Senior Security Engineer

Job description

At Appfire, we believe that great work happens when people get to choose how they work. After 20 years of creating software that empowers teams to break silos and collaborate seamlessly, we’ve learned that one size does not fit all. That’s why at Appfire, you choose.

Choose to work where you thrive: Whether from home, in one of our offices, or while exploring the world, you decide where you’re most productive. From hardware and software to access to two decades of collective wisdom on working effectively in a remote-first company, we’ve got you covered.

Choose to balance your life without compromise: Plan your workday around your needs and what matters most to you. Enjoy flexible time off without the hassle of complicated approvals. From day one, we trust you to deliver quality work without sacrificing your personal life, hobbies, loved ones, and well-being.

Choose to grow on your terms: Take charge of your professional growth with access to online learning platforms, facilitated training, leadership programs, and internal hackathons. Collaborate with a global team to gain fresh perspectives. When you’re ready for a new challenge, our internal mobility program is here to support your journey.

No one knows you better than you do. So join us and customize your experience. Choose how you want to work. Choose Appfire.

About the role

Appfire is seeking a highly skilled Security Engineer to join our Appfire Information Security team. This Security Engineer role will report to our Deputy CISO and work within our Security Engineering & Architecture team to handle diverse security engineering and architecture-related tasks for our rapidly growing company, including managing risk through a shared vision with Appfire’s business leaders.

While focusing on people, process, systems, and metrics, and keeping up with the latest threats and trends in security, you will be tasked with understanding and resolving a variety of security requirements at Appfire. You will also handle the identification of risks and recommendations for threat mitigation. Activities will include engineering and architecture-focused tasks, supporting security reviews and audits, and verification of adherence to security policy (including cloud security policies).

You will be expected to engage in professional development to maintain continual growth in professional skills and knowledge essential to the position, and thrive in a highly collaborative workplace, and actively engage in helping create secure software applications.

You can choose to work remotely from any location in Poland.

Your everyday tasks will include:

• Collaborate with Engineering, IT Operations, and DevOps to design, engineer, and support security within our cloud environments, products, and vendor solutions, while promoting DevSecOps.
• Perform security assessments and penetration testing (manage and perform) on web applications, mobile clients, etc.
• Enforce continuous security compliance for our Cloud apps and cloud infrastructure.
• Review and approve controls needed to protect data and technology assets in compliance with policies, regulations, and legal requirements.
• Support incident response and security operations.
• Ensure compliance with and support our vulnerability management program, including SCA, SAST, DAST, penetration testing, and bug bounty programs.
• Provide expertise in the integration efforts of Appfire acquisitions and alignment to information security standards and policies.
• Implement and maintain information security systems and services to support the Information Security team.

Skills and experience you’ll need to succeed:

• Degree in Computer Science, Information Security, Engineering, or equivalent experience.
• 3+ years of experience working in cybersecurity engineering and/or architecture at a software company.
• Experience performing security work in a multi-cloud environment is preferred.
• Experience with at least one vulnerability scanning tool (e.g., Sumo, Rapid7, Wiz, etc.).
• Working knowledge of at least one scripting language, Python preferred, and Linux concepts/command line familiarity.
• Experience with basic SQL and manipulating large data files is preferred.
• An understanding of key cryptography concepts such as symmetric/asymmetric keys, algorithms, and protocols (PKI, GPG, RSA, x509 certificates, and TLS/SSL).
• Knowledge of common information security frameworks such as CIS, NIST, ISO 27001 & SOC 2 is a plus.
• Ability to work effectively within a fast-paced, changing environment with high growth.
• A self-starter with a demonstrated ability to take initiative, who can proactively identify issues/opportunities and recommend actions.
• Strategic analysis, creative problem solving, and business judgment are required.
• Excellent interpersonal and communication skills, including writing skills.

Beyond the resume skills that match our culture and this role:

• You are dedicated to elevating client and co-worker experiences, knowing that exceptional work centers on serving others.
• You adapt swiftly to new business demands, understanding that change fuels collective and individual growth.
• You excel in communication, effectively connecting in remote/hybrid environments using tools like Slack, Zoom, and G Suite and through occasional in-person events.
• You have exceptional coaching, mentoring, and people development skills.

