Cybersecurity Engineer
Protect and accelerate growth at XTEL as a hands-on Cybersecurity Engineer — own vulnerability mgmt, secure SDLC, and Azure security in a collaborative, growth-forward team.
We usually respond within a month
About XTEL
XTEL is a leader in advanced, AI-driven solutions for consumer goods companies, combining cutting- edge technology, industry expertise, and data management to accelerate profitable revenue growth and value realization.
Position Overview
XTEL is hiring a Cybersecurity Engineer to strengthen XTEL’s security posture across our platform, applications, and Microsoft environment. You’ll join a growing Security & Compliance team that already maintains a mature compliance foundation (ISO 27001:2022, SOC 2 Type 2, SOC 1 Type 2, ISAE 3402) and an established GRC function, alongside a managed SOC, an IT team, and a Cloud Operations team.
This is a very hands-on role where you’ll lead vulnerability management, work with Engineering and Product to embed security into the SDLC, partner with IT & Cloud Operations to continuously harden our Microsoft environments, and drive triage and remediation of issues surfaced by our SOC. Because you’ll work alongside existing IT, Cloud Operations, and GRC capabilities, success depends on collaboration and influence as much as technical depth.
The ideal candidate must be proactive and self-directed: actively seeking out opportunities to improve security across the organization and able to operate effectively with limited guidance and oversight.
Key Responsibilities
Vulnerability management. Own intake, triage, risk-based prioritization, remediation tracking, validation, SLAs, and reporting across our Azure environments (dev, test, prod, and customer-facing) and the development pipeline.
Secure SDLC & CI/CD. Partner with Engineering, Product, and QA to continually improve secure development practices:
Pipeline security and security gates in CI/CD.
SAST, DAST, IAST, dependency/software composition (SCA), and code scanning.
Secure code review practices, threat modeling, and security requirements in design.
Microsoft environment hardening. Work continuously with IT to further secure infrastructure - identity and access management, endpoint protections, M365 controls, and configuration/hardening baselines.
SOC-driven remediation. Coordinate and drive triage and remediation for alerts, incidents, and vulnerabilities reported by XTEL’s SOC, including root cause follow up.
Penetration testing. Coordinate external penetration tests (scope, execution support, findings management, retesting and closure), and conduct internal testing.
Patch management. Support patch management processes and verification in partnership with IT and Cloud Operations.
Cloud security partnership. Partner with Cloud Operations on Azure security architecture, secure-by-design patterns, CSPM, secrets management, and network security.
Compliance & audit support. Support security audits and continuous compliance (ISO 27001, SOC 1, SOC 2 Type 2, ISAE 3402), including evidence collection and control improvement.
Cross-functional enablement. Translate security findings into clear, actionable guidance for engineers and into evidence and inputs for the GRC function.
Continuous improvement. Proactively identify and act on opportunities to raise the security bar across the organization.
Qualifications
Experience: 3+ years in cybersecurity engineering, security operations, DevSecOps, or security-focused IT (cloud-native SaaS experience strongly preferred, ideally on Azure).
Vulnerability management: Proven track record running vulnerability management beyond scanning - prioritizing and driving remediation to closure across teams.
Application & SDLC security: Working knowledge of AppSec and SDLC controls (CI/CD security, SAST/DAST/IAST/SCA, secure code review) and the ability to embed security without slowing delivery.
Microsoft environment: Hands-on experience securing Microsoft environments (Entra ID, Intune, Conditional Access, endpoint protections, M365 controls).
Cloud security: Working knowledge of Azure security services and cloud security posture management.
Self-direction: Ability to work independently, set priorities, and build or mature programs in a lean environment with limited guidance.
Communication & ownership: Strong communicator who can drive work and build trust across Engineering, Product, Cloud Operations, IT, and Compliance.
English: English proficiency
Nice to have:
Familiarity operating within an ISO 27001 / SOC 2 environment and supporting audits.
Experience with infrastructure-as-code and securing CI/CD at scale.
Hands-on penetration testing or offensive security experience (e.g., OSCP).
Experience with compliance automation tooling (e.g., Drata).
Relevant certifications (e.g., GIAC, CISSP, AZ-500, SC-200, SC-300).
Who You Are:
Proactive and self-starting - you find work that needs doing and do it without waiting to be told.
Pragmatic and risk-based - you focus effort where it reduces the most risk and balance security with delivery.
Collaborative - you achieve outcomes through influence across teams you don’t manage.
Geographical Location:
EU
Open to remote or hybrid work arrangements
What We Offer
Hybrid or full remote working set-up 🏡
Flexible working hours;⌚
Competitive Salary Package and Bonus scheme;💸
A challenging role in a fast-growing AI-driven company; 🪄
A diverse and international team with strong ownership and a can-do mentality.🌏
Opportunities to contribute meaningfully to the organization’s growth and development.🚀
Equal Opportunities Statement
If you have strengths to share, we’d love to hear from you. We value diverse backgrounds and experiences, so don’t hesitate to apply even if you don’t meet all criteria.
XTEL is an equal opportunity employer and values diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment.
- Department
- Infrastructure & IT - Compliance
- Role
- Cybersecurity Specialist
- Locations
- Europe - Remote
- Remote status
- Hybrid
- Employment type
- Full-time
About XTEL
XTEL is a leading global SaaS enterprise software provider,delivering a mission-critical, cloud-native, and AI-first revenue management platform across augmented AI data management, trade promotion management, advanced AI analytics, assortment, and retail execution. The company is disrupting a multi-billion-dollar global market that is expected to grow at a double-digit annual rate through 2030.
Founded in 2015, XTEL supports more than 400 global mega brands in the CPG sector, managing over €100 billion in annual trade spend through its AI-enabled platform, with the US as its largest market. XTEL is building its AI agentic framework for the Revenue Management platform in partnership with Microsoft and Copilot. XTEL has $100m of topline and is delivering accelerating profitable growth of 50%+.
Backed by Bain Capital, XTEL has demonstrated strong momentum in product innovation and global expansion since becoming a standalone entity in 2023.