Summary
Join Sherpany, a leading Swiss meeting management software company, as a Security Engineer. You will play a crucial role bridging the security team and product/tech teams, ensuring security integration into company processes and technologies. This involves building secure technologies and driving security improvements. The ideal candidate possesses experience in threat modeling, penetration testing/vulnerability management, and collaboration with technical teams. Sherpany offers flexible working hours, remote work, and support for professional development, fostering a positive work-life balance and growth opportunities. The role includes a structured onboarding process with clear milestones for the first six months and beyond.
Requirements
- Experience in threat modelling using common frameworks like STRIDE, PASTA, LINDDUN etc
- Experience managing either penetration testing or vulnerability management programs
- Ability to work with Google Looker Studio
- Proven ownership of technical cybersecurity topics and ability to become a trusted partner with technical teams, being able to influence or advise technical stakeholders
- Fluency in English (spoken, written)
Responsibilities
- Ensure that Sherpany consistently builds secure technologies by providing impactful security engineering support
- Ensure that Sherpany maintains safety and resilience by driving consistent security improvements to key company processes and technologies
- Understand Sherpany vulnerability management and penetration testing services
- Understand Sherpany security issue triaging process
- Understand Sherpany as a product and technology, the Product Team organization, how we work inside and with other departments
- Understand our Infrastructure and get familiar with our repositories and key services of the application
- Become familiar with packaging and deploying process for both: application as well as IaC
- Schedule coffee chats with Sherpybuddy, security team members, tech leads and product managers
- Develop a catalogue to track ongoing projects requiring threat modelling within the company
- Develop a roadmap to coordinate the execution of reactive threat modelling activities
- Own vulnerability and pentest management sections of the weekly security meeting
- Develop a 2026 roadmap for the improvement of security engineering services (covering vulnerability management, penetration testing and threat modelling)
- Design and implement Sherpanyβs new and evolved threat modelling process
- Take over ownership of vulnerability management and penetration testing services
Preferred Qualifications
- Experience with threat modelling LLM AI solutions
- Ability to write scripts using Python
- You speak and understand German at a native or βexpertβ level
Benefits
- Flexible working hours and remote-workin
- Financial support for further education, trainings etc
- Regular team events and cultivate a value-driven cooperation