Remoote.app

Work from anywhere. Start here.

Free resume builderCompaniesLog in
Apply

Security Engineer (remote)

Posted about 17 hours agoViewed

View full description

📍 Location: Romania

🔍 Industry: Software Development

🏢 Company: Masabi👥 51-100💰 Private about 3 years agoTicketingTransportationAppsMobileFinTech

🪄 Skills: AWSCloud ComputingCybersecurityCI/CDDevOpsComplianceRisk ManagementScripting

Requirements:
  • Hands-on experience in security engineering, compliance, or risk management
  • Comfortable working with PCI DSS, ISO 27001, SOC 2 and security audits
  • Solid understanding of vulnerability scanning, pen testing, and cloud environments
  • Familiar with risk assessments, mitigation strategies, and patching workflows
  • Able to write clear documentation, reports, and policies
  • Collaborate, curious, proactive, and always looking for ways to improve
  • Comfortable working independently in a remote-first environment
Responsibilities:
  • Own and improve security controls aligned with PCI DSS, SOC 2, and ISO 27001, supporting audits and recertifications
  • Ensure we stay audit-ready with control testing, documentation, and remediation
  • Partner with internal teams and auditors to manage evidence collection and compliance outcomes
  • Manage and track contractual security obligations, flagging any billable work
  • Lead risk assessments, identify control gaps, and recommend mitigation strategies
  • Manage the lifecycle of security policies and standards, making sure they’re practical, up-to-date, and embedded across teams
  • Stay ahead of regulatory changes and industry trends to proactively adjust our security approach
  • Own our vulnerability scanning and triage process, prioritising risks and working with teams to close gaps within SLAs
  • Coordinate and follow up on bi-annual penetration tests
  • Monitor CVEs and evaluate impact across cloud infrastructure and code dependencies
  • Oversee patching compliance and ensure SSL certificates are up-to-date
  • Automate scanning, reporting, and risk scoring wherever possible
  • Own the lifecycle of security incidents, from detection and response to lessons learned
  • Maintain up-to-date incident response plans aligned with compliance standards
  • Implement and optimise tools to detect, prevent, and mitigate potential threats
  • Lead regular security reviews across cloud environments and code repositories
  • Track key risk indicators (KRIs) and report on security metrics to leadership
  • Support the completion of RFPs and customer security questionnaires
Apply