Security Engineer II - Sibros Technologies

About Sibros Technologies

Who We Are

Sibros is accelerating the future of SDV excellence with its Deep Connected Platform™ that orchestrates full vehicle software update management, vehicle analytics, and remote commands in one integrated system. Adaptable to any vehicle architecture, Sibros’ platform meets stringent safety, security, and compliance standards, propelling OEMs to innovate new connected vehicle use cases across fleet management, predictive maintenance, data monetization, and beyond.

Learn more at www.sibros.tech .

Our Mission

Our mission is to help our customers get the most value out of their connected devices.

Follow us on

LinkedIn | Youtube | Instagram

About the role: Job Title : Security Engineer II

Experience : 3 - 5 years

We are looking for a Product Security Engineer to drive end-to-end security across web applications, APIs, cloud systems, and emerging firmware layers. This role focuses on proactively identifying vulnerabilities, integrating security into the SDLC, and building scalable, automated security solutions using modern tools, including AI-driven technologies. You will work closely with engineering teams to ensure secure design, development, and deployment, while also exploring and strengthening firmware-level security as part of a holistic product security approach. What you’ll do:

• Web & API Security Testing: Perform manual & automated testing aligned with OWASP Top 10 (including API security).
• Code & Release Security Reviews: Continuously review code changes/releases and validate vulnerability fixes.
• Security Tooling & CI/CD Integration: Implement and manage SAST, DAST, and automated security scans in pipelines.
• API Discovery & Inventory Management: Discover, track, and maintain API inventory (including shadow APIs) with risk classification.
• Advanced API Testing: Perform API fuzzing, abuse-case testing, and identify business logic vulnerabilities.
• Cloud Security Management: Secure cloud environments using CSPM, CWPP, CIEM, and CNAPP; remediate misconfigurations and identity risks.
• Threat Modeling & Secure Design: Conduct STRIDE-based threat modeling and recommend secure architecture improvements.
• Security Automation & Optimization: Build automated security pipelines, enforce security gates, and enhance detection using AI and continuous tuning.
• Security Audit & Compliance Support: Provide technical evidence and documentation for internal and external security audits (e.g., SOC2, ISO 27001, PCI-DSS) to ensure continuous regulatory compliance and security assurance.

What you should know:

• Professional Tenure: 3-5 years of professional work experience in cybersecurity and application security.
• Application Pentesting: Hands-on experience performing comprehensive security assessments on Web and Mobile ap