Security Engineer

Job Description:

Bynder goes far beyond managing digital assets. Our AI-powered digital asset management platform enables teams to conquer the chaos of proliferating content, touch points, and relationships in order to thrive.

With intuitive, AI-powered solutions that enhance content creation, simplify asset discovery, and maximize the value of every asset, we are the brand ally that unifies and transforms the creation and sharing of assets-inspiring teams, delighting customers, and elevating businesses.

Join our global team of 600+ 'Byndies' and contribute to shaping the future of digital asset management! As a leader in the industry, our AI capabilities empower over 1.4M users across 3,700+ organizations, including Spotify, Puma, Five Guys and Icelandair to work smarter with their content. With a commitment to innovation and a presence in seven offices worldwide, Bynder offers a dynamic environment where you can make a real impact.

Ready to grow your career by helping the world's leading brands create exceptional content experiences and thrive? Explore this opportunity and apply now to join our talented team.
At Bynder, we believe security should never be an afterthought. We're looking for a Security Engineer who thrives in a growth-oriented environment, someone who sees security as a starting point, not the finish line. If you're hands-on by nature, energized by breadth, and serious about building security that actually scales in a cloud-native SaaS environment, you'll feel right at home here.

Meet the team

We're Bynder's Security team: pragmatic, sharp, and relentlessly focused on enabling secure growth. We favor automation over repetition, integrations over point solutions, and smart security design over checkbox compliance.
You'll report directly to the VP Information Security and work alongside an Associate Security Engineer who brings strong application security and tooling chops. Together, you'll cover the full security stack: AppSec, cloud, detection, and governance across a modern, cloud-native SaaS platform used by thousands of brands worldwide.
Security at Bynder is a team sport. We work hand-in-hand with Platform teams, engineering, and business stakeholders to challenge assumptions, take calculated risks, and continuously raise the bar. It's how we scale securely, and it's part of how we win together.

What you'll do

* Plan and (help) execute penetration tests against web applications, APIs, and cloud infrastructure, and manage external pentest engagements including scoping, vendor coordination, and remediation tracking.
* Embed security across the full SDLC: leading threat modeling, security assessments, and vulnerability remediation in close collaboration with our engineering and product teams.
* Own and evolve our cloud security posture across our AWS environment, working with Wiz (CSPM, CNS, Code, AI Security) to drive risk prioritization, misconfiguration remediation, and shift-left security workflows.
* Champion security controls within our CI/CD pipelines, from IaC scanning and SAST integration to secure deployment practices, working closely with DevOps and development teams.
* Support security incident response, investigation, containment guidance, and post-incident review and help mature our detection and response workflows over time.
* Translate compliance requirements (SOC2, ISO 42001, GDPR) into concrete technical controls and act as a technical point of contact for customer security discussions, questionnaires, and enterprise onboarding.
* Conduct vendor and third-party security risk assessments to protect our supply chain and advise on emerging AI/ML security risks as these technologies become more deeply embedded in our product.
* Share knowledge and raise the craft, you'll naturally become a technical anchor for your teammate and a collaborative voice across engineering on what good security looks like in practice.

What you bring

* 3-7 years of hands-on experience in application security, cloud security (AWS), or a broad security engineering role.
* Proven experience conducting penetration tests on web applications, APIs, and/or cloud environments, with a solid grip on OWASP Top 10 and common vulnerability classes.
* Solid understanding of AWS security: IAM, VPC design, cloud-native architecture and a clear intuition for what secure cloud infrastructure looks like.
* Familiarity with application security testing tools (SAST, DAST) and a practical understanding of DevSecOps: you know where to plug in and how to make it stick with developers.
* Strong communication skills, you can explain security risks clearly to both engineers and non-technical stakeholders, and you don't default to "no" when there's a smarter path forward.
* A growth mindset and genuine curiosity, you're comfortable operating across domains, actively building skills you don't yet have, and you see a broad scope as an opportunity, not a burden.

Bonus points if you…

* Have hands-on experience with Wiz, or other CSPM/CNAPP platforms.
* Hold an offensive security certification (OSCP or similar) or have contributed to bug bounty programmes.
* Have experience with AI/ML security risks and frameworks (OWASP LLM Top 10, MITRE ATLAS).
* Write security scripts, tinker with tools, or keep a personal GitHub with automation or research projects.
* Have experience with Terraform or IaC security scanning.
* Have hands-on experience with Kubernetes and container security.
* Are familiar with common programming languages (e.g. Python, Java, Scala) and can read and reason about code to support security reviews

What's in it for you?

* A flat organization where your ideas matter and your impact is tangible: you won't be waiting for sign-off to make things better.
* Real breadth and ownership across a modern, cloud-native security stack across a high-growth SaaS platform.
* A clear growth path, we invest in people who step up, and this role has room to evolve as you do.
* Flexibility to work from home, with weekly office time in Rotterdam and Amsterdam.
* Competitive salary and benefits.
* Unlimited vacation policy.
* Apple gear, daily lunch, and team events organized by our legendary Fun Force.

If you don't tick every box but you're the kind of person who figures things out, speaks up, and raises the standard around you we'd still love to hear from you.

Our Commitment:
Bynder Love is the principle that guides the way we grow our teams, support our employees, and celebrate our differences. At Bynder we strive to create a culture that embraces every Byndie because differences in background, experience, and perspective make Bynder even better. At Bynder a diverse, inclusive, and equitable workplace is one where all employees, whatever their ethnicity, color, sex, age, religion, disability, sexual orientation, gender identity, national origin, or physical and mental ability are valued and respected. Our commitment is for all Byndies to have the freedom to be their true authentic selves.
Just as we are never finished innovating, Bynder's commitment to being An Even Better Bynder is a constant, evolving commitment that includes education, listening, and action.

#LI-Hybrid #LI-MF1