.
• Support the business (first line of defense) in identifying, assessing, and managing security risks, and in designing and executing internal controls.
• Provide oversight and assurance (second line of defense) by monitoring risk management practices, supporting compliance activities, and facilitating audits.
• Lead or participate in security incident investigations, root cause analysis, and remediation planning.
• Collaborate with engineering and product teams to embed security best practices into systems and processes from the start.
• Deliver security awareness and training sessions to technical and non-technical audiences.
• Contribute to the continuous improvement of our security frameworks, policies, and procedures.
• Support the implementation and operation of security tools and technologies (e.g., IAM, endpoint protection, vulnerability management, SIEM, cloud security controls) without disclosing specific vendor names or configurations.
• Participate in threat modeling, risk assessments, and security reviews for new and existing systems.
• Foster a security-first culture and act as a bridge between technical teams and compliance functions.

What's in it for you?
We ask a lot. (We're looking for the best, after all). But we offer a lot, too.

So, what do we have in store for you? We offer flexible hours and a hybrid working model, allowing you to work both from home and at the office. We provide competitive benefits to support health, well-being and your professional growth. This includes: a significant budget on benefit platform and a yearly bonus. At AD01 we welcome everyone, just the way you are, and encourage individual growth with valuable opportunities and a worldwide across-brand network.

Requirements.
Must have:

• Proven experience in information security, risk management, or security engineering (typically 5+ years).
• Strong understanding of security frameworks (e.g., ISO 27001, NIST, CIS Controls) and the three lines of defense model.
• Experience with incident response, vulnerability management, and security monitoring.
• Ability to communicate complex security concepts to diverse audiences.
• Experience supporting or operating in both technical (engineering/IT) and compliance/risk environments.

Good to have:

• Experience with cloud security, DevSecOps, or secure software development lifecycle (SSDLC).
• Familiarity with privacy and data protection regulations (e.g., GDPR).
• Experience with automation, scripting, or infrastructure-as-code for security tasks.
• Relevant certifications (e.g., CISSP, CISM, GIAC, Azure/AWS Security).

Desired Skills And Experience

• Proven ability to identify, assess, and mitigate security risks through structured threat and risk modeling, supporting both proactive and reactive security activities.
• Experience deploying, operating, and optimizing security technologies across the software development lifecycle and enterprise environments (e.g., CI/CD pipelines, cloud platforms, endpoint protection, IAM, vulnerability management).
• Strong communication skills with the ability to translate complex security concepts into actionable guidance for both technical and non-technical stakeholders.
• Demonstrated passion for building and sustaining a security-first culture within cross-functional teams, acting as a trusted advisor and role model.
• Creative and pragmatic approach to solving security challenges in dynamic, fast-paced environments, balancing risk reduction with business enablement.
• Experience supporting or collaborating with both first line (engineering/operations) and second line (risk/compliance) functions to ensure effective implementation and oversight of security controls.
• Commitment to continuous learning and staying current with evolving threats, technologies, and best practices in information security.

Apply now
If you're excited to help us grow, then please apply now. If you feel like you might
not
tick all the boxes but have the skills and personality we're looking for, then please also apply now

Got questions? Don't be shy. Madalina Pungaru at , has answers.

For us, diversity means being inclusive of thoughts and skills, generational differences, LGBTQ+, gender, race and ethnicity, disabilities, nationalities and more. We accept everyone for who they are.