Protect the platforms that power Quanloop. As a Security Engineer in Product & Engineering (Limassol, on‑site by design), you’ll lead SecOps across our stack and strengthen our cloud posture on GCP. If you enjoy turning risk into clear controls—detection, response, hardening and continuous improvement—this role gives you ownership where it matters.

Job Responsibilities

• Design, implement and tune detections across SIEM and EDR to surface meaningful, low‑noise alerts
• Lead incident handling: playbooks, triage, containment, forensics coordination and post‑incident reviews
• Build and maintain log pipelines and telemetry coverage; define requirements for complete, trustworthy signals
• Run vulnerability management end‑to‑end: scanning, risk triage, remediation tracking and stakeholder reporting
• Partner with Legal & Risk on policies, access reviews and evidence collection for a regulated environment
• Harden our GCP estate: IAM least‑privilege, network segmentation, workload identity, secrets and KMS encryption
• Use GCP Security Command Center to manage findings and drive remediation at scale
• Guide secure configuration baselines for Kubernetes, containers and CI/CD
• Coordinate and perform penetration testing (internal tooling and external vendors); drive remediation to closure
• Promote OWASP‑aligned practices and cryptography hygiene; advise on threat modelling and control selection
• Document runbooks, standards and architectural decisions so security becomes repeatable and auditable
• Mentor engineers; raise security awareness through reviews, exercises and practical guidance

Key Technologies

• SIEM and EDR tooling
• GCP Security Command Center, IAM, KMS, VPC/network controls
• Kubernetes and container security
• Vulnerability scanning and management platforms
• SAST/DAST fundamentals and OWASP Top 10
• Secrets management and encryption standards

Qualifications

• 7+ years’ hands‑on cybersecurity experience with a focus on SecOps and cloud security
• Strong track record designing detections, running incidents and reducing mean time to detect/respond
• Deep understanding of GCP security: IAM, SCC, network hardening, encryption and workload identity
• Practical experience with vulnerability management and secure configuration baselines (containers/Kubernetes/CI)
• Familiarity with pen‑testing methods and tooling; able to coordinate external tests and execute focused internal ones
• Clear communicator who can translate risk into actionable engineering work
• Ability to work on‑site in Limassol; hybrid may be possible after probation
• Certifications such as CEH, CISSP or Google Professional Cloud Security Engineer are a must

We encourage applications from all qualified candidates and provide reasonable accommodations on request (email [email protected]).

Other Skills

• Structured, evidence‑driven decision‑making and concise documentation
• Automation mindset for detections, checks and repeatable hardening
• Collaborative approach with Product, Engineering, and Legal & Risk
• Comfortable leading table‑top exercises and post‑incident learning
• Calm under pressure; focused on root causes and durable fixes