Security Engineer (DevSecOps / Code Security) at Owkin | Torre
warning

Heads-up

The job you’re trying to post already exists in Torre:

Security Engineer (DevSecOps / Code Security)

You'll secure cutting-edge AI, embedding robust practices into the core of biology's future.
Emma highlights
This highlight was written by Emma’s AI. Ask Emma to edit it.
Full-time

Legal agreement: Employment

Provide your expected compensation while applying
location_on
Remote (for Germany residents)
Remote (for United Kingdom residents)
Match
skeleton-gauges
You have opted out of job matches in .
To undo this, go to the 'Skills and Interests' section of your preferences.
Review preferences
Shared by
Emma of Torre.ai
13 days ago

Requirements and responsibilities


About usOwkin is an AI company on a mission to solve the complexity of biology. It is building the first Biology Super Intelligence (BASI) by combining powerful biological large language models, multimodal patient data, and agentic software. At the heart of this system is Owkin K, an AI copilot and its new LLM fine-tuned on biology called Owkin Zero, used by researchers, clinicians, and drug developers to better understand biology, validate scientific hypotheses, and deliver better diagnostics and therapies faster.Position is based in remotely in UK or Germany, hybrid (Paris) or remote in France.Please submit your CV in EnglishAbout the role:We are seeking a highly skilled Security Engineer with strong software engineering foundations and expertise in application security, DevSecOps, and cloud-native security. This role is ideal for someone who understands modern engineering workflows and can partner closely with software engineering, platform, and DevOps teams to embed security into the software development lifecycle. You will play a key role in securing applications, improving developer security practices, supporting Kubernetes and AWS environments, and helping Owkin scale secure engineering practices across its AI-driven platform.In particular, you will:Conduct in-depth application security assessments and secure code reviews across frontend and backend systemsPartner with engineering teams to remediate vulnerabilities and improve secure coding standardsReview and secure Git-based development workflows and branching strategiesIntegrate security controls into CI/CD pipelines in GitHub and DevSecOps processesSupport cloud-native security initiatives across Kubernetes and AWS environmentsUse modern application security tooling, including Wiz Code, to identify and prioritise risksDevelop automation and tooling using Python to support security operations and engineering workflowsAdvise developers on secure architecture, threat modelling, and security best practicesCollaborate with DevOps, Platform Engineering, and Software Engineering teams to improve overall security postureAssist with vulnerability management, risk assessment, and remediation trackingContribute to security standards, policies, and developer enablement initiativesOn-call rotation for Wiz alerts (paid at an additional rate)About youRequired qualifications / experience:Strong frontend and backend software engineering experienceExpert-level knowledge of Git and modern version control workflowsHands-on application security experience in modern engineering environmentsExperience performing manual and automated secure code reviewsStrong understanding of CI/CD pipelines and DevSecOps principlesPractical experience with Kubernetes security and containerised environmentsStrong AWS cloud security knowledgeKnowledge of OWASP Top 10, secure coding practices, and vulnerability remediationAbility to communicate effectively with developers and engineering leadershipCollaborative and pragmatic approach to securityPreferred qualifications/bonus:Experience with Wiz Code or similar application security toolingFamiliarity with Infrastructure as Code tools such as Terraform or CloudFormationKnowledge of container security and Kubernetes hardeningExperience integrating security tooling into developer workflowsRelevant certifications such as AWS Security Specialty or Kubernetes Security certifications, would be a bonusFrench-speaking would be a bonus, but not essential#LI-HB1What we offerFlexible work organizationFriendly and informal working environmentOpportunity to work with an international team with high technical and scientific backgroundsRecruitment Process & SecurityPlease complete the form and submit your CV.Owkin is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, sex, gender, sexual orientation, age, color, religion, national origin, protected veteran status or on the basis of disability.Owkin is a great place to work. As a coveted workplace we are, unfortunately, vulnerable to recruitment phishing scams. We urge all job seekers and candidates to be wary of potential scams. Most of these have individuals posing as representatives of prominent companies, including Owkin, with the aim of obtaining personal, sensitive, or financial information from applicants. These scams prey upon an individual’s desire to obtain a job and can sometimes “feel” like a genuine recruitment process. Some red flags are identified below. Should you encounter a recruitment process that claims to be for Owkin but is not consistent with the below, please do not provide any personal or financial information:Legitimate Owkin recruitment processes include communication with candidates through recognized professional networks, such as LinkedIn.Communication is always through an official Owkin email address (from the @owkin.com domain), over the phone or through our applicant tracking system (Greenhouse).The Owkin talent team do use platforms such as LinkedIn and Job Teaser, however if you have any concern or doubt about this contact, please ask for them to send an email from @Owkin.com.The Owkin talent team will not solicit personal data from candidates during the application phase including, but not limited to, date of birth, social security numbers, or bank account information;Legitimate Owkin interviews may be conducted over the phone, in person, or via an approved enterprise videoconferencing service (Google Meets). They will not occur via Signal, Telegram or MessengerOwkin offers of employment are based on merit and only extended once a candidate has interviewed with members of the talent and hiring team. Offers will be extended both verbally and in written format.If you think that you have been a victim of fraud, Check the identity of the talent team on LinkedIn; Check our senior team on our website https://owkin.com/team/; Check the existence of the position on our website: https://www.owkin.com/careers#current-opportunities; Notify Owkin's recruitment unit at this address hiring@owkin.com; contact the following authorities: [FR] https://internet-signalement.gouv.fr/ [UK] https://www.actionfraud.police.uk/reporting-fraud-and-cyber-crime [US] https://reportfraud.ftc.gov/
Optionally, you can add more information later (benefits, pre-screening questions, etc.)
check_circle

Payment confirmed

A member of the Torre team will contact you shortly

In the meantime, continue adding information to your job opening.