-
Cyberr

Security Engineer

Cyberr
Luxembourg · Full-time · Mid-Senior

Security Engineer — Full Stack & Infrastructure


Owns the security posture of the entire stack from Supabase app layer through to AWS infrastructure. First security hire — must be hands-on, not purely advisory. Will also design and build Node.js application instrumentation and a centralised ELK log data pipeline from scratch, including the developer-facing tooling and integrations.


CORE RESPONSIBILITIES


– Design and enforce IAM policies, VPC security groups, and least-privilege access on AWS

– Conduct threat modelling and security review of the Supabase app architecture pre- and post-migration

– Implement SAST/DAST tooling and integrate security gates into CI/CD pipelines

– Own vulnerability scanning, patch management, and incident response playbooks

– Ensure compliance with GDPR / SOC 2 as applicable; manage secrets (AWS Secrets Manager / Vault)

– Define and maintain pen testing schedule with third-party providers

– Build and own the Node.js application logging layer — structured log emission, error boundaries, and security event instrumentation end-to-end

– Design and implement the full ELK log data pipeline — Logstash ingest, Elasticsearch indexing strategy, index lifecycle management, and Kibana dashboards for security visibility

– Define log schema standards and work with dev teams to ensure consistent, queryable log output across all services

– Set up alerting pipelines from Elasticsearch into PagerDuty / Slack for real-time threat signals


REQUIREMENTS


– 5+ years in application or cloud security engineering

– Deep AWS security experience (IAM, GuardDuty, Security Hub, WAF)

– Hands-on experience securing Node.js / web application stacks

– Able to write and review Node.js code — this role includes dev-side work, not just advisory

– Proven experience building an ELK stack (Elasticsearch, Logstash, Kibana) from the ground up, including pipeline architecture

– Experience designing log data pipelines: schema design, ingest patterns, retention policies, and search optimisation

– Hands-on with OWASP Top 10 and remediation

– Familiarity with IaC security scanning (e.g. Checkov, tfsec)

– AWS Security Specialty or CISSP a strong plus


KEY TOOLS

Existing stack: AWS IAM GuardDuty WAF Snyk Vault Terraform OWASP ZAP

New additions: Elasticsearch Logstash Kibana Node.js Beats / Filebeat

Key Skills

Ranked by relevance

aws elasticsearch elk owasp incident response patch management cloud security terraform pagerduty cissp cloud vault slack gdpr cicd
Login to Apply
Posted
Jun 19, 2026
Type
Full-time
Level
Mid-Senior
Location
Luxembourg
Company
Cyberr

Industries

Social Networking Platforms

Categories

Information Technology

Related Jobs

3 roles aligned with this opportunity

View all jobs
View Job Details
MYM
Related

Security Engineer F/H

2026-05-19

Full-time
Mid-Senior
France
Social Networking Platforms
Information Technology
View Job Details
Cyberr®
Related

Quality Assurance Test Engineer

2026-05-16

Full-time
Mid-Senior
Luxembourg
Social Networking Platforms
Information Technology
View Job Details
CoffeeSpace
Related

Fullstack Engineer ($185K - $250K + 0.1% - 0.3% Equity) at Founders Fund-backed AI Enterprise Startup

2026-05-26

Full-time
Entry
United States
Social Networking Platforms
Engineering