• Lead and advise Gartner clients on cybersecurity across products and services • Create and deliver strategic and tactical advice and research content • Collaborate with analysts and service delivery associates to deliver insights • Conduct case-based insights by interviewing executives and researching literature • Provide actionable advice on complex client challenges • Represent Gartner insights and strategy • Research and analyze market trends • Lead internal projects and drive decisions on complex issues

• Embed robust security practices throughout the software and AI development lifecycle (SDLC). • Lead secure design reviews, threat modeling, and risk assessments for AI-driven products, APIs, and backend services. • Partner with engineering and product teams to ensure security, privacy, and compliance by design. • Build and maintain security automation and governance frameworks that integrate seamlessly into development workflows. • Architect and enforce security controls for AI/ML systems, including model training, data pipelines, and inference environments. • Identify and mitigate AI-specific attack vectors such as data poisoning, model inversion, prompt injection, and model theft. • Collaborate with governance and compliance teams to align with ethical AI principles and frameworks like NIST AI RMF and the EU AI Act. • Implement model provenance, integrity, and auditability controls to ensure responsible and secure AI operations. • Partner with DevOps and SRE teams to secure service meshes, container networking, and secrets management. • Drive software supply chain security, including artifact integrity, dependency management, and vulnerability reduction. • Build internal frameworks for continuous assurance and real-time vulnerability management. • Define and maintain reference security architectures for microservices, APIs, and AI-powered systems deployed in the cloud. • Mentor teams on secure coding, containerization best practices, and AI risk management. • Promote a security-first culture through advocacy, documentation, and training. • Represent product security in cross-functional initiatives and leadership discussions.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description As a Senior Security Engineer (d/f/m), your responsibilities will include: - Architecting our technical security operations while supporting the general growth and maturity of our information security program. - Driving the implementation of a SIEM, including log ingestion, tuning, and general log/evidence integration across a broad range of product and enterprise technologies. - Detecting, investigating, and resolving security events and incidents to continuously minimize impact and recovery time. - Leading the technical IR lifecycle (including our product) as the Incident Commander, conducting forensics and comprehensive post-incident analysis. - Creating and maintaining comprehensive incident response runbooks and automated response processes to continuously mature the IR program. - Assisting with the broader security posture through code reviews, implementing technical controls, and building checks into our CI/CD pipeline. Qualifications - 5+ years of experience as a product-facing SOC Analyst, Incident Responder, or Security Engineer (or equivalent) in a SaaS/E-commerce environment. - Proven ability to act as Incident Commander in the technical IR lifecycle—preferably for a SaaS/E-commerce product with high uptime and resilience requirements—leading forensics and driving SIEM implementation and tuning. - A proven track record of taking end-to-end ownership in a fast-paced environment, building processes from the ground up, and constantly adjusting to technological and organizational change. - Proficiency in any programming language for scripting, security tooling development, and automating GRC evidence collection. - A Bachelor's or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a closely related technical field. Requirements - Proficiency in Terraform for securing infrastructure, combined with hands-on experience in integrating security testing. - Experience with preventing “rent-seeking” attacks like cybersquatting, sneaker bots, scalping, or grinch bots. - Experience in executing Red Team operations and/or penetration testing, with the ability to effectively collaborate with development teams to drive the remediation of software vulnerabilities. Benefits - We scale sustainably on a profitable, VC-backed foundation with true product-market fit. - Collaborate with over 160 dedicated professionals, including leaders from Google, Slack, and Salesforce. - We’re a diverse, merit-driven team spread across six global offices. - Consistently ranked among the fastest-growing scale-ups in Europe. - Work alongside some of tech’s brightest minds — from Forbes 30 Under 30 founders to Executive of the Year award winners.

• Define the vision and roadmap for Nebius’ security products. • Owning the ideation, postmortem, prioritization, backlog, and customer feedback processes. • Guiding new features, systems and services from inception to launch, while keeping customers at the center of everything. • Lead public-facing communications around security updates or changes in compliance status. • In the event of a security incident, coordinate user messaging (email notifications, press releases, FAQs) with support from the Head of Security Products and CISO. • Gather user feedback on user experience and security to guide continuous improvements. • Conduct ongoing research on industry benchmarks, emerging security standards and technologies, and competitor certifications. • Identify gaps and opportunities in organization’s product security posture; propose strategic initiatives that differentiate the company’s security story in the market. • Stay informed about new regulations or frameworks that may influence future product certifications or transparency requirements (e.g., privacy laws, data sovereignty standards). • Collaborate with the CISO office to gather technical evidence or make necessary product enhancements that satisfy certification requirements. • Take ownership of some security-related services of Cloud platform. • Track and maintain a certification roadmap (ISO 27001, SOC 2, HIPPA, etc.), working closely with CISO, GRC & Compliance, Corporate Security departments. Communicate timelines, goals and status updates to leadership and sales representatives. • Coordinate with multiple Product Managers to align security goals with other product roadmaps, ensuring a consistent narrative between product security and external messaging. • Work with Platform Security, GRC & Corporate Security and legal teams to gather essential information for security products enhancements (e.g., penetration test summaries, compliance reports). • Work with Customer-facing teams to address client inquiries about security posture and guide them on using security features optimally.