← All open roles
Engineering Remote Full-time

Security Engineer

Own FlowQi's internal security. VPNs, access control, infrastructure hardening — you're the last line of defence.

Security isn’t a department. It’s a mindset.

At FlowQi, security is everyone’s responsibility — but someone has to own it. That’s you. We run EU and global infrastructure, handle business-critical data for hundreds of companies, and operate in a fully distributed team. Security has to be rock solid without slowing anyone down.

This role is primarily internal security — infrastructure, access, networks, and the systems that keep everything safe. We’re not looking for someone who writes compliance reports. We’re looking for someone who actually knows how things break.

What you’ll own

  • VPN infrastructure and zero-trust network access
  • Identity and access management across our stack
  • Infrastructure hardening — servers, containers, cloud configs
  • Security monitoring, incident detection and response
  • Internal security policies that people can actually follow
  • Keeping us GDPR-compliant at the infrastructure level
  • Vulnerability scanning and patching across our stack
  • Secrets management — nothing should be in plaintext, ever

What we’re looking for

  • You’ve run VPN and network access infrastructure in a distributed team
  • You think in threat models — you know what attackers look for
  • IAM experience across cloud platforms and internal systems
  • You’ve done infrastructure security hardening in practice (not just theory)
  • GDPR / data residency at the infra level — you know what’s required
  • You automate security checks. Manual reviews don’t scale.
  • You communicate risk clearly without crying wolf

Strong plus

  • Experience in SaaS environments with multi-tenant data
  • Container and Kubernetes security
  • SIEM setup and tuning
  • Prior experience in a startup or scale-up — you know how to build security without bureaucracy

What you get

  • Fully remote — digital cloud nomad
  • Small team, direct access to the founders
  • You build it your way — we’re not inheriting anyone else’s mess
  • Competitive compensation

Don’t send a CV, send a story. What’s the most interesting security problem you’ve solved? What did the attacker do, and how did you stop them?

Sounds like you?

Drop us a line. We read every application personally.

💡 Skip the CV. Share your profiles and what you've built — that tells us far more.

Your profiles