Security Engineer

About HireRight

HireRight is the premier global background screening and workforce solutions provider. We bring clarity and confidence to vetting and hiring decisions through integrated, tailored solutions, driving a higher standard of accuracy in everything we do. Combining in-house talent, personalized services, and proprietary technology, we ensure the best candidate experience possible. PBSA accredited and based in Nashville, TN, we offer expertise from our regional centers across 200 countries and territories in The Americas, Europe, Asia, and the Middle East. Our commitment to get it right every time, everywhere, makes us the trusted partner of businesses and organizations worldwide.

Overview

We are hiring a Security Engineer based in Katowice, Poland to support global security engineering functions focusing on data protection and email security controls across the enterprise. This role is centered on encryption, key management, and email security engineering and is designed to complement a globally distributed Security Engineering team.

This is a hands-on engineering role with clear ownership and accountability. It is not a SOC analyst, SIEM-focused, or IT support position. Candidates must demonstrate direct experience designing, implementing, tuning, and operating data protection and email security controls in production environments.

Other security platforms such as WAF, SIEM, and web proxy are supported by a global security engineering team; this role partners with those teams but does not own those platforms.

Responsibilities

Data Protection & Encryption Ownership

• Own and maintain encryption controls for sensitive data, including database encryption and encryption at rest.

• Partner with Cloud and Database teams on key management practices, including key generation, rotation, storage, and access controls.

• Validate encryption coverage for regulated and sensitive data stores and identify gaps or misconfigurations.

• Define and maintain standards for encryption configuration and secure access to encrypted data.

• Provide technical input and evidence for audits related to encryption and data protection requirements.

Email Security Engineering

• Own and engineer enterprise email security controls, including phishing protection, impersonation detection, malware filtering, and email-based data loss prevention.

• Design, tune, and maintain email security policies, allow and deny lists, and exception workflows.

• Own false positive and false negative remediation for email security controls in partnership with business and IT teams.

• Manage and validate email authentication controls, including SPF, DKIM, and DMARC.

• Serve as the escalation point for email-based security incidents and coordinate remediation efforts.

Engineering Standards & Collaboration

• Maintain clear documentation, configuration standards, and runbooks for owned controls.

• Automate validation, reporting, or operational tasks related to encryption and email security where appropriate.

• Partner with GRC and Risk teams to translate regulatory and audit requirements into technical control implementations.

• Collaborate with global Security Engineering peers to ensure consistency and alignment across regions.

Qualifications

• 2 to 4 years of hands-on experience in security engineering, data protection, or email security roles.

• Demonstrated ownership of encryption and or email security platforms in production environments.

• Practical experience with one or more of the following:

• Database or storage encryption

• Key management systems

• Enterprise email security platforms

• Strong understanding of data protection principles, secure access controls, and email threat vectors.

• Ability to clearly explain which security controls you have owned, how they were implemented, and how they were operated over time.

Preferred Skills:

• Experience supporting audits aligned with SOC 2, ISO 27001, or NIST.

• Familiarity with cloud-based encryption and key management services.

• Scripting experience using Python, PowerShell, or Bash.

• Comfortable working in a globally distributed team with clearly defined ownership boundaries.

About You:

• You value depth of ownership over breadth of exposure.

• You are comfortable being accountable for high-risk, high-visibility controls.

• You proactively identify gaps and improve existing security implementations.

• You communicate clearly with both technical and non-technical stakeholders.

What do we offer

In exchange for your expertise, HireRight offers an excellent employee benefit package which includes:

HireRight offers its employees a competitive salary, permanent contract and a comprehensive package of benefits. From day one you will receive a training plan to get you on board quickly. Additionally, we offer:

• Private Medical Care

• Edenred card

• Lunch Vouchers

• Paid Lunch Break (30 Minutes)

• Social Fund (Holiday Allowance, Glasses Voucher)

• Bonus Plans

• Group Life Insurance

• Career Path & Opportunities to Grow

• Professional Training 

Please submit resume/CV in English.