Senior Staff Security Engineer

Bloomreach · Slovakia · Engineering

Posted 2026-01-26

Apply for this role →

Senior Staff Security Engineer

The Senior Staff Security Engineer owns current and target-state data architectures and reporting while also designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls; deploying, securing, configuring, and operating SIEM and other security resources; identifying, triaging, and remediating infrastructure and web vulnerabilities; leading incident triage and external-researcher engagement; mentoring junior staff; and helping shape secure, scalable approaches for AI-enabled tooling, automation, and emerging product capabilities.

Role summary and core responsibilities

6+ years of relevant experience

Candidates must demonstrate proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management

Practical IaC and scripting for automation

Strong cross-functional and external communication

Experience mentoring junior staff

Technical Skills:

Hands-on cloud security for AWS and GCP: design secure architectures, perform threat modeling, apply platform-native controls, and build and validate secure IaC.

SIEM ownership and detection engineering: deploy, configure, tune, and maintain SIEM; author and test detection rules and playbooks; integrate data sources; and operate with SLA-driven alerting and incident workflows.

Vulnerability and incident lifecycle ownership: identify, triage, and remediate infrastructure and web vulnerabilities.

Drive CVE lifecycle management and patching: perform root cause analysis and measure MTTR and remediation rates.

Network, web, and endpoint protections: design and manage firewalls, WAFs, cloud network controls, URL and web filtering, with demonstrable operational experience.

Secure automation and tooling: author automation for detection, alert enrichment, and remediation; build or extend security tooling using scripting or languages such as Python, Go, or Bash.

Infrastructure as code and secure CI pipelines: implement guardrails and policy-as-code in CI/CD pipelines, perform static IaC scanning, and enforce security baselines before deployment.

Detection, telemetry, and observability: define logging and telemetry requirements, ensure coverage for critical assets, and validate detection efficacy and alert fidelity.

Security standards, playbooks, and enforcement: develop, document, and operationalise organisation-wide security standards, runbooks, and playbooks; partner with engineering teams to drive adoption.

Threat-informed defensive engineering: apply threat modeling and adversary-focused testing to guide controls, detection, and resilient designs.

AI security and emerging technology risk: help define controls and guardrails for AI-enabled tools, internal automation, and product capabilities; assess risks around data access, model usage, prompt injection, and secure adoption of AI across engineering environments.

Cross-functional and external communication: communicate clearly with engineering teams, leadership, external researchers, and customers; lead vulnerability disclosure and researcher engagement.

Mentorship and prioritisation: mentor junior engineers, prioritise security projects based on risk and business impact, and drive continuous improvement of infrastructure security posture.

Familiarity with frameworks and common weaknesses: working knowledge of CIS, NIST, common security libraries and controls, and typical flaws exploited in infrastructure and web applications.

Skills and qualifications:

AWS Certified Security

Google Professional Cloud Security Engineer

Splunk Certified Admin or Splunk Certified Enterprise Security Admin

CISSP (Certified Information Systems Security Professional)

Certified Cloud Security Professional (CCSP)

Cloud Security Alliance CCSK

Experience with AI security, AI governance, or securing AI-enabled products and workflows is a strong plus

#LI-HO1

The pay range actually offered will take into account a variety of potential factors considered in compensation, including but not limited to skills, qualifications, geographic location, accomplishments, experience, credentials, internal equity and business needs, and may vary from the range listed above.

Base Salary Range

€55.273—€69.091 EUR

Apply for this role →

← Back to all crypto jobs