Senior Platform Security Engineer (100% remote-friendly within Poland)

The Internal Platform is a pivotal foundation that accelerates product development by providing a reliable, scalable, and self-service ecosystem. It supports the entire software lifecycle and is meticulously tailored to meet the organization’s technological needs and strategic direction. 

The platform enables development teams to operate autonomously in 80% of cases, reducing dependency on the Internal Platform team, and ensuring that compliance, security, and business continuity are integrated across the entire platform - defending general reliability of services, and data integrity.

Overall, a platform engineering team plays a critical role in ensuring a company's technology infrastructure is reliable and scalable.

The Internal Platform team consists of 34 people including 27 individual contributors 2 Staff Engineers, 4 Engineering Managers and Head of Internal Platform. The team is organized in a way to efficiently address Stakeholders needs.

What are the challenges in the team?

• Platform Security is a team within the Internal Platform. The team is a first point of contact for the Global Security Team. The team is responsible for security and integrity of the underlying infrastructure that supports the organization, safeguarding the platform from potential vulnerabilities, threats, and attacks. 

• Developing and maintaining tools for Global Security in order to deliver vulnerability management platforms for application triaging and continuous compliance

• The complexity of the Docplanner organization: Docplanner is a complex organization with multiple teams working on various products and services. One of the main challenges for the platform security engineer is to understand and integrate the diverse technology stacks used by different teams. 

• Scalability and reliability of systems: As Docplanner grows and expands, the demand for the technology infrastructure also increases. The platform engineering team must ensure that the systems are designed to handle high traffic, are scalable, and secure

Who will you work closely with?

• Global Security – as the main external stakeholder for security initiatives. You’ll collaborate on platform compliance, risk management, and act as a technical point of contact during escalated incidents such as DDoS or abuse cases.
• PMS (Practice Management Systems) teams – to audit existing systems, support secure migration to the central platform, and interpret global security and legal requirements in the context of PMS implementations.
• Core Team within Internal Platform – by consulting on technical compliance, networking standards, and resolving misconfigurations or vulnerabilities detected across platform components.
• Experience Teams – by providing guidance on infrastructure-related application security topics, secure encryption practices, and collaborating on secure CSP integrations.
• Legal – to ensure alignment with data protection regulations, encryption standards, and locality requirements. You’ll use their insights to assess and improve the security posture of the platform.

How would you be impacting our mission?

• Making sure that our platform is compliant with the best industry practices and standards for security (ISO27001, C5, SOC2)

• Help us to introduce security on every step of our platform lifecycle

• Ability to vigilantly understand and mitigate security threats before they arise

• Optimize system scalability and cost efficiency

• Development, monitoring, and maintenance of Kubernetes clusters on several continents.   

• CI / CD development and maintenance.  

• Make sure that all of our services are deployed in a way that makes them highly available.  

• Fixing urgent issues and optimizing performance.  

• Support other team members in their daily work.