Senior Security Solutions Engineer

Why work at Nebius
Nebius is leading a new era in cloud computing to serve the global AI economy. We create the tools and resources our customers need to solve real-world challenges and transform industries, without massive infrastructure costs or the need to build large in-house AI/ML teams. Our employees work at the cutting edge of AI cloud infrastructure alongside some of the most experienced and innovative leaders and engineers in the field.

Where we work
Headquartered in Amsterdam and listed on Nasdaq, Nebius has a global footprint with R&D hubs across Europe, North America, and Israel. The team of over 800 employees includes more than 400 highly skilled engineers with deep expertise across hardware and software engineering, as well as an in-house AI R&D team.

We are seeking a Senior Security Solutions Engineer with a strong background in strategic solution evaluation, vendor assessment, and hands-on Proof-of-Concept (PoC) validation. This role is a crucial bridge between identifying customer security requirements and implementing best-in-class, enterprise-grade solutions. You will be responsible for defining the criteria, researching the market, and executing technical validation for all major security tooling and services adopted by the company. 

Key responsibilities: 

1. Strategic Research & Requirement Definition 

• Threat-to-Solution Mapping: Proactively analyze customer expectations, regulatory/compliance drivers, and threat models to define precise functional and non-functional requirements for new security solutions. 
• Market Analysis & Scouting: Conduct thorough market scans to identify cutting-edge security products, platforms, and vendors across key domains (e.g., CSPM/CNAPP, DLP, IAM/IGA, EDR/XDR, data security, Kubernetes security, and AI/ML security). 
• Vendor Due Diligence: Evaluate potential vendors based on technical capability, security posture, integration requirements, roadmap, data residency/compliance, and support quality, and shortlist candidates for the PoC phase. 

2. Technical Validation & Proof-of-Concept (PoC) Leadership 

• PoC Planning & Design: Develop detailed, objective, and threat-aligned test plans and success criteria for all security solution Proof-of-Concepts (PoCs), including quantitative success metrics, coverage of key attack scenarios, and opportunities for automation. 
• Hands-on Environment Setup: Independently architect and deploy isolated PoC environments that accurately simulate our production infrastructure (e.g., setting up cloud VPCs, Kubernetes clusters, integrating with test data via IaC, and mimicking typical workloads). 
• Testing & Analysis: Execute security research methodologies within the PoC (e.g., simulating attack scenarios, conducting deep feature validation, assessing false positive/negative rates) to rigorously test the vendor solution's effectiveness. 
• Artifact Generation: Document all findings, including technical performance data, integration challenges, security gaps discovered, and clear comparative analysis metrics. 

3. Decision Support & Communication 

• Recommendation & Insight: Deliver comprehensive, data-driven reports and compelling presentations to security and product leadership and engineering stakeholders, providing a clear recommendation for the optimal solution and vendor selection. 
• Integration Planning: Work closely with Security Engineering, Platform/Infra, and DevOps teams to ensure selected solutions are feasible to integrate, operate, and scale, and to hand off PoC learnings into implementation plans. 

Must-haves: 

• Experience: Minimum 6+ years in Security Engineering, Security Architecture, or a dedicated Security Research role focused on solution validation and vendor management. 
• Technical Depth: Deep understanding of modern cloud security principles (e.g., AWS/Azure/GCP security models, Kubernetes/containers, network segmentation, IaC scanning, least privilege, identity-centric security, confidential computing). 
• Programming and Automation - Strong scripting / programming skills (e.g., Python, Go, or similar) for automating PoCs, building test harnesses, and integrating tools via APIs and CI/CD pipelines. 
• Solutions Expertise: Proven, hands-on experience with the architecture, deployment, and testing of two or more enterprise-grade security tools (e.g., SIEM/SOAR platforms, Endpoint Detection and Response (EDR), Vulnerability Management, Secrets Management). 
• PoC Proficiency: Demonstrated ability to plan and execute complex technical Proof-of-Concepts, including setting up test environments and defining quantitative success metrics. 
• Soft Skills: Exceptional analytical skills with the ability to translate complex technical findings into clear business risk and strategic recommendations. Strong written and verbal communication. 

Nice-to-haves: 

• Experience in Cloud or Cloud-Heavy companies. 
• Experience in a compliance-focused industry (e.g., finance, healthcare, or cloud infrastructure) and familiarity with frameworks such as ISO 27001, SOC 2, or GDPR. 
• Advanced professional certifications such as CISSP, CCSK or relevant cloud certifications (e.g., AWS/GCP/Azure Security Specialty). 
• Experience contributing to security standards, open-source tools, talks, or publications.  

What we offer 

• Competitive salary and comprehensive benefits package.
• Opportunities for professional growth within Nebius.
• Flexible working arrangements.
• A dynamic and collaborative work environment that values initiative and innovation.

We're growing and expanding our products every day. If you're up to the challenge and are excited about AI and ML as much as we are, join us