Apply now

Product Security Engineer

Hybrid

Budapest, HU

Shape the future of digital collaboration and security

At Tresorit, we believe that secure collaboration is a key strategic factor for companies and organizations. Our platform enables individual teams, departments and companies to work efficiently with others - whether collaborating with colleagues, customers or partners.

As pioneers in data protection and security technology, we solve current digital challenges. Our solutions enable seamless, secure collaboration with end-to-end encryption. In doing so, we protect our customers' data and comply with regulations such as GDPR, HIPAA and NIS2. Our platform offers encrypted file sharing, digital signatures and secure emails.

All of this works without compromising on usability. Our platform is certified to the highest standards and used by over 30,000 customers worldwide. We enable companies to manage sensitive information securely and work more productively - without compromising on data protection and security.

We are proud to be an equal opportunities employer. We value fresh perspectives and exchange across team boundaries. To this end, we are looking for talented individuals who bring creativity, innovation and passion to their work. Whether you are just starting out or an experienced professional, you will find opportunities for further development with us. Work with us on solutions for a secure digital future!

About Tresorit:

We believe that professionals in all organizations should have a secure and easy way to collaborate with their sensitive and confidential information.

We provide a platform for departments, teams and solo entrepreneurs, equipping them with secure solutions to engage efficiently with their coworkers, customers, and other organizations.

 

About the Product Security Team:

We, the Product Security Team, empower our product development teams with a secure, continuously improving ecosystem that enforces and strengthens software security at every stage of the development lifecycle and are committed to keep Tresorit products secure and our customers’ data safe.

We are driven by meaningful, creative challenges that allow for deep immersion, whether they're high-level or more granular.

 

About the role:

We are looking for a versatile Product Security Engineer who is eager to work across the entire stack, and is always eager to learn, experiment, design, and implement security solutions. While this role leans more towards backend & infrastructure security tasks — like web API security, threat modeling, and server hardening — you will have the opportunity to dive into frontend or platform code or strengthen our CI/CD pipelines and other aspects of our software development lifecycle.

You will work with a broad array of innovation challenges. As a new member of a small, agile team, you will be working with other team members to improve the product development lifecycle by integrating security controls and approaches, evaluating technical feasibility of security solutions, prototyping new technology, then polishing and finalizing it to high security standards.

Sometimes you will support the work of product engineering teams for the ultimate goal of designing, building, and improving end-to-end encrypted, easy-to-use commercial cloud products and services that are derived from an understanding of the business, its actors, and the technology blocks.

 

Responsibilities:

  • Taking part in continuously improving our software development lifecycle from a security perspective by introducing and maintaining custom-built or off-the-shelf tools, processes, and methods into any step of the delivery chain,
  • Reviewing our products’ source code and infrastructure for vulnerabilities, misconfigurations; keeping up-to-date with the latest security trends,
  • Taking part in the planning of new product features to make sure that they are secure both from the perspective of the customers and our backend infrastructure,
  • Consulting other development teams to evaluate and mitigate various risks; handling external vulnerability reports,
  • Continuously improving the cryptographic elements in Tresorit, as well as making sure that all new products and features are in line with our security objectives and promises,
  • Developing and maintaining tools which continuously scan our source code, our services and local and remote infrastructure for vulnerabilities and automating various (e.g., remediation) tasks,
  • Training our engineers in security best practices and giving insights to other teams regarding security-related topics (including e.g., writing blog post content which directly reaches our customers).

 

Desired qualifications and skills:

  • 2+ years of experience working in software development,
  • Knowledge of the following programming languages and related technologies: .NET / TypeScript / C++ / Kotlin / Swift / Python / Rust,
  • Experience and passion for information security,
  • Knowledge in applied cryptography (e.g., cryptographic primitives, PKI), using crypto libraries (e.g., Web Crypto API, OpenSSL, Bouncy Castle),
  • Ability to find and analyze vulnerabilities, determine and mitigate risks,
  • Good written and verbal communication skills in English,
  • Fast-learner and self-motivated attitude,
  • Ability to work both in a team and independently by taking ownership of problems and planning their solutions.

It is an advantage if you have:

  • Experience with cloud services, especially Microsoft Azure, 
  • Experience with the following tools: Git, Jenkins, Azure DevOps
  • Experience in developing and maintaining security-related tooling,
  • Experience with static code analysis, fuzzing, reverse engineering,
  • Experience with front-end development (Angular and/or React with TypeScript),
  • Contributions in active open-source projects.

 

We offer:

  • Competitive base salary with a wide range of extra benefits, like:
    • Cafeteria-system,
    • annual bonus,
    • private health insurance plan,
    • gym subsidies,
    • free mobile subscription,
    • learning and self-development opportunities,
    • flexible working hours & hybrid working conditions,
    • paid parental leave,
    • in-office snacks & beverages,
    • team building days.

 

We encourage you to apply even if you believe you do not meet every single qualification. Many excellent candidates do not check every box, and that is okay. We are happy to recognize the potential in motivated people, and work in an environment where we can grow and learn together.

Apply now