Every day, millions of people rely on WeTransfer to share their creative ideas.

Having made its name in the game of quick and simple file-sharing, WeTransfer has grown into an end-to-end suite of digital solutions with more than 87 million monthly active users in 190 countries. Beyond the WeTransfer.com platform, we have the storytelling platform WePresent, quick slide-making tool Paste, immersive sketching app Paper, and inspiration-capturing tool Collect. We design and deliver delightful experiences that continue to feel obvious and intuitive to millions of people—from our moms to your favorite artists. As a certified B-Corp, WeTransfer aims to be a sustainable and responsible tech company, balancing people, planet, and profit

So, the work we do matters. Come and be a part of it.

Senior Security Engineer at WeTransfer

At WeTransfer we are trusted everyday by millions of people with their professional, creative and personal content. We focus on making 'beautifully obvious' products, and our goal is to bring 'beautifully secure' to life as well. Security should not come at the expense of user experience, rather it is an integral part of keeping our users in their flow, creating comfortably in the knowledge that their hard work is well protected.

As a Senior Security Engineer at WeTransfer you will be part of the team that is responsible for helping to build a persistent, positive, and most of all sustainable security culture. We believe in a security culture that is less about jumping down people's throats than it is teaching them how to improve. You will perform a key role in our security efforts on strengthening our defensive security capabilities both on our internal/corporate as well as on our production infrastructure. We are looking for someone that has deep technical knowledge but can also strategically lead internal security projects.

What you’ll be doing

You will work on key projects and initiatives throughout the organization. You will have to collaborate with colleagues across the organization and advocate for our security agenda in order to drive an effective implementation of our initiatives. Some of the teams that you will work closely include Platform/IT/Data and Product teams. You will have the opportunity to design and improve solutions for alerting and vulnerability management as well as implement security tools and work with next-generation solutions. You will aim to solidify the security controls in place, expand them and deepen our visibility so that we are able to detect and react against possible misuse cases or indications of compromises. We operate in a flexible model where we combine custom internal solutions with commercial products or managed services. 

Amongst other things, you will:

• Operate, maintain and improve our SIEM and EDR solutions 

• Lead initiatives to secure our cloud infrastructure

• Participate or lead incident response procedure by analysing, resolving and reporting security incidents

• Maintain and improve our vulnerability management program. Create and assign tickets to ensure that any potential threats are quickly addressed and mitigated.

• Ability to analyse logs, files and identify malicious activity

• Actively participate in Red/Purple Team exercises

• Propose and implement new security measures and policies

• Provide data driven insights to improve security tools and controls.

• Conduct security assessments 

What we are looking for:

• Extensive experience with log analysis, SIEM and EDR solutions (e.g Datadog, LogRythm, Sentinel, Crowdstrike etc.)

• Extensive experience in incident response/SOC, in writing procedures and runbooks 

• Strong knowledge of AWS Cloud infrastructure, engineering processes, secure design principles and assessing vulnerabilities

• Experience working on a product organisation 

• Ability to lead complex projects and establish collaborative relationships with different teams

• Automation mindset that will allow you to build new custom technical security solutions 

• Basic knowledge of CI/CD pipelines, accompanied with an AppSec mindset

• Ability to translate and communicate complex technical matters

Relevant certifications such as GCIH, GFNA are considered a plus.

WeTransfer is an equal opportunity employer and we pride ourselves on the diversity of our people. We welcome you, and everything that makes you—well, you. That includes your gender identity, sexual orientation, religion, ethnicity, age, or disability status.

A note on remote

Our work environment is hybrid-remote, meaning that we support our employees to work remotely and in the office. We encourage employees to decide for themselves and with their team whether or when to go to the office.

Background screening

While it is not necessarily a determining or disqualifying factor for any role, you may be required to complete a standard employment background screening..