Security Engineer — Full Stack & Infrastructure
Owns the security posture of the entire stack from Supabase app layer through to AWS infrastructure. First security hire — must be hands-on, not purely advisory. Will also design and build Node.js application instrumentation and a centralised ELK log data pipeline from scratch, including the developer-facing tooling and integrations.
CORE RESPONSIBILITIES
– Design and enforce IAM policies, VPC security groups, and least-privilege access on AWS
– Conduct threat modelling and security review of the Supabase app architecture pre- and post-migration
– Implement SAST/DAST tooling and integrate security gates into CI/CD pipelines
– Own vulnerability scanning, patch management, and incident response playbooks
– Ensure compliance with GDPR / SOC 2 as applicable; manage secrets (AWS Secrets Manager / Vault)
– Define and maintain pen testing schedule with third-party providers
– Build and own the Node.js application logging layer — structured log emission, error boundaries, and security event instrumentation end-to-end
– Design and implement the full ELK log data pipeline — Logstash ingest, Elasticsearch indexing strategy, index lifecycle management, and Kibana dashboards for security visibility
– Define log schema standards and work with dev teams to ensure consistent, queryable log output across all services
– Set up alerting pipelines from Elasticsearch into PagerDuty / Slack for real-time threat signals
REQUIREMENTS
– 5+ years in application or cloud security engineering
– Deep AWS security experience (IAM, GuardDuty, Security Hub, WAF)
– Hands-on experience securing Node.js / web application stacks
– Able to write and review Node.js code — this role includes dev-side work, not just advisory
– Proven experience building an ELK stack (Elasticsearch, Logstash, Kibana) from the ground up, including pipeline architecture
– Experience designing log data pipelines: schema design, ingest patterns, retention policies, and search optimisation
– Hands-on with OWASP Top 10 and remediation
– Familiarity with IaC security scanning (e.g. Checkov, tfsec)
– AWS Security Specialty or CISSP a strong plus
KEY TOOLS
Existing stack: AWS IAM GuardDuty WAF Snyk Vault Terraform OWASP ZAP
New additions: Elasticsearch Logstash Kibana Node.js Beats / Filebeat
Key Skills
Ranked by relevance
Related Jobs
3 roles aligned with this opportunity
Security Engineer F/H
2026-05-19
Quality Assurance Test Engineer
2026-05-16
Fullstack Engineer ($185K - $250K + 0.1% - 0.3% Equity) at Founders Fund-backed AI Enterprise Startup
2026-05-26
- Posted
- Jun 19, 2026
- Type
- Full-time
- Level
- Mid-Senior
- Location
- Luxembourg
- Company
- Cyberr
Industries
Categories
Related Jobs
3 roles aligned with this opportunity
Security Engineer F/H
2026-05-19
Quality Assurance Test Engineer
2026-05-16
Fullstack Engineer ($185K - $250K + 0.1% - 0.3% Equity) at Founders Fund-backed AI Enterprise Startup
2026-05-26