Security Engineer

Summary

Join Sherpany, a leading Swiss meeting management software company, as a Security Engineer. You will play a crucial role bridging the security team and product/tech teams, ensuring security integration into company processes and technologies. This involves building secure technologies and driving security improvements. The ideal candidate possesses experience in threat modeling, penetration testing/vulnerability management, and collaboration with technical teams. Sherpany offers flexible working hours, remote work, and support for professional development, fostering a positive work-life balance and growth opportunities. The role includes a structured onboarding process with clear milestones for the first six months and beyond.

Requirements

• Experience in threat modelling using common frameworks like STRIDE, PASTA, LINDDUN etc
• Experience managing either penetration testing or vulnerability management programs
• Ability to work with Google Looker Studio
• Proven ownership of technical cybersecurity topics and ability to become a trusted partner with technical teams, being able to influence or advise technical stakeholders
• Fluency in English (spoken, written)

Responsibilities

• Ensure that Sherpany consistently builds secure technologies by providing impactful security engineering support
• Ensure that Sherpany maintains safety and resilience by driving consistent security improvements to key company processes and technologies
• Understand Sherpany vulnerability management and penetration testing services
• Understand Sherpany security issue triaging process
• Understand Sherpany as a product and technology, the Product Team organization, how we work inside and with other departments
• Understand our Infrastructure and get familiar with our repositories and key services of the application
• Become familiar with packaging and deploying process for both: application as well as IaC
• Schedule coffee chats with Sherpybuddy, security team members, tech leads and product managers
• Develop a catalogue to track ongoing projects requiring threat modelling within the company
• Develop a roadmap to coordinate the execution of reactive threat modelling activities
• Own vulnerability and pentest management sections of the weekly security meeting
• Develop a 2026 roadmap for the improvement of security engineering services (covering vulnerability management, penetration testing and threat modelling)
• Design and implement Sherpany’s new and evolved threat modelling process
• Take over ownership of vulnerability management and penetration testing services

Preferred Qualifications

• Experience with threat modelling LLM AI solutions
• Ability to write scripts using Python
• You speak and understand German at a native or “expert” level

Benefits

• Flexible working hours and remote-workin
• Financial support for further education, trainings etc
• Regular team events and cultivate a value-driven cooperation