Experteer Overview
As Senior Platform Security Engineer, you will strengthen our security posture across platforms, infrastructure, and workflows. You’ll bridge security operations, governance, risk, and product security to safeguard systems, clients, and IP. You will lead hands‑on technical tasks while coordinating with Product, Infra, and Security Operations teams. This role offers growth within a dedicated security function and exposure to both operations and product development in the Italian market.
Retribuzione / Benefits
* Support design and execution of the information security risk management framework
* Ensure compliance with NIS2, DORA and ISO27001-related obligations with Legal, Risk and IT
* Maintain and improve security policies, standards and control documentation
* Assist with audits, due diligence and exception management
* Support DevSecOps and secure design in product/engineering teams
* Act as escalation point during major incidents or zero‑day threats
* Lead detection and response improvements for the entity
* Serve as senior incident responder for emerging threats
* Collaborate with infrastructure, network and cross‑functional teams to contain and remediate incidents
* Perform root cause analysis and forensic investigations as needed
* Expand logging and monitoring coverage to enhance system visibility
* Maintain and test incident response runbooks, containment strategies and escalation protocols
* Lead end‑to‑end vulnerability management for ION Markets systems
* Support security architecture reviews for developed systems
* May involve overnight, weekend and on‑call activities
Responsabilità
* Italian and English fluency
* Degree/diploma/certifications in a technology‑related field or relevant experience
* Certifications such as Security+, OSCP, CCSP, CEH, GCIH, GMON are highly desired
* Up to ~7 years of information security experience with hands‑on operations and compliance background
* Fundamental programming/scripting capabilities (e.g., Python, PowerShell, Bash)
* Familiarity with NIS2, DORA and external regulations
* Strong understanding of ISO27K
* Independent, team‑oriented with strong communication
* Ability to own tasks and manage time effectively
* Endpoint security concepts, networking, cryptography, forensics basics
* Experience with security technologies (EDR, SIEM, DLP, CASB, UEBA, IDS/IPS, firewalls, IAM/PIM/PAM, vulnerability management)
#J-18808-Ljbffr