Lead Security Engineer

We’re looking for a Lead Security Engineer to join our Security team in Helsinki HQ. 

In this role, you will… 

• Be a key player in shaping and executing our comprehensive security strategy
• Lead the charge in protecting our SaaS solutions, internal infrastructure, and data, ensuring compliance with industry standards and regulatory requirements (including SOC 2 Type II, GDPR, and CCPA)
• Work closely with development, operations, and other teams to embed security best practices across the entire software development lifecycle (DevSecOps)

Your day-to-day work and responsibilities include…

Security Architecture & Engineering: Design, implement, and maintain security controls across our SaaS platform and internal infrastructure. This includes automating vulnerability and threat detection (SAST, SCA, IAC, container image analysis), ensuring robust audit logging via SIEM, implementing and managing IAM policies, and proactively identifying and mitigating security risks.

Compliance & Governance:  Lead and manage our security and compliance programs, ensuring adherence to industry best practices and regulatory requirements (SOC 2 Type II, GDPR, CCPA, etc.). Work closely with external auditors and internal teams to streamline audits and ensure timely completion.

Threat Response & Incident Management: Develop and improve incident response plans and processes. Lead investigations and remediation efforts for security incidents, ensuring timely resolution and minimizing impact.

Team Leadership & Mentorship: Guide and mentor junior security engineers, fostering their professional development and technical skills.
Collaboration & Communication: Collaborate closely with development and operations teams to integrate security into the Software Development Life Cycle (DevSecOps). Effectively communicate security risks and solutions to technical and non-technical stakeholders, including customers and executive leadership.

Security Assessments & Procurement: Conduct thorough security reviews as part of the procurement process. Represent Supermetrics' security posture in pre-sales discussions with prospective clients.

Security Culture: Champion a security-first culture, embedding security principles into all aspects of our operations and product development.

This position is for you if you have…

• 5+ years of experience in information security, with a focus on SaaS or cloud environments (AWS or GCP preferred).
• Proven experience in applying and managing security frameworks such as OWASP Top 10, SANS Top 25, and CIS Benchmarks. Familiarity with risk assessment and remediation methodologies is essential.
• Expertise in securing Kubernetes clusters in complex, multi-cloud environments (a significant plus).
• Strong experience with Identity and Access Management (IAM) and threat modeling.
• Hands-on experience with SIEM and other security tools.
• Software development experience, including proficiency in at least one high-level programming language (e.g., Python, Go) and a deep understanding of secure coding practices, is required. Experience reviewing and improving source code is also required.
• Proven track record of managing compliance projects, particularly related to SOC 2 or similar frameworks.
• Excellent communication, leadership, and interpersonal skills. Ability to effectively communicate complex technical information to both technical and non-technical audiences.
  
• A passion for fostering a strong security culture throughout the organization

Bonus points...

• Experience with container security technologies.
• Relevant security certifications (e.g., CISSP, CISM, etc.).
  

Benefits we offer…

• Competitive compensation package, including equity 
• Excellent work equipment, and home office allowance for those working in our fully remote locations
• Health care benefit and leisure time insurance
• Annual 1000 euros of personal learning budget
• Sports and wellbeing allowance

Benefits may vary depending on location. You’ll find more information at supermetrics.com/careers#benefits. 

Hear why our team likes it here at supermetrics.com/careers/life-at-supermetrics.

Get to know our Engineering team at supermetrics.com/careers/engineering.

#LI-Remote #LI-Hybrid