Senior Security Engineer

Hej, Truecaller is calling you from Stockholm, Sweden! Ready to pick up?

Truecaller transformed how we communicate when we launched in 2009 in Stockholm, Sweden.

Our mission is to build trust everywhere by making tomorrow’s communication smarter, safer and more efficient. We focus on bringing smart services with big social impacts, like protecting people from fraud, harassment, and scam calls or messages. We identify new numbers from anywhere in the world and build a space for trustworthy conversations, for those that matter. Truecaller is loved by over 350 million people around the world and is growing very rapidly across regions.

Who we are:

• The world’s #1 caller ID and spam blocking service for Android and iOS.
• A team of 400 people from ~35 different nationalities, spread across our headquarters in Stockholm and offices in Bangalore, Mumbai, Gurgaon, Tel Aviv and Nairobi.
• Listed On Nasdaq OMX Stockholm, Large Cap

We, at the Security team, play a critical part in Truecaller’s continuous success and mission to build trust everywhere as we handle the overall security in each and every domain of Truecaller. Our vision is to contribute to the development of a state-of-the-art product for our users and push the boundaries of security.

As a Senior Security Engineer, your role is pivotal. You are more than just versed in security protocols but possess a blend of infrastructure knowledge, a keen interest in DevSecOps, and a passion for safeguarding cloud architectures. You understand the intricacies of Cloud Security, GCP in particular and thus suited for supporting us in integrating security seamlessly into the development life cycle. While experience matters, it's your drive, curiosity, and commitment to excellence that will set you apart in this role.

What do we expect from you

• Bachelor's degree in Computer Science, Information Security, or a related field, with several years of experience in a senior engineering role focused on security.
• Proven expertise in cloud security, especially in the Google Cloud Platform (GCP).
• Comprehensive knowledge of DevSecOps and its practical application in CI/CD pipelines.
• Strong scripting and automation skills in languages such as Python, Bash, or Go.
• Experience in leading security initiatives and mentoring junior team members.
• Excellent problem-solving skills, combined with the ability to think strategically and act tactically.
• Exceptional communication skills, with the capacity to influence and guide decision-making at all organizational levels.

What will you work on

• Shape and align security strategies to business objectives, ensuring security isn't just a policy but a key enabler of our services.
• Support and lead the design and implementation of advanced security architectures and solutions in our GCP environment.
• Collaborate with DevOps and engineering teams to integrate security controls into CI/CD pipelines and development workflows (DevSecOps).
• Take on vulnerability management endeavors security focusing on cloud infrastructure and applications.
• Advocate for and drive the implementation of a zero-trust approach across our digital environments.
• Provide expert advice on security matters to leadership and project teams.
• Evaluate, implement, and manage security tools that complement our defensive strategy.
• Stay ahead of emerging security threats and trends, and proactively recommend and implement security enhancements.

It would be great if you also have

• Advanced Certifications: Credentials like CISSP, GCP Professional Security Engineer, or CEH can be advantageous.
• Open-Source Contributions: Experience with contributing to open-source security tools or projects showcases initiative and expertise.
• Machine Learning and AI: Familiarity with leveraging AI and ML for security analytics and threat detection.
• Zero Trust Network Architecture: Understanding and experience in implementing Zero Trust concepts beyond just theoretical knowledge.
• Soft Skills: Exceptional communication abilities, especially in translating technical jargon into understandable concepts for non-technical stakeholders.
• Container Security: Experience in securing Docker, Kubernetes, or other container orchestration platforms.
• Threat Modeling: Experience in developing threat models for complex software and infrastructure architectures.
• Digital Forensics: Skills in identifying and investigating digital traces after a security incident.

Life at Truecaller - Behind the code: https://www.instagram.com/lifeattruecaller/

Sounds like your dream job?

We will fill the position as soon as we find the right candidate, so please send your application as soon as possible. As part of the recruitment process, we will conduct a background check.

This position is based in Stockholm, Sweden.

We only accept applications in English.

What we offer:

• A smart, talented and agile team: An international team where ~35 nationalities are working together in several locations and time zones with a learning, sharing and fun environment.
• A great compensation package: Competitive salary, 30 days of paid vacation, flexible working hours, private health insurance and pension contribution, Udemy membership to keep learning and improving, gym membership.
• Great tech tools: Pick the computer and phone that you fancy the most within our budget ranges.
• Do it your way: We work in-office on Tuesdays, Wednesdays and Thursdays with flexibility on the other days. You can enjoy 3 weeks working remotely from anywhere you want per year.
• Office life: Enjoy your days with a wide range of yummy snacks and beverages, and have fun at our playroom! As well, exciting company parties and team activities such as Lab days, Running team, Geek lunch!

Come as you are:

Truecaller is diverse, equal and inclusive. We need a wide variety of backgrounds, perspectives, beliefs and experiences in order to keep building our great products. No matter where you are based, which language you speak, your accent, race, religion, color, nationality, gender, sexual orientation, age, marital status, etc. All those things make you who you are, and that’s why we would love to meet you.