View All Jobs 115500

Senior Security Engineer

Lead security testing and vulnerability remediation for Lens desktop and cloud services
Prague, Czechia
Senior
4 days ago
Mirantis

Mirantis

A cloud computing company specializing in Kubernetes, OpenStack, and related open-source software for building and managing cloud infrastructure.
10 Similar Jobs at Mirantis

Senior Security Engineer

Mirantis is a Kubernetes-native AI infrastructure company, enabling organizations to build and operate scalable, secure, and sovereign infrastructure for modern AI, machine learning, and data-intensive applications. By combining open source innovation with deep expertise in Kubernetes orchestration, Mirantis empowers platform engineering teams to deliver composable, production-ready developer platforms across any environment—on-premises, in the cloud, at the edge, or in sovereign data centers. As enterprises navigate the growing complexity of AI-driven workloads, Mirantis delivers the automation, GPU orchestration, and policy-driven control needed to manage infrastructure with confidence and agility. Committed to open standards and freedom from lock-in, Mirantis ensures that customers retain full control of their infrastructure strategy.

Mirantis is looking for a Senior Security Engineer to help keep the popular Lens product secure for its customers. In this role, you will seek security vulnerabilities from the Lens Desktop - an electron based application, built on open source by Team Lens of Mirantis - and all the related cloud based services. You'll work together with Lens engineering teams to prioritize and fix any issues. You'll also drive the efforts for achieving and maintaining industry standard security related certificates and compliances. This position will provide you with challenging opportunities, both technologically and as a leader, but will also be a great deal of fun if hacking a popular cloud native developer tool and related services alongside a team of world class individuals sounds exciting to you.

In this role you'll provide technical leadership and advice to engineering teams and leaders in collaboration with Mirantis information security teams. You'll gain first hand knowledge on how Lens is built and how it operates at a deep, technical level. Additionally, you will leverage the domain knowledge of Lens to identify vulnerabilities in the broader Mirantis product portfolio. Above all else, a strong sense of customer obsession is necessary to focus on the ultimate goal of keeping Mirantis and its customers secure.

Responsibilities

  • Conducting high quality application penetration tests independently, or leading the efforts done by third party contractors
  • Identifying security vulnerabilities across various security domains (e.g. system and network security, authentication and security protocols, cryptography, application security) and producing engagement plans and remediation recommendations to address any findings or gaps.
  • Leading the efforts for prioritizing and resolving security vulnerabilities, including contributing fixes directly to product, in collaboration with engineering teams
  • Driving the efforts for achieving and maintaining security related certifications and compliance (e.g. SOC2)
  • Assist other departments, like sales and marketing, to communicate our security posture, compliance, and/or potential gaps in security domain to our customers
  • Performing quarterly internal security tests of Lens Cloud and Desktop, simulating relevant attack scenarios, and managing remediation.
  • Maintaining and updating threat models for core Lens services and supporting architecture security reviews.
  • Triage and validation of SAST and container scanning results, and coordinating remediation with engineering.
  • Maintaining BCP/DRP policies for Lens, running periodic reviews, and organizing tabletop exercises.
  • Monitoring and helping to remediate vulnerabilities in third-party dependencies and container images via Dependabot, CodeQL, etc.
  • Auditing secrets usage in Lens codebases and CI/CD pipelines, and validating proper use of secret storage solutions.
  • Assessing security risks associated with new SaaS tools or external APIs used in Lens.

Qualifications

  • Experience in a penetration testing or information security role
  • Experience with security engineering practices, including: web application security, network security, authentication and authorization protocols, cryptography, automation, and other software security disciplines
  • Experience with dynamic and manual code auditing to identify security issues
  • Experience with interpreted or compiled languages (e.g. Node, JavaScript, TypeScript, Go, C/C++)
  • Experience with threat modeling, design review, or other threat analysis techniques
  • Experience with cloud service providers and their offerings, and their various technologies and services
  • Experience in developing security tooling and automation
  • Experience in CVE research, and/or Bug Bounty recognition
  • Advanced degree in Computer Science or related field, or equivalent industry experience
+ Show Original Job Post
Suggest a correction
























Senior Security Engineer
Prague, Czechia
Engineering
Apply to job
About Mirantis
A cloud computing company specializing in Kubernetes, OpenStack, and related open-source software for building and managing cloud infrastructure.