Security Engineer (DevSecOps / Code Security)

Job summary

Owkin is seeking a highly skilled Security Engineer with strong software engineering foundations and expertise in application security, DevSecOps, and cloud-native security. This role involves embedding security into the software development lifecycle, securing applications, improving developer security practices, and supporting Kubernetes and AWS environments. The ideal candidate will help scale secure engineering practices across Owkin's AI-driven platform.

Benefits

Qualifications

• Strong frontend and backend software engineering experience
• Expert-level knowledge of Git and modern version control workflows
• Hands-on application security experience in modern engineering environments
• Experience performing manual and automated secure code reviews
• Strong understanding of CI/CD pipelines and DevSecOps principles
• Practical experience with Kubernetes security and containerized environments
• Strong AWS cloud security knowledge
• Knowledge of OWASP Top 10, secure coding practices, and vulnerability remediation
• Ability to communicate effectively with developers and engineering leadership
• Collaborative and pragmatic approach to security
• Experience with Wiz Code or similar application security tooling
• Familiarity with Infrastructure as Code tools such as Terraform or CloudFormation
• Knowledge of container security and Kubernetes hardening
• Experience integrating security tooling into developer workflows
• French-speaking is a bonus

Responsibilities

• Conduct in-depth application security assessments and secure code reviews across frontend and backend systems
• Partner with engineering teams to remediate vulnerabilities and improve secure coding standards
• Review and secure Git-based development workflows and branching strategies
• Integrate security controls into CI/CD pipelines in GitHub and DevSecOps processes
• Support cloud-native security initiatives across Kubernetes and AWS environments
• Use modern application security tooling, including Wiz Code, to identify and prioritize risks
• Develop automation and tooling using Python to support security operations and engineering workflows
• Advise developers on secure architecture, threat modeling, and security best practices
• Collaborate with DevOps, Platform Engineering, and Software Engineering teams to improve overall security posture
• Assist with vulnerability management, risk assessment, and remediation tracking
• Contribute to security standards, policies, and developer enablement initiatives
• Participate in on-call rotation for Wiz alerts

Skills

Certifications

Languages

Work schedule

Relocation