Qargo TMS

Security Engineer

Qargo TMS

full-time

Posted on:

Location Type: Hybrid

Location: GhentBelgium

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AWSAzureCloudDNSGoGoogle Cloud PlatformKubernetesLinuxPythonTCP/IP

About the role

  • Security Strategy: Lead and evolve Qargo’s security roadmap across infrastructure, applications, and internal ecosystems.
  • Engineering Partnership: Partner with development teams to "shift left," embedding security through threat modeling, automated code reviews, and architectural deep-dives.
  • Vulnerability Management: Own the end-to-end lifecycle of vulnerability discovery—from automated scanning and prioritization to hands-on remediation.
  • Cloud & Infrastructure: Design and maintain a secure, least-privilege cloud architecture (AWS/GCP/Azure), focusing on IAM, network segmentation, and advanced logging.
  • Security Tooling: Implement and optimize our security stack, including SIEM, EDR, WAF, and secrets management.
  • Incident Response: Drive our incident response capabilities—managing triage, containment, and post-mortem analysis to ensure continuous improvement.
  • Platform Hardening: Secure our Kubernetes clusters, container workloads, and deployment pipelines against modern attack vectors.
  • Compliance & Audits: Support our ISO 27001 and SOC 2 efforts by building scalable, automated compliance workflows.
  • Knowledge Sharing: Create clear security guidelines, runbooks, and playbooks that empower the wider engineering team.

Requirements

  • Core Security Knowledge
  • Deep understanding of Secure-by-Design principles, defense-in-depth, and the principle of least privilege.
  • Extensive experience in threat modeling and security architecture reviews.
  • A strong grasp of the OWASP Top 10 and common API/application vulnerabilities.
  • Technical Skills
  • Strong Linux and Networking fundamentals (TCP/IP, DNS, TLS, HTTP/S).
  • Hands-on experience securing Public Cloud environments (IAM, VPC, Logging).
  • Ability to script and automate (Python, Go, or Bash) to scale security operations and reduce manual toil.
  • Application and Platform Security
  • Proficiency in modern AuthN/AuthZ patterns (OAuth2, OIDC, JWT).
  • Experience with Kubernetes and container security (image scanning, runtime policies).
  • Familiarity with securing CI/CD pipelines and automated deployment workflows.
  • Operational and Compliance
  • Experience working within security frameworks such as ISO 27001, SOC 2, or NIST.
  • A strong mindset for observability, monitoring, and proactive alerting.
Benefits
  • Technical Ownership: The authority to shape the security posture of a major European SaaS platform.
  • Innovation: Work with a modern tech stack in a company that values technical craftsmanship over bureaucracy.
  • Ghent Tech Hub: Be part of a talented, international engineering team based in the heart of Ghent.
  • Scale-up Growth: Opportunities to grow professionally as the company expands its footprint across Europe.
  • Flexible Working: A supportive, hybrid work environment that trusts you to manage your own impact.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
vulnerability managementthreat modelingsecurity architectureLinux fundamentalsnetworking fundamentalspublic cloud securityscriptingKubernetes securityCI/CD securityobservability
Soft Skills
leadershipcollaborationcommunicationproblem-solvingcontinuous improvement
Certifications
ISO 27001SOC 2