Product Security Engineer (B2B SaaS)

Location: Poland (remotely)

Salary: 24.000 PLN on B2B or 19.200 PLN gross on Contract of employment (UoP)

We are a fast-growing tech company created by experienced international talents. Our product is a top-rated, AI-driven customer service platform for small and medium businesses. Our long-term goal is to create a frictionless customer experience for individual users and, at the same time, help entrepreneurs worldwide grow their businesses by supporting them with a top-notch, sales-increasing tool. We aspire to become the category-defining company of the AI era of customer success and are in a good position to achieve it.

Here are a few facts about us:

• We are among the Top 50 AI and Customer Service Products in G2’s Best Software Awards 2024. We currently rate at 4.7/5 in Shopify and G2.

• Every month, our widget is viewed by 350 million unique users, which is 4% of the global population.

• The new Tidio AI feature (Lyro) - answers up to 70% of customers’ questions in seconds and is available to users even on a free plan. It’s a real AI revolution! 🚀🤖

• We currently hire over 130 fantastic people.

• In 2022, we secured $25 mln in a Series B Investment round (check 👉TechCrunch’s article)

• In June 2023, our monthly MRR exceeded $1M.

  
  

Join our Product Security team and help drive secure innovation across our products. We assess and test new features, manage and remediate vulnerabilities, and work closely with developers to ensure security is embedded throughout the software development lifecycle. Our team plays a key role in ensuring the safety and resilience of our products at every stage of development.

In this role, you will:

• Take care of the implementation and development process of DevSecOps practices - SAST / DAST / SCA in CI / CD.

• Cooperate with other teams - build threat models and take care of a risk assessment of implemented functionalities and components.

• Identify, evaluate, reproduce, and manage the vulnerabilities found in our product.

• Conduct a security assessment and penetration testing of our product.

• Contribute to developing and managing roadmaps

• Propose, implement, and improve processes, standards, and tools.

• Drive awareness of application security and foster a security mindset

You’ll thrive in this role if you:

• Have at least 3 years of application security experience.

• Understand the latest threats and issues related to the security of web applications.

• Are familiar with standards, documentation, and methodologies such as OWASP Top 10 / ASVS / SAMM / WSTG.

• Have practical experience in application security management, gained by applying secure practices and creating structured processes.

• Have experience in implementing SAST / DAST / SCA solutions as an integral part of CI / CD.

• Can easily communicate in English.

• Are supportive, and you are a natural-born team player.

• Are solution-oriented, focused on practical problem solving, and continuous improvement

• Have strong communication skills, with the ability to collaborate effectively across teams

• Able to convey complex ideas clearly, bridging the gap between technical and non-technical stakeholders

Bonus points for:

• Experience with AWS.

• Security certifications such as OSCP, GWEB, GPEN, GWAPT, CEH, CISSP, GSEC, etc.

• Practical experience in SOC.

We would like to offer you:

• Salary up to 24.000 PLN on B2B or 19.200 PLN gross on UoP

• Remote work model with flexible hours

• Possibility to work from one of our offices in Szczecin/Warsaw or access to coworking spaces

• 26 days off guaranteed in a year

• Great development opportunities – company-supported courses and conferences

• Individual work tools—MacBook Pro, Dell screen, JBL headphones? You can tailor the equipment to your needs!

• Sport & wellness benefit 

• Private medical care 

• Mental well-being program – individual therapy sessions and resources for employees

• Free access to one of the most popular e-book/audiobook services

• Regular social events (company-wide offsites, team events)

• Budget for 1:1 English language classes;

What happens when you send your CV?

• Call with the recruiter about the position and the team

• Technical Interview

• Take a home assignment

• 2nd Technical interview

• Offer and fireworks!🎉

Diversity Statement

One of Tidio’s core values is to play fair. Therefore, we treat all candidates equally. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, or disability status. This means recruitment and selection of talent to Tidio is only based on individual merit and qualifications directly related to professional competence.