← Zurück zur Liste
Stelle · Senior

Senior Security Engineer

Security Engineer • Senior • Vor Ort • Vollzeit • 📍 Zurich

GetYourGuide is hiring a Senior Security Engineer to build and scale a modern Vulnerability Management and Exposure Management program for its cloud-native SaaS platform. The role goes beyond traditional scanning: you will partner with Engineering, Platform, Cloud Operations and Product Security to continuously identify, prioritize, automate and reduce security risk. The ideal candidate combines deep security expertise with a builder mindset and strong automation skills.

Responsibilities

  • Own and evolve the vulnerability management strategy, roadmap and SLAs/KPIs
  • Continuously assess vulnerabilities across cloud, applications, containers, Kubernetes, endpoints and third-party services
  • Prioritize by risk using asset criticality, exploitability, threat intelligence and business context
  • Drive remediation programs in partnership with engineering teams
  • Build automation and integrations across scanners, ticketing, CMDBs and cloud platforms
  • Use AI and LLM-based tools to improve analysis and analyst productivity; secure cloud-native environments (AWS, Azure, GCP)

Requirements

  • 5+ years in security engineering with hands-on vulnerability management ownership
  • Strong understanding of vulnerability management methodologies, CVSS, threat intelligence, exploitability and risk prioritization
  • Experience with enterprise VM platforms (Tenable, Qualys, Rapid7, Wiz, Orca Security or similar)
  • Strong knowledge of cloud platforms (AWS, Azure and/or Google Cloud)
  • Experience securing containers, Kubernetes and cloud-native architectures
  • Experience building automation using APIs and workflow orchestration tools

Nice to have

  • Experience operating security programs in a SaaS or cloud-native company
  • Experience with ASM, CSPM or CNAPP
  • Familiarity with DevSecOps, Infrastructure-as-Code and CI/CD security
  • Experience using AI-assisted security tools, security copilots or LLM-based workflows
  • Relevant certifications (CISSP, GSEC, GCIH, GPEN, AWS Security Specialty or equivalent)

Soft skills

Strong communication and ability to influence engineering teamsBuilder mindsetRisk-based decision makingCross-functional partnership
Languages: angol