Security Engineer

Americaneagle.com is a family-owned web design, development, and digital marketing agency with a passionate belief in the power of technology to positively transform business practices. Our focus is on helping customers grow and achieve success in the digital space. We cover a variety of different industries, including eCommerce, associations & nonprofits, government, healthcare, sports & entertainment, transportation, and more. The company was recently named by Built in Chicago as one of the best places to work and to Inc.com's list of 5000 fastest-growing private companies for the past eight years.

We are seeking a mid-level Security Engineer to support security operations and DevSecOps initiatives across our infrastructure, cloud, and application environments.

This role is aligned to Bulgaria (EET/EEST) working hours and provides critical daytime coverage for global systems. The ideal candidate is a hands-on engineer who can balance security operations, vulnerability management, and practical DevSecOps work without requiring deep specialization in any one area.

This is a high-impact, execution-focused role with opportunities to automate, improve, and scale our security practices.

Key Responsibilities

Security Operations & Incident Handling

• Monitor and triage alerts from WAF, SIEM, EDR, firewall, and cloud security tools
• Investigate suspicious activity and perform initial response actions
• Escalate and document incidents with clear handoff to U.S.-based team
• Tune alerts and reduce false positives to improve signal quality

Infrastructure & Cloud Security

• Support hardening and validation for Windows and Linux systems
• Review system configurations (services, ports, encryption, access controls)
• Assist with cloud security posture (Azure/AWS/GCP basics – IAM, networking, logging)

Vulnerability Management

• Review and triage vulnerability scan results (e.g., Tenable/Nessus)
• Validate remediation or compensating controls
• Work with engineering teams to track and close findings
• Assist with prioritization based on risk and exposure

Compliance & Security Controls

• Execute operational security controls aligned to PCI DSS and similar frameworks
• Perform recurring validation tasks (logging reviews, malware protections, access controls)
• Assist with audit evidence collection and customer security requests
• Maintain clear, lightweight documentation and runbooks

Automation & Efficiency

• Write scripts (Bash, PowerShell, Python) to:
• Automate security checks and reporting
• Correlate logs and scan results
• Reduce manual, repetitive work
• Improve workflows between security tools and ticketing systems

Team Collaboration & Coverage

• Provide primary security coverage during EMEA hours
• Ensure strong communication and handoffs to U.S. team
• Collaborate with infrastructure, cloud, and development teams on fixes

DevSecOps & Application Security

• Integrate security checks into CI/CD pipelines (SAST, DAST, dependency scanning)
• Work with developers to identify and remediate common vulnerabilities (OWASP Top 10)
• Validate secure configurations for applications (auth, logging, secrets handling)
• Help enforce secure deployment practices across environments (dev ? prod)
• Identify opportunities to “shift left” security into development workflows

Required Qualifications

• ~2–5 years of experience in security, systems, or DevOps-related role
• Solid understanding of Windows and Linux administration
• Hands-on experience with at least a few of:
• EDR (SentinelOne, Defender, etc.)
• CDN/WAF (Cloudflare, Fastly, Imperva, Akamai, etc.)
• Vulnerability scanning tools
• Basic scripting (Bash, PowerShell, or Python)
• CI/CD pipelines (GitHub Actions, Azure DevOps, GitLab CI, etc.)
• Understanding of:
• Web application security basics
• Networking fundamentals
• Authentication and encryption concepts

Preferred (Nice-to-Have, Not Required)

• Exposure to cloud platforms
• Familiarity with PCI DSS or similar compliance frameworks
• Experience integrating security tools into pipelines
• Basic Terraform or infrastructure-as-code exposure

What Success Looks Like

• Alerts are triaged quickly and accurately during EMEA hours
• Vulnerabilities are consistently tracked and driven toward remediation
• Security checks are increasingly automated and integrated into pipelines
• Developers adopt secure practices with minimal friction
• U.S. team wakes up to clean, actionable handoffs instead of backlog

We offer:

• Innovative and dynamic projects for worldwide top brands
• Working with more recent technologies
• Sharpen your skills in instructor-led trainings and lunch and learns events
• We cover costs for certifications and events
• Generous compensation package
• Flexible working hours
• Additional health insurance that guarantees fast access to contracted health services
• Multisport card
• 25 days paid holidays
• Campus X membership benefits
• Sharpen your skills in instructor led trainings and lunch and learns
• We reimburse for certifications and participate in events like hackathons

Americaneagle.com provides its employees with an energetic work environment and opportunities to further develop their skills. Our dedication to growing our development team is how we can produce excellent sites and applications for our clients. We do all of this while maintaining a family value focus and pushing for a good work-life balance.

By submitting your application, you acknowledge and consent to the Company processing your personal data exclusively for recruitment and selection purposes, in accordance with our Privacy Notice: Privacy (English)

All submitted documents will be handled with the utmost confidentiality. Please note that only shortlisted candidates will be contacted for the next stage of the selection process.

Apply Below