cover image
Personio

Personio

www.personio.com

2,050 Employees

About the Company

Personio's Intelligent HR Platform helps small and medium-sized organizations unlock the power of people by making complicated, time-consuming tasks simple and efficient.

Listed Jobs

Company background Company brand
Company Name
Personio
Job Title
Security Engineer – Product Security (d/f/m)
Job Description
**Job Title:** Security Engineer – Product Security **Role Summary** Embed security into product development, collaborating with engineering teams to design, build, and maintain secure systems. Balance rigorous security standards with developer-friendly solutions to protect platforms and customer trust. **Expectations** - 5+ years of product security, offensive security, or systems security experience. - Proven ability to assess threat models, analyze vulnerabilities, and prioritize risk mitigation. - Strong communication skills to translate technical security concepts for varied audiences. - Hands-on experience with SAST/SCA tools, security automation, and CI/CD integration. - Demonstrated initiative in owning security process improvements and incident response. **Key Responsibilities** - Maintain and enhance product security toolchains, including automation and internal libraries. - Conduct design/code reviews, threat modeling, and risk assessments to identify and mitigate vulnerabilities. - Educate engineering teams through training programs and security champion initiatives. - Support security operations, incident response, and internal/external security testing (e.g., penetration testing). - Manage relationships with security vendors, researchers, and bug bounty programs. - Ownership of vulnerability lifecycle, from triage to remediation tracking and risk acceptance. - Develop and maintain security documentation, policies, and metrics for stakeholders. **Required Skills** - Secure-by-design principles (least privilege, confidentiality, integrity). - Threat modeling and exploit analysis of code and architecture. - Remediation strategy implementation across multi-language frameworks (Go, Python, Kotlin, PHP). - Security tooling proficiency (SAST, SCA, dependency scanning, secrets management). - Stakeholder collaboration to align security goals with development workflows. - Incident response and penetration testing experience. **Required Education & Certifications** - Bachelor’s degree in computer science, cybersecurity, or related field (or equivalent experience). - Certifications (e.g., CISSP, CEH, or equivalent) preferred but not required.
London, United kingdom
On site
Mid level
03-02-2026