Platform Security Engineer

About Nintex:

At Nintex, we are transforming the way people work, everywhere.

As the global standard for process intelligence and automation, we're trusted by over 10,000 public and private sector organizations across 90 countries. Our customers, from industry giants like Amazon, Coca-Cola, and Microsoft, rely on the Nintex Platform to accelerate their digital transformation journeys by managing, automating, and optimizing business processes quickly and efficiently. We improve their lives through the technology we build.

We are committed to fostering a workplace that supports amazing people in doing their very best work every day. Collaboration is constant, our workplace is fun, the environment is fast-paced, and we value our people’s curiosity, ideas, and enthusiasm. Driven by passion and accountability, we take initiative, measure progress, and deliver results. Our culture fosters innovation and problem-solving, fueled by curiosity and a commitment to thinking big. Together, we move with agility, prioritize customer needs, and build unity through empathy, leaving a positive impact wherever we go.

Working in engineering:

Working at Nintex as an engineer means building more than just software; it’s about making a tangible impact with every line of code. Our engineers are process experts, developing the industry’s most complete process and automation platform to transform the way people work. If you’re interested, curious and want to learn and do more, the sky is the limit here. We take a solutions-oriented and collaborative approach, constantly innovating our business and products.

About the role:

As a Platform Security Engineer, you are a developing security professional building expertise in securing cloud-native infrastructure, container platforms, CI/CD pipelines, and product services within the Platform Engineering organization. You take ownership of moderately complex security tasks with increasing autonomy while receiving guidance on architectural decisions and strategic direction. Your focus is the security posture of our platform and product infrastructure — the container orchestration layer, service mesh, observability stack, CI/CD pipelines, and cloud infrastructure that engineering teams build and deploy on.

You implement and maintain security controls, build standardized security processes for engineering teams (vulnerability management, production security checks, secure build pipelines), support penetration testing and SOC operations for the product environment, contribute to compliance-related activities from the product security perspective, and help embed security practices into the developer experience through tooling and documentation.

You are building depth and maturity in infrastructure security, application security, and shift-left practices needed to progress toward a senior platform security role.

Your contribution will be:

• You implement and maintain security controls across the platform, including container orchestration security policies, network segmentation, role-based access controls, and admission control mechanisms.
• You manage container image scanning and enforce image policies in CI/CD pipelines and cluster admission, ensuring only vetted and signed images reach production environments.
• You support infrastructure-as-code security scanning using policy-as-code tooling, flagging and remediating misconfigurations in infrastructure definitions before they reach production.
• You maintain and improve secrets management workflows, ensuring rotation policies are enforced, access is audited, and no secrets are hardcoded or exposed in source code or configuration.
• You support cloud security posture management across cloud environments, monitoring for drift, misconfiguration, and compliance deviations against established baselines.
• You support service mesh security configuration including mutual TLS enforcement, authorization policies, and traffic policies that enforce zero-trust communication between platform services.
• You contribute to tenant isolation and access control configuration for shared platform services, ensuring appropriate segmentation between teams and environments.
• You conduct vulnerability assessments of platform and product infrastructure components, coordinating remediation with SRE, Platform Engineering, and product service teams.
• You maintain a vulnerability tracking system and produce regular reporting on security posture, remediation velocity, and risk trends for engineering leadership.
• You implement and maintain security gates in CI/CD pipelines including dependency scanning, static application security testing (SAST), software composition analysis (SCA), and container image scanning.
• You participate in security incident response for platform and product-related events, supporting investigation, containment, evidence preservation, and documentation under guidance from the Senior Platform Security Engineer.
• You support compliance-related activities from the product security perspective, providing evidence, documentation, and technical validation for audits and assessments (SOC 2, ISO 27001, CIS Benchmarks) without owning the compliance program itself.
• Vulnerability report generation, security posture dashboards, and remediation workflow tooling.
• You contribute to security reviews for infrastructure and product changes, providing feedback on pull requests and architecture proposals from a security perspective.
• You explain security concepts and requirements to engineering teams, empowering them to build securely and understand the rationale behind security controls.

To be successful, we think you need:

Minimum Requirements:

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, Engineering, or related field; or equivalent combination of education and experience.
• 2+ years of professional experience in security engineering, infrastructure security, DevSecOps, application security, or related field.
• Hands-on experience with at least one major cloud platform (Azure or AWS).
• Working knowledge of container orchestration security concepts in Kubernetes: pod security, role-based access control, network policies, admission controllers.
• Experience with infrastructure-as-code tools and understanding of how to secure IaC workflows.
• Understanding of CI/CD pipeline security: dependency scanning, SAST/SCA integration, artifact integrity.
• Understanding of security frameworks and compliance standards (SOC 2, ISO 27001, CIS Benchmarks, OWASP).
• Proficiency in scripting (Python, Bash, Go, or PowerShell) for security automation and tooling.
• Proficiency with programing languages ( C#, Javascript/Typescript).
• Experience with or exposure to penetration testing concepts, vulnerability management workflows, and security incident response.
• Strong communication skills with the ability to explain security findings and build standardized processes that engineering teams adopt. GitHub and/or Azure DevOps pipelines

What’s in it for you?

Nintex has a hybrid working model, enabling us to build culture, learn, and grow together. We intentionally connect and collaborate, while emphasizing flexibility with a blend of at-home and in-office work. This role is a hybrid role in our local Nintex office.

While our offerings differ from country to country, we offer our entire global workforce an array of exciting perks and benefits, including

• Global Gratitude and Recharge Days
• Flexible, paid time off policy
• Employee wellness programs and counseling resources
• Meaningful peer recognition and awards
• Paid parental leave
• Invention/patenting assistance
• Community impact, paid volunteer time, and opportunities
• Intercultural learning and celebration
• Multiple tools through which to learn and grow, and an incredible global community

View more about our benefits here: https://www.nintex.com/wp-content/uploads/2023/01/Global-Perks-and-Benefits.pdf.

Equity Statement: Preference will be given to People Living with Disability who are members of the designated groups in line with the Employment Equity Plan and Targets of the Company.