Security Engineer

HireRight is the premier global background screening and workforce solutions provider. They offer integrated, tailored solutions for vetting and hiring decisions with expertise from regional centers across 200 countries and territories. The Security Engineer role is based in Katowice, Poland, supporting global security engineering functions focused on data protection and email security controls across the enterprise.

• 2 to 4 years of hands-on experience in security engineering, data protection, or email security roles.
• Demonstrated ownership of encryption and/or email security platforms in production environments.
• Practical experience with database or storage encryption, key management systems, and enterprise email security platforms.
• Strong understanding of data protection principles, secure access controls, and email threat vectors.
• Ability to clearly explain owned security controls, their implementation, and operation over time.

Preferred Skills:

• Experience supporting audits aligned with SOC 2, ISO 27001, or NIST.
• Familiarity with cloud-based encryption and key management services.
• Scripting experience using Python, PowerShell, or Bash.
• Comfortable working in a globally distributed team with clearly defined ownership boundaries.

Data Protection & Encryption Ownership:

• Own and maintain encryption controls for sensitive data, including database encryption and encryption at rest.
• Partner with Cloud and Database teams on key management practices, including key generation, rotation, storage, and access controls.
• Validate encryption coverage for regulated and sensitive data stores and identify gaps or misconfigurations.
• Define and maintain standards for encryption configuration and secure access to encrypted data.
• Provide technical input and evidence for audits related to encryption and data protection requirements.

Email Security Engineering:

• Own and engineer enterprise email security controls, including phishing protection, impersonation detection, malware filtering, and email-based data loss prevention.
• Design, tune, and maintain email security policies, allow and deny lists, and exception workflows.
• Own false positive and false negative remediation for email security controls in partnership with business and IT teams.
• Manage and validate email authentication controls, including SPF, DKIM, and DMARC.
• Serve as the escalation point for email-based security incidents and coordinate remediation efforts.

Engineering Standards & Collaboration:

• Maintain clear documentation, configuration standards, and runbooks for owned controls.
• Automate validation, reporting, or operational tasks related to encryption and email security where appropriate.
• Partner with GRC and Risk teams to translate regulatory and audit requirements into technical control implementations.
• Collaborate with global Security Engineering peers to ensure consistency and alignment across regions.