Cybersecurity Engineer

 Posted 2 hours ago
  
 Europe
  
2-5 years experience
Apply Now

Please mention DailyRemote when applying

AI Summary

Lead vulnerability management and embed security into the SDLC while hardening Microsoft and Azure environments. Coordinate with the SOC for incident remediation and support continuous compliance audits for ISO 27001 and SOC 2.

About XTEL

XTEL is a leader in advanced, AI-driven solutions for consumer goods companies, combining cutting- edge technology, industry expertise, and data management to accelerate profitable revenue growth and value realization.

Position Overview

XTEL is hiring a Cybersecurity Engineer to strengthen XTEL’s security posture across our platform, applications, and Microsoft environment. You’ll join a growing Security & Compliance team that already maintains a mature compliance foundation (ISO 27001:2022, SOC 2 Type 2, SOC 1 Type 2, ISAE 3402) and an established GRC function, alongside a managed SOC, an IT team, and a Cloud Operations team.

This is a very hands-on role where you’ll lead vulnerability management, work with Engineering and Product to embed security into the SDLC, partner with IT & Cloud Operations to continuously harden our Microsoft environments, and drive triage and remediation of issues surfaced by our SOC. Because you’ll work alongside existing IT, Cloud Operations, and GRC capabilities, success depends on collaboration and influence as much as technical depth.

The ideal candidate must be proactive and self-directed: actively seeking out opportunities to improve security across the organization and able to operate effectively with limited guidance and oversight.

Key Responsibilities

  • Vulnerability management. Own intake, triage, risk-based prioritization, remediation tracking, validation, SLAs, and reporting across our Azure environments (dev, test, prod, and customer-facing) and the development pipeline.

  • Secure SDLC & CI/CD. Partner with Engineering, Product, and QA to continually improve secure development practices:

  1. Pipeline security and security gates in CI/CD.

  2. SAST, DAST, IAST, dependency/software composition (SCA), and code scanning.

  3. Secure code review practices, threat modeling, and security requirements in design.

  • Microsoft environment hardening. Work continuously with IT to further secure infrastructure - identity and access management, endpoint protections, M365 controls, and configuration/hardening baselines.

  • SOC-driven remediation. Coordinate and drive triage and remediation for alerts, incidents, and vulnerabilities reported by XTEL’s SOC, including root cause follow up.

  • Penetration testing. Coordinate external penetration tests (scope, execution support, findings management, retesting and closure), and conduct internal testing.

  • Patch management. Support patch management processes and verification in partnership with IT and Cloud Operations.

  • Cloud security partnership. Partner with Cloud Operations on Azure security architecture, secure-by-design patterns, CSPM, secrets management, and network security.

  • Compliance & audit support. Support security audits and continuous compliance (ISO 27001, SOC 1, SOC 2 Type 2, ISAE 3402), including evidence collection and control improvement.

  • Cross-functional enablement. Translate security findings into clear, actionable guidance for engineers and into evidence and inputs for the GRC function.

  • Continuous improvement. Proactively identify and act on opportunities to raise the security bar across the organization.

Qualifications

  • Experience: 3+ years in cybersecurity engineering, security operations, DevSecOps, or security-focused IT (cloud-native SaaS experience strongly preferred, ideally on Azure).

  • Vulnerability management: Proven track record running vulnerability management beyond scanning - prioritizing and driving remediation to closure across teams.

  • Application & SDLC security: Working knowledge of AppSec and SDLC controls (CI/CD security, SAST/DAST/IAST/SCA, secure code review) and the ability to embed security without slowing delivery.

  • Microsoft environment: Hands-on experience securing Microsoft environments (Entra ID, Intune, Conditional Access, endpoint protections, M365 controls).

  • Cloud security: Working knowledge of Azure security services and cloud security posture management.

  • Self-direction: Ability to work independently, set priorities, and build or mature programs in a lean environment with limited guidance.

  • Communication & ownership: Strong communicator who can drive work and build trust across Engineering, Product, Cloud Operations, IT, and Compliance.

  • English: English proficiency

Nice to have:

  • Familiarity operating within an ISO 27001 / SOC 2 environment and supporting audits.

  • Experience with infrastructure-as-code and securing CI/CD at scale.

  • Hands-on penetration testing or offensive security experience (e.g., OSCP).

  • Experience with compliance automation tooling (e.g., Drata).

  • Relevant certifications (e.g., GIAC, CISSP, AZ-500, SC-200, SC-300).

Who You Are:

  • Proactive and self-starting - you find work that needs doing and do it without waiting to be told.

  • Pragmatic and risk-based - you focus effort where it reduces the most risk and balance security with delivery.

  • Collaborative - you achieve outcomes through influence across teams you don’t manage.

Geographical Location:

  • EU

  • Open to remote or hybrid work arrangements

What We Offer

  • Hybrid or full remote working set-up 🏡

  • Flexible working hours;

  • Competitive Salary Package and Bonus scheme;💸

  • A challenging role in a fast-growing AI-driven company; 🪄

  • A diverse and international team with strong ownership and a can-do mentality.🌏

  • Opportunities to contribute meaningfully to the organization’s growth and development.🚀

Equal Opportunities Statement

If you have strengths to share, we’d love to hear from you. We value diverse backgrounds and experiences, so don’t hesitate to apply even if you don’t meet all criteria.

XTEL is an equal opportunity employer and values diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment.

Similar Jobs

See all Remote Software Development jobs →

Personalize your Remote Job Search in 3 Easy Steps!

Discover remote opportunities in Cybersecurity Engineer

Answer easy questions

Answer easy questions

200,000+ jobs across 15+ categories

Get your best job matches

Get your best job matches

Only hand-screened, legit jobs

Find a remote job faster

Find a remote job faster

No ads, scams, or junk

I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!

Sarah J. — Sarah J. · Marketing Manager ★★★★★ Verified