We are looking for two Platform Security Engineers (Senior+) to join our Product Security domain. This role exists because the scope and importance of our work has outgrown the capacity of a single person.
Our platform underpins multiple products and handles sensitive, high-value data. At its core sits a large, graph-based data store that powers downstream systems. Building and securing access to that data, correctly and pragmatically, is critical to the company.
This is a hands-on engineering role. You will design, build, and ship production-grade security and privacy controls, not just define policies or review designs from the sidelines.
About the role
We are looking for two Platform Security Engineers (Senior+) to join our Product Security domain. This role exists because the scope and importance of our work has outgrown the capacity of a single person.
Our platform underpins multiple products and handles sensitive, high-value data. At its core sits a large, graph-based data store that powers downstream systems. Building and securing access to that data, correctly and pragmatically, is critical to the company.
This is a hands-on engineering role. You will design, build, and ship production-grade security and privacy controls, not just define policies or review designs from the sidelines
Improving and maintaining supply-chain security, including SAST, SCA, container scanning, and CI/CD hardening
This role is intentionally broad. You will not be a single-domain specialist, and you will not be shielded from complexity.
Taken ownership of parts of the AuthN/AuthZ model and implementation
Developed a solid mental model of our data flows and privacy risks
Earned trust across teams as someone who can say “this is not okay” — and explain why, with facts
Reduced risk in practical ways, not through security theatre
How you’ll work
This is a high-autonomy role. You are expected to scope problems yourself when needed.
You will collaborate closely with engineers across the company, not operate as a silo.
Disagreement is normal — decisions should be backed by reasoning, data, and threat modeling, not ego.
Blocking a release on security or privacy grounds is possible when warranted, with clear escalation paths.
If you see a problem, even outside your direct domain, you are expected to help fix it.
What we’re looking for
Required
Strong proficiency in Python (our primary language)
Deep understanding of authentication and authorization concepts, including OAuth, JWTs, permission models, and secure token handling
Experience designing and securing non-trivial data systems
Ability to reason about risk, trade-offs, and real-world constraints
A track record of shipping real security improvements, not just writing policy
Strongly preferred
Experience with graph databases, ideally Neo4j or similar
Experience with CI/CD and supply-chain security (SAST, SCA, container scanning, pipeline hardening)
Experience with Go or Rust
Some familiarity with frontend or React (not required, but useful for end-to-end thinking)
What this role is not
Not a policy-only or advisory role
Not a role with pre-defined, perfectly scoped tasks
Not about chasing tools without understanding the problems they solve
Not security theatre If you need everything spelled out, or prefer to avoid ambiguity, this role will be frustrating.
Seniority & growth
This role is intentionally leveled as Senior+. We are open to hiring at different seniority levels if the fit is right. Titles matter less than ownership, judgment, and impact.
Why join
You’ll work on core platform security problems that directly affect how data is accessed, protected, and trusted. You’ll have real influence, real responsibility, and the space to do things properly, without losing sight of pragmatism.
Join a pioneering joint venture at the intersection of AI and industry transformation.
Work with a diverse and collaborative team of experts from various disciplines.
Opportunity for professional growth and continuous learning in a dynamic field.
All Job Ads are subject to GrabJobs’s Terms of Service. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by GrabJobs moderation team. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.
Be the first to receive the latest Others Full-Time Jobs in Poland.
Setup your job alert:
By activating job alerts, I agree to GrabJobs Terms & Privacy Policy. I can unsubscribe to job alerts anytime.
Skip
GrabJobs is the no1 job portal in Poland, connecting you to thousands of jobs fast!
Find the best jobs in Poland, apply in 1 click and get a job today!
Activate JobCopilot
Your email job alert is now active!