Information Security Engineer

SwingDev—a hippo company is the Polish branch of a fast-growing InsurTech product company – Hippo Insurance. We’re here to make home insurance smarter and more proactive, using tech to bring fresh solutions. We also create digital products that support our customers, always focusing on what really makes an impact.

Putting a lot of effort into hiring top-tier devs, designers, PMs, and QAs, is a proof that we care a lot about tech experience, the attitude, human approach, and what we could call „culture fit”.

„SwingDev is all about people” - yes, it may sound a bit cliche. But whether we're writing code or just hanging out, we know that people are at the heart of everything we do. We like to have a good time and keep things light, even when we're tackling big projects. We could brag about what’s making us special, but we’ve boiled it down to two key ingredients: mature, companionable people who, rather than compete, prefer to inspire and have each other’s backs; a culture of trust, empathy, and positivity that keeps us together, lets us interact as teammates and friends, and truly enjoy the ride.

About the role:

We're looking for an experienced (Mid/Senior) Information Security Engineer to strengthen our security team at SwingDev—a hippo company. In this role, you'll design, implement, and maintain the core of our security infrastructure — from endpoint protection to SaaS security solutions.

At the core of this role is a strong understanding of security principles and the ability to clearly communicate risks and technical concepts to both technical and non-technical stakeholders.

If you’re pursuing your path in security, feel good tackling complex challenges, and are curious by nature — we’d be excited for you to grow with us.

What will you do?

• You'll promote information security best practices across our portfolio.
• You'll design, deploy security and manage security controls for SaaS, endpoint, and cloud systems, ensuring compliance with frameworks such as SOX, NYDFS, and SOC 2.
• You'll monitor and enhance the security posture of SaaS applications using SSPM and DSPM tools to identify misconfigurations, data exposure, and system vulnerabilities.
• You'll oversee the configuration and continuous tuning of our endpoint security stack (EDM, EPM, EPP, ZTNA, DNS filtering) in collaboration with device management teams #inittogether.
• You'll support incident response activities — quickly investigating and resolving security incidents across infrastructure, cloud, applications, and endpoints.
• You'll develop, maintain, and enforce security policies tailored to SaaS and endpoint environments.
• You'll work closely with IT and key stakeholders to drive timely patching, risk mitigation and compliance with internal standards and external regulations.

We might be a match if you…

• Bring 5+ years of experience in SaaS or IT administration, with a strong operational background.
• Have at least 2 years of hands-on experience in information security or cybersecurity space.
• Hold (or actively pursuit one of) a security certification, such as CC, CCSP, SSCP, CISSP, CISM, GSEC, CSX-P, GX-CS, or CompTIA Security+.
• Have a strong expertise in Identity and Access Management (IAM) systems, authentication protocols, and access control mechanisms.
• Have experience working with SaaS platforms (Salesforce, Office 365, and Google Workspace).
• Have solid understanding of core security technologies: SIEM, IDS/IPS, EDR, and firewalls.
• Are experienced with cloud and data security tools: especially Data Security Posture Management (DSPM) and SaaS Security Posture Management (SSPM).
• Are proficient in endpoint security and management (EPP, EDM, ZTNA) across Windows and macOS platforms.
• Are comfortable communicating in English — both in writing and speaking 
• Are flexible to join late-afternoon or evening meetings to collaborate with our multinational team across different time zones.

You will get extra points for:

• Experience with security monitoring and automation. 
• Familiarity with cloud security architecture and secure cloud operations via CSPM. 
• Proficiency in scripting languages: Python, PowerShell, Bash. 
• Knowledge of compliance and regulatory standards such as ISO 27001, NIST frameworks, and SOC reporting. 

Recruitment process:

• Send us your CV – it's the best way for us to get to know you.
• Meet Ola, one of our Recruiters – she'll be your first point of contact.
• Technical Interview – let's dive into your technical knowledge!
• Meet Shaun, Team Manager – you'll get to know more about the role and the way the team works.
• Final Interview – meet Marcin and Alicja for the last step of the process.
• and finally... welcome aboard! 👋

What benefits are waiting for you?

Salary

24.000 – 30.000 PLN + VAT on B2B or equivalent on the contract of employment

Basics 

📝 Form of employment of your choosing

🌎 Remote work & flexible working hours 

🤒 Paid sick leave

🏖️ Paid holidays

Health & Safety

💊 Private medical care with dentists & orthodontists package for you and your family 

❤️ Group life insurance

🧘 Psychotherapists support — free online sessions with psychologists and psychotherapists.

🤸 Home physiotherapy

🏅 Multisport card & meditation apps reimbursed 50%

Working conditions & Development

💻 Gear with Apple Logo and monitor

🌱 50% reimbursement for courses, conferences, books & certificates

🇺🇸 Free access to private language lessons

🐕 6 Personal Development Days & 4 Voluntary Days Off 

Extras you may like

🎫 Cafeteria platform — extra “stówka”every month to spend on whatever you want to

🧒 Nanny services for parents 

📦 Concierge services – a personal assistant to help you to deal with your everyday matters

🎮 Chill room with table football & PlayStation 5

🍦 Free snacks, and ice cream in the office (every day, all year round!)

🍱 Free Friday Lunch in the office

🎉 Team building events — we party together several times a year during the annual Offsite & Christmas Parties, beer after work, or our #WinterEscapeMonth workation in Cyprus