Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

Cybersecurity Engineer, Product Security

unlimited holidays - extra holidays - extra parental leave - long remote period allowed
Remote: 
Hybrid
Contract: 
Full time
Experience: 
Mid-level (2-5 years)
Work from: 
Tartu (EE)

Offer summary

Qualifications:

Experience with threat modeling and security design reviews, Knowledge of common vulnerabilities like OWASP Top 10, Understanding of SDLC in Agile-like environments, Ability to provide clear guidance on remediation, Preferred background in product companies with emphasis on product security.

Key responsabilities:

  • Conduct security risk assessments during the SDLC
  • Manage and refine vulnerability management processes
  • Enhance external vulnerability management programs.
  • Provide technical guidance on secure coding practices
  • Support information security compliance processes
Bolt logo
Bolt Fintech: Finance + Technology Unicorn https://bolt.eu/
1001 - 5000 Employees
HQ: Tallinn
About Bolt
Bolt is one of the fastest-growing startups in the world with over 100M happy customers in 45+ countries, from Europe to LatAm to Africa. We’re building the future of mobility – one platform that connects you with cars, motorcycles, scooters and e-bikes, or food delivery from your favourite restaurant. Fast, convenient and affordable service for everyone. We believe in a future with less car ownership and flexible urban mobility. By bringing reliable on-demand transport to the masses, we’re helping cities evolve towards decreased traffic congestion and pollution. Having reached a unicorn status in just 5 years, we’re all about hyper-fast growth. And we’re just getting started. Let’s build the future of transportation together! More info at http://bolt.eu/ Join the ride at https://careers.bolt.eu/
See more Bolt offers

Job description

<gh-intro>
<text>

We are looking for a Cybersecurity Engineer to join our Product Security team and support our product growth by addressing gaps in product vulnerability management. 

</text>
</gh-intro>

<gh-about-us>
<title>About us</title>

<text>

With over 200 million customers in 50+ countries, Bolt is one of the fastest-growing tech companies in Europe and Africa. And it's all thanks to our people.

 

We believe in creating an inclusive environment where everyone is welcome, regardless of race, colour, religion, gender identity, sexual orientation, age, or disability.

 

Our ultimate goal is to make cities for people, not cars, and we need your help to achieve this mission!

</text>

</gh-about-us>

<gh-role-detail>

<title>About the role</title>

<text>

As a Product Security Engineer, you will be responsible for ensuring we are following vulnerability management best practices and acting as a key point of contact for vulnerability identification and remediation efforts between penetration testers, bug bounty submissions, and engineering teams. 

 

You will be closely collaborating with key internal stakeholders to determine how to mitigate security vulnerabilities, providing guidance and raising awareness across different functions. 

</text>
</gh-role-detail>

<gh-responsibilities>

<title>Main tasks and responsibilities:</title>

<bulletpoints>

  • <point>Conducting security risk assessments early in the SDLC, ensuring security is embedded from the design stage by reviewing design documents and engaging with product managers</point>
  • <point>Managing and refining our vulnerability management processes to ensure faster and more efficient feedback loops between penetration testers, bug bounty submissions, and engineering teams and, reducing the resolution time of critical and high-severity vulnerabilities</point>
  • <point>Refine and enhance our external vulnerability management program (i.e., bug bounty program), validating submissions, and working with program managers to maximize its impact </point>
  • <point>Providing technical guidance to engineers and raising awareness about common secure coding practices to reduce recurring vulnerabilities</point>
  • <point>Participating in information security incident handling process</point>
  • <point>Support the information security compliance processes by ensuring vulnerability management practices align with compliance requirements (e.g., PCI DSS, ISO 27001)</point>

</bulletpoints>
</gh-responsibilities>

 

<gh-requirements>

<title>About you:</title>

<bulletpoints>

  • <point>You have experience with threat modeling, security design reviews, security architecture, pentesting, and vulnerability management</point>
  • <point>You have the ability to provide clear, practical guidance to engineering teams for remediation</point>
  • <point>You are knowledgeable about common vulnerabilities (such as those outlined in the OWASP Top 10)</point>
  • <point>You have a good understanding of the implementation of SDLC within Agile-like environments</point>
  • <point>You preferably have a background working on product companies with an emphasis in product security</point>

</bulletpoints>
<text>

Experience is great, but we also look for drive, intelligence, and integrity. So, even if you don’t tick every box, please consider applying if you feel you’re the kind of person described above!
</text>
</gh-requirements>

<gh-perks>

<title>Why you’ll love it here:</title>

<bulletpoints>

  • <point>Play a direct role in shaping the future of mobility.</point>
  • <point>Impact millions of customers and partners in 600+ cities across 50+ countries.</point>
  • <point>Work in fast-moving autonomous teams with some of the smartest people in the world. </point>
  • <point>Accelerate your professional growth with unique career opportunities.</point>
  • <point>Get a rewarding salary and stock option package that lets you focus on doing your best work.</point>
  • <point>Enjoy the flexibility of working in a hybrid mode with a minimum of 2 days in the office each week to foster strong connections and teamwork.</point>
  • <point>Take care of your physical and mental health with our wellness perks.</point>

</bulletpoints>
<text>*Some perks may differ depending on your location and role.</text>
</gh-perks>

#LI-Hybrid

Required profile

Experience

Level of experience: Mid-level (2-5 years)
Industry :
Fintech: Finance + Technology
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Hard Skills

Software Security ArchitectureVulnerability ManagementProduct SecurityTechnical AssistanceNetwork Security DesignPenetration TestingThreat ModelingAgile Methodology

Other Skills

  • Collaboration
  • Analytical Thinking
  • Verbal Communication Skills
Are you interested?

Cybersecurity Engineer Related jobs

See more Cybersecurity Engineer jobs
Sign in or sign up with Google or LinkedIn