Own vulnerability management end-to-end: intake, triage, risk-based prioritization, remediation tracking, validation, SLAs, and reporting
Partner with Engineering/Product/QA to continually improve secure SDLC and CI/CD:O pipeline security, SAST/DAST/IAST, dependency and code scanning, secure code review practices
Continuously work with IT to further secure infrastructure: Endpoints, identity and access management, Conditional Access, hardening and configuration baselines
Coordinate and drive remediation for items identified by the SOC (alerts, incidents, vulnerabilities), including root-cause follow-up
Coordinate external penetration tests (scope, execution support, findings management, retesting/closure)
Support patch management processes and verification in partnership with IT
Support security audits and continuous compliance efforts (ISO 27001, SOC 2 Type 2, SOC 1, ISAE 3402) including evidence collection and control improvement

3+ years in cybersecurity engineering, security operations, DevSecOps, or security-focused IT (SaaS experience preferred)
Proven experience running vulnerability management (beyond scanning
driving remediation and closure)
Working knowledge of application security and SDLC controls (CI/CD security, SAST/DAST/IAST, code review)
Experience securing Microsoft environments (Entra ID, Intune, Conditional Access, endpoint protections, M365 controls)
Strong communication and program ownership skills; able to drive work across IT and Engineering
Familiarity with ISO 27001 / SOC control expectations and audit support (Nice to have)
Relevant certifications (AZ-500, SC-200/SC-300, Security+, etc.) (Nice to have)

Hybrid working set-up (HQ in Leuven)
Flexible working hours
Competitive Salary Package
A challenging role in a fast-growing AI-driven company
A diverse and international team with strong ownership and a can-do mentality
Opportunities to contribute meaningfully to the organization’s growth and development

Cybersecurity Engineer

Key skills