We offer:

• Salary Ranges: Perm (UoP) 14,000 - 19,000 PLN gross/month.

Financial benefits

• Every Appfire employee is eligible for company equity.

• Home Office allowance – 200 PLN/month to cover your electricity and internet bills.

• MyBenefit Platform – 150 PLN/month to spend on shopping, culture and entertainment, Multisport, travel, and more.

• Lunch Card – 300 PLN/month to spend on groceries/restaurants (excluding alcohol and other excise duty items).

Skills development benefits

• Access to the Appfire University learning platform – a hub of knowledge, interactive resources, and engaging instructor-led courses designed to fuel your learning journey with unparalleled depth and accessibility.

• English language courses.

PTO, health & well-being

• 26 working days of paid annual leave, regardless of years of experience.

• Wellness Days – additional time off each month to recharge and take care of yourself.

• Private healthcare.

• Life Insurance.

Volunteering

• 3 fully paid days each year to participate in Appfire Town, Appfire’s Corporate Social Responsibility (CSR) Program.

Other

• Indefinite Employment contract from day one, no trial periods.

#LI-Remote

About Appfire

A people-first approach to business

Since its inception, Appfire has been a remote-first company. With 850+ employees (who we call fireflies) across 28 countries, we foster an environment where everyone is respected. We invest in team members by ensuring they grow professionally and personally.

Making an impact

At Appfire, corporate social responsibility is driven by team members, family, friends, customers, and partners through Appfire Town. This program brings people together to generate a strong social impact in our local and global communities.

In 2015, Appfire joined the Pledge 1% network of organizations committed to philanthropy. Appfire has since grown our Pledge 1% program to include all four pledge types — product, profit, equity, and employee time. We were among the first to do this, and we’re proud that Pledge 1% is part of our evolution.

Our business

Appfire mission to equip and connect every team so they can plan and deliver their best work. We are committed to building a durable, multi-generational business, and to evolving, innovating, and scaling in a way that ensures stability and opportunity for years to come

What’s our secret sauce?

1. We follow teams. We do our research and build software that solves real-life collaboration challenges while being easy to implement and a joy to use. We’re proud to support over 20,000 customers and growing, including 55% of the Fortune 500. From the entertainment delivered by Netflix to the devices crafted by Samsung, and Dell Technologies and the financial transactions handled by Visa, Edward Jones, and US Bank, Appfire’s technology is indispensable. Our products also play a pivotal role in streamlining operations and fostering innovation at companies like Tesla and significant institutions such as NASA, Boeing, and many more.
2. We enhance. Our software is designed to give developers, knowledge workers, and teams the ability to extend and get greater value from the platforms they’ve invested in and enjoy. So far, our solutions extend and enhance the capabilities offered by Atlassian, Microsoft, monday.com, and Salesforce.
3. We build bridges and invest in our partners. Appfire’s success is underscored by its channel program as its primary path to market. Today, Appfire has a dedicated Channel team supporting 800+ channel partners.
4. We make security and privacy a priority, but we also keep it simple for our customers. We’ve achieved International Organization for Standardization (ISO) 27001 and ISO 27017 and System and Organization Controls (SOC) SOC 2, Type I and SOC 2, Type II certifications. Our award-winning Appfire Trust Center, offers our customers, partners, and prospects the latest security, privacy, and compliance information, including pre-completed questionnaires (CAIQ, SIG, and VSA) with an accelerated NDA process and just one EULA to cover it all.

Market recognition

Appfire has been consistently recognized for company growth, culture, corporate social responsibility, and product excellence and has been included among the Deloitte Technology Fast 500, Inc. Best Workplaces, BuiltIn Best Places to Work, and Inc. 5000. Learn more about our accomplishments, which would not be possible without our team members, partners, and customers: https://appfire.com/awards.

Equal Employer Opportunity (EEO)

Appfire is an equal opportunity employer and does not discriminate based on race, color, religion, sex (including pregnancy), sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, veteran status, or any other protected characteristic as defined by applicable law. Our commitment extends to all employment practices, including recruitment, hiring, training, promotion, compensation, benefits, and termination.