Dive deeper. Aim higher.
At Abysalto, that’s not just a motto — it’s how we work. We build serious tech for a variety of clients, but we keep things simple, fast, and focused. We’re a team driven by determination, expertise, and courage — and we’re looking for someone who shares that mindset. Someone ready to take ownership, solve real challenges, and make an impact where it matters. Ready to dive in? Join us as a Senior Product Security Incident Response Engineer!
🔷What you will do?
- Manage the intake, analysis, and resolution of security vulnerabilities and incidents
- Coordinate security incident response activities in collaboration with development, DevOps, QA, and security teams
- Define and continuously improve vulnerability management processes
- Communicate with external vulnerability reporters, partners, and regulatory bodies
- Ensure the timely publication of security advisories
- Monitor relevant security standards (ISO 27001, ISO 29147, ISO 30111, NIST, CVSS, CWE) and regulations (NIS2/ZKS, CRA, CSA, GDPR)
- Prepare security incident reports and manage related metrics
- Educate internal teams on security practices and procedures
🔷What we expect from you?
- Several years of experience in information security, with a focus on incident response or vulnerability management
- Experience leading teams or coordinating cross-functional initiatives
- Good understanding of application, network, and infrastructure security
- Deep understanding of common vulnerability classes (OWASP Top 10, CWE Top 25) and exploitation techniques
- Knowledge of standards and regulatory frameworks such as NIST, OWASP, NIS2, the Cyber Resilience Act (CRA), GDPR, ISO/IEC 27001, ISO/IEC 29147, and ISO/IEC 30111
- Experience with vulnerability tracking tools and ticketing systems
- Excellent communication and organizational skills
- Experience working under pressure, including crisis communication and managing multiple parallel incidents
- Professional working proficiency in English
🔷Nice to have
- Certifications such as CISSP, CISM, GCIH, or similar
- Experience working in a PSIRT or similar security teams
- Knowledge of coordinated vulnerability disclosure processes, with hands-on experience in CVSS scoring and the CVE process
- Experience with reverse engineering, penetration testing, or exploit development
- Experience working with SBOMs (CycloneDX, SPDX) and tools such as Dependency-Track
- Experience with cloud security and container security
🔷What we offer?
- Work in an experienced and encouraging team
- Continuous professional development through training and conferences
- Flexible working hours with the option of hybrid work
- Work in an agile environment following SCRUM methodology
- Pleasant and relaxed work environment with various perks (top-quality Herman Miller Aeron chairs, high-end equipment, discounts with partner companies)
- All perks and benefits can be found on our career page
We solve complex technological challenges in order to simplify and improve everyday lives of millions of people. Our goal is to become a leader in the software industry, recognized for excellence and quality.
If you're ready to shape what’s yet to be — send us your CV.
Apply via the link below.
We look forward to meeting you!