Security Engineer

Beekeeper AG merged with LumApps to create the first AI-powered Employee Hub, an all-in-one platform designed to connect and empower every employee, serving over 7 million users globally. The platform helps organizations digitally enable their frontline workers to boost productivity, quality, safety, and agility.

• 3+ years of professional experience in application/cloud security.
• Ability to analyze WAF traffic and cloud telemetry (e.g., GuardDuty, Sysdig).
• Hands-on experience applying and auditing/remediating security best practices in AWS, GCP, Kubernetes, and containerized infrastructure.
• Strong understanding of application and API security principles (e.g., OWASP Top 10, OWASP API Top 10).
• Practical experience with source code analysis and ability to read and understand Python and/or Java.
• Hands-on experience with security monitoring tools including SAST, DAST, and SCA.
• Practical experience integrating security tools within CI/CD pipelines.
• Solid understanding of data security, encryption techniques, and secure data handling.
• Working knowledge of network protocols (TCP/IP, DNS) and security concepts (WAFs, IDS).

Nice to have:

• Experience with Docker.

• Maintain and monitor automated DAST, SAST, and SCA setups.
• Triage findings and work with engineering teams to ensure timely resolution of vulnerabilities.
• Participate in the coordination and tracking of security incidents and tickets to ensure resolution within SLAs.
• Collaborate with developers to promote secure coding practices and API security within the Software Development Lifecycle.
• Review third-party components for vulnerabilities using SCA tools.
• Assist in managing recurring security review processes, including internal penetration testing and risk assessments.
• Apply security best practices to the organization's usage of AI and LLM systems.
• Support security awareness training and participate in internal knowledge-sharing sessions.
• Analyze WAF traffic and cloud telemetry (e.g., GuardDuty, Sysdig) to identify attack patterns, eliminate false positives, and tune tooling.
• Proactively engineer and optimize the organization's security detection stack.
• Triage and investigate security events from GuardDuty, Sysdig, and WAF telemetry.
• Perform active troubleshooting via log analysis and direct cluster interaction (kubectl and gcloud).
• Tune detection logic to reduce false positives.
• Develop automation scripts in Python or Bash to eliminate manual operational tasks.
• Drive remediation of GitHub Advanced Security findings by providing developers with actionable code-level fixes and ensuring security configurations are managed as code.

• Phone and home internet costs reimbursement up to 80 PLN/month.
• Private health care package with Luxmed, covered for employee and partially for partner/family.
• Cafeteria benefits with monthly budget for sport cards or other purchases.
• Creative allowance paid as 1000 PLN gross/month.
• Home office setup reimbursement up to 1000 PLN.
• 26 days of annual leave per year and 2 mental health days off per year.