Security Engineering and Risk Lead

Svitla Systems Inc. is looking for a Security Engineering and Risk Lead for a full-time position (40 hours per week) in Europe. Our client specializes in delivering digital forensic and incident response solutions tailored for businesses, public safety organizations, and service providers engaged in the investigation of cybercrimes. 

You'll be responsible for executing and operationalizing security architecture, risk management, and security design across the organization. This role translates security strategy into actionable controls, designs secure solutions for systems and applications, and ensures security risks are identified, tracked, and mitigated in alignment with business priorities. You will partner closely with the Security Architect, Security Operations, Compliance, Network, and Enterprise Architecture teams. While strategic direction is shared, this role owns hands‑on execution, design validation, and risk follow‑through.

A critical requirement for this role is a hands‑on expertise with Zscaler Internet Access (ZIA). You'll serve as a subject matter expert for ZIA, providing design guidance, advanced configuration support, and operational expertise while partnering with platform owners and network teams. 

Requirements:

• 8+ years of experience in cybersecurity, including hands‑on security engineering or architecture execution.

• Solid experience supporting, designing, or advising on Zscaler Internet Access (ZIA) in an enterprise environment.

• Understanding of designing and implementing enterprise security controls across infrastructure and applications.

• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or equivalent experience.

• Strong knowledge of security frameworks and control models.

• In-depth understanding supporting secure web gateway and Zero Trust architectures.

• Expertise in conducting and operationalizing risk assessments.

• Expertise in translating security strategy into technical recommendations.

• Strong skills in documentation and communication for technical and non‑technical audiences.

• Proven ability to collaborate across Security, IT, Network, and Compliance teams.

  
  

Nice to have:

• Experience executing security architecture in cloud, SaaS, and hybrid environments.

• Familiarity with vulnerability management, incident response, IAM, and data protection controls.

• Experience supporting audits and regulatory assessments.

• Ability to mentor and guide security engineers and analysts.

• Experience working with Fortinet security platforms in an enterprise environment.

• Certifications:

  • CISSP or CISM;

  • CRISC;

  • Security+, CySA+, or similar foundational certifications;

  • Zscaler certifications, including ZIA‑focused credentials;

  • Fortinet certifications such as NSE 4, NSE 5, NSE 7, or equivalent;

  • Cloud security certifications (AWS, Azure, or equivalent).

    
    

Responsibilities:

• Design and implement secure architectures for systems, networks, and applications.

• Apply security frameworks such as NIST CSF and ISO 27001 to real‑world implementations.

• Review technical designs and ensure security requirements are embedded early in project lifecycles.

• Partner with enterprise architects to integrate security into new and existing initiatives.

• Execute and maintain the Cybersecurity Risk Program.

• Conduct risk assessments and document findings in the risk register; develop and track risk mitigation plans in collaboration with IT, Security Operations, Network, and Compliance.

• Ensure identified risks progress from assessment to remediation.

• Act as the Zscaler Internet Access (ZIA) subject matter expert for the organization.

• Provide advanced design, configuration, and troubleshooting support for ZIA.

• Advise on the design of secure web gateway policies, traffic inspection, and enforcement strategies.

• Partner with Network and IT teams to support ZIA enhancements, optimizations, and architectural alignment.

• Translate security architecture and risk requirements into practical ZIA recommendations.

• Contribute to Zero Trust initiatives by applying ZIA capabilities appropriately.

• Design and refine controls for vulnerability management, incident response, identity, and data protection.

• Ensure security tooling and processes align with architectural intent and operational reality.

• Support the development and refinement of security standards, patterns, and technical guidance.

• Design and implement technical solutions that meet compliance and audit requirements.

• Partner with Compliance to translate control requirements into enforceable technical controls.

• Provide architectural and technical evidence during audits and assessments.

• Serve as a hands‑on security partner to IT, Network, and engineering teams.

• Provide practical guidance that balances security best practices with business needs.

• Support Security Operations by ensuring architectural decisions do not create operational blind spots.

• Assist with incident response activities as a technical escalation point when architectural or platform insight is required.

• Support emergency on‑call activities as needed.

• Identify architectural, platform, or design weaknesses revealed through incidents and drive corrective action.

• Participate in ongoing Fortinet security platform training to maintain proficiency in architecture and operations.

• Dedicate time on a regular basis to hands‑on Fortinet learning, configuration review, and feature evaluation.

• Apply Fortinet's best practices to improve network security controls, visibility, and risk reduction.

• Partner with Security Operations and IT to ensure Fortinet capabilities are effectively leveraged within the broader security architecture.

  
  

We offer

• US and EU projects based on advanced technologies.

• Competitive compensation based on skills and experience.

• Regular performance appraisals to support your growth.

• Flexibility in workspace, either remote or our welcoming office.

• Bonuses for article writing, public talks, and other activities.

• Generous time off, including vacation, national holidays, sick leaves, and family days.

• Personalized learning programs tailored to your interests and skill development.

• Free tech webinars and meetups organized by Svitla.

• Regular corporate online activities.

• Awesome team and a friendly, supportive community!