Lead Security Engineer

Pipedrive

Tallinn, Estonia

We are looking for a Lead Security Engineer to have a pivotal role in shaping and executing our cybersecurity strategy, focusing on infrastructure, cloud, AI, and application security. You will collaborate with a team of cybersecurity professionals, develop comprehensive security plans, and serve as an authority on security matters within these domains. If you are someone with deep expertise in cybersecurity and a passion for mitigating emerging threats, we would like to meet you!

Your new adventure:

Implement the organization's cybersecurity strategy and roadmap, focusing on infrastructure, cloud, AI, and application security;
Lead security incident response and forensic investigations related to these areas;
Evaluate, select, and implement security technologies, tools, and vendors that align with business needs;
Ensure compliance with industry standards and regulations (e.g., NIST, ISO 27001, SOC 2);
Conduct security reviews and implement enhancements for infrastructure, cloud, and applications;
Ensure secure-by-design principles are embedded in developed applications;
Stay up to date with the latest security standards, authentication protocols, and emerging threats;
Develop custom security tools or integrate security solutions to enhance protection and efficiency;
Be a mentor to junior members of the team as well as educate internal teams and external partners on security policies, best practices, and controls;
Regularly review and update security policies and controls to align with evolving threats;
Participate in the on-call rotation for security incident response;
Enable and support teams in securing AI-driven applications and models by providing expertise in threat mitigation, prompt engineering, penetration testing, and compliance - helping them address risks such as prompt injection, adversarial attacks, data poisoning, and unauthorized model extraction while staying ahead of emerging threats.

Does this sound like you?

Bachelor's or Master’s degree in Computer Science, Information Security, or a related field (Master’s preferred);
7+ years of progressive experience in cybersecurity, with a strong emphasis on infrastructure, cloud, and application security. Experience focusing on AI security in recent years is a valuable plus;
Deep expertise in cybersecurity frameworks and best practices within these domains;
Extensive experience in incident response and digital forensics, with a strong focus on infrastructure, cloud, and application security;
Proven experience in developing and executing cybersecurity strategies aligned with business goals;
Excellent communication and presentation skills, with the ability to clearly convey complex security concepts to both technical and non-technical audiences;
Experience in identifying and implementing process automation and efficiency improvements;
Hands-on experience securing AWS environments;
Strong knowledge of EDR and CNAPP solutions and their implementation;
Experience securing Kubernetes workloads;
Familiarity with SIEM platforms for threat detection and response;
Proficiency in Python, Node.js and TypeScript.