Staff/Lead Security Engineer (AppSec)

What we are buildingMimica's mission is to empower enterprises, teams, and individuals to reclaim their most precious resource — time and work more efficiently, with greater purpose and impact.Our AI-powered task mining observes employee actions across the desktop and categorizes them into detailed process maps. Mimica's process intelligence highlights inefficiencies, prioritizes improvements based on ROI, recommends the optimal technology for automation (RPA, intelligent document processing, GenAI), and provides a blueprint for building new automations and transforming work.About The RoleWe're a fast-growing Scale-up building up our security program from the ground up. As the new member of the InfoSec team, you'll own critical security initiatives end-to-end, working side-by-side with Engineers to harden our cloud-native SaaS platform and significantly raise our overall security posture.This is a high-impact, high-autonomy role perfect for a self-starter who enjoys building and deploying scalable security processes in a scale-up environment. Your manager will be the Head of InfoSec, and you'll have another Security Engineer as a peer.What You'll Do Day-to-DayLead the build-out and operation of core security capabilities: vulnerability management, patching, SIEM/logging, cloud security monitoring, and alert triage.Deploy, configure, and tune security tooling (scanners, WAFs, CSPM, SIEM, endpoint protection)Partner with engineering to build security at App or Cloud level, with developer experience in mind.Triage and assess vulnerabilities, drive remediation prioritisation, and reduce risk in a pragmatic yet rigorous way.Design and implement tactical incident-response playbooks and improve detection coverage.Periodically review major architectural changes and guide engineering on secure design trade-offs.Continuously improve processes so security scales as the company grows.Who We're Looking ForLead/Staff experience (typically 7+ years) in security engineering, AppSec or SecOps, with a strong preference for experience in startup or scale-up environments.Strong expertise in AppSec or CloudSecProven ability to independently deploy and manage cloud security solutions, especially in GCP (big plus), AWS, or Azure.Experience preparing for SOC2, ISO 27001, or FedRAMPDeep expertise in one or ideally several of the following: vulnerability management programs, cloud-native SIEM/logging, CSPM/CNAPP tools, IaC security, secure SDLC integration, and incident response.Strong communication skills - you can explain complex risks or trade-offs clearly to both technical and non-technical audiences.Nice to HaveOSCP, CISSP, or similar offensive/security certifications;Leading a security functionExperience in a successful startup/scale-upRecruitment StagesStage 1 | Recruiter Screen with Technical RecruiterStage 2 | Hiring Manager interview with Head of InfoSecStage 3 | Live Challenge - with the Sec + Engineering TeamStage 4 | Behavioural Interview - with Manager + CTO & Co-founderIf you've led a security function before, or ever thought "I could build a much better security program than what I'm seeing right now" - this is your chance.We are excited to meet you!What we offerGenerous compensation + stock options - aligned with our internal framework, market data, and individual skills.Distributed work: Work from anywhere - fully remote, in our hubs, or a mix.Company-issued laptop, remote setup stipend, and co-working budgetFlexible schedules and locationAmple paid time off, in addition to local public holidaysEnhanced parental leaveHealth & retirement benefitsAnnual learning & development budgetAnnual workaways and regular virtual & in-person socialsOpportunity to contribute to groundbreaking projects that shape the future of workNote : Some benefits may vary depending on location and roleMimica will only contact candidates from an @mimica.ai email address. We do not request banking or sensitive personal information during the recruiting process.#J-18808-Ljbffr