Security Engineer (DevSecOps / Code Security)
About us
Owkin is an AI company on a mission to solve the complexity of biology. It is building the first Biology Super Intelligence (BASI) by combining powerful biological large language models, multimodal patient data, and agentic software. At the heart of this system is Owkin K, an AI copilot and its new LLM fine-tuned on biology called Owkin Zero, used by researchers, clinicians, and drug developers to better understand biology, validate scientific hypotheses, and deliver better diagnostics and therapies faster.
Position is based in remotely in UK or Germany, hybrid (Paris) or remote in France.
Please submit your CV in English
About the role
We are seeking a highly skilled Security Engineer with strong software engineering foundations and expertise in application security, DevSecOps, and cloud-native security. This role is ideal for someone who understands modern engineering workflows and can partner closely with software engineering, platform, and DevOps teams to embed security into the software development lifecycle. You will play a key role in securing applications, improving developer security practices, supporting Kubernetes and AWS environments, and helping Owkin scale secure engineering practices across its AI-driven platform.
In particular, you will:
Conduct in-depth application security assessments and secure code reviews across frontend and backend systems
Partner with engineering teams to remediate vulnerabilities and improve secure coding standards
Review and secure Git-based development workflows and branching strategies
Integrate security controls into CI/CD pipelines in GitHub and DevSecOps processes
Support cloud-native security initiatives across Kubernetes and AWS environments
Use modern application security tooling, including Wiz Code, to identify and prioritise risks
Develop automation and tooling using Python to support security operations and engineering workflows
Advise developers on secure architecture, threat modelling, and security best practices
Collaborate with DevOps, Platform Engineering, and Software Engineering teams to improve overall security posture
Assist with vulnerability management, risk assessment, and remediation tracking
Contribute to security standards, policies, and developer enablement initiatives
On-call rotation for Wiz alerts (paid at an additional rate)
About you
Required qualifications / experience:
Strong frontend and backend software engineering experience
Expert‑level knowledge of Git and modern version control workflows
Hands‑on application security experience in modern engineering environments
Experience performing manual and automated secure code reviews
Strong understanding of CI/CD pipelines and DevSecOps principles
Practical experience with Kubernetes security and containerised environments
Strong AWS cloud security knowledge
Knowledge of OWASP Top 10, secure coding practices, and vulnerability remediation
Ability to communicate effectively with developers and engineering leadership
Collaborative and pragmatic approach to security
Preferred qualifications/bonus:
Experience with Wiz Code or similar application security tooling
Familiarity with Infrastructure as Code tools such as Terraform or CloudFormation
Knowledge of container security and Kubernetes hardening
Experience integrating security tooling into developer workflows
Relevant certifications such as AWS Security Specialty or Kubernetes Security certifications would be a bonus
French‑speaking would be a bonus, but not essential
What we offer
Flexible work organization
Friendly and informal working environment
Opportunity to work with an international team with high technical and scientific backgrounds
Owkin is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, sex, gender, sexual orientation, age, color, religion, national origin, protected veteran status or on the basis of disability.
#J-18808-Ljbffr