Security Engineer

Who we are Helsing is a defence AI company. Our mission is to protect our democracies. We aim to achieve technological leadership, so that open societies can continue to make sovereign decisions and control their ethical standards.   As democracies, we believe we have a special responsibility to be thoughtful about the development and deployment of powerful technologies like AI. We take this responsibility seriously.   We are an ambitious and committed team of engineers, AI specialists and customer-facing programme managers.  We are looking for mission-driven people to join our European teams – and apply their skills to solve the most complex and impactful problems. We embrace an open and transparent culture that welcomes healthy debates on the use of technology in defence, its benefits, and its ethical implications.   The role Security Engineering at Helsing sits at the intersection of deep technical expertise, adversarial thinking, and real-world impact. You'll work across the full breadth of our technology — from cloud infrastructure to applications, identity systems, and products — identifying and reducing the security risks that matter most. The systems we build and the data we handle demand a security posture that is rigorous, adaptive, and deeply embedded in everything we do. You'll directly shape our ability to earn and maintain the trust of partners, customers, and the public, while ensuring our teams can build and ship with confidence. At Helsing, where the stakes of what we build are unusually high, this work is central to delivering on our mission responsibly. The day-to-day Identify, assess, and prioritise security risks across our systems, products, and infrastructure - distinguishing between theoretical concerns and material threats to the business Design and implement practical security controls across cloud platforms, applications, products, and data - and guide engineering teams in doing the same Develop and apply threat models to surface architectural risks, trust boundary issues, and failure modes before they become incidents Partner with engineering, product, and operational teams as a trusted security adviser - providing patterns, guidance, and guardrails rather than one-off approvals or blockers Contribute to the detection, investigation, and containment of security incidents, and drive systemic improvements from what we learn Reduce manual and reactive security work by building automation, improving tooling, and embedding secure-by-default practices into how we develop and operate systems Bring technical depth to assurance activities such as audits, certifications, and customer security reviews - ensuring our controls are real and effective, not just documented You should apply if you Have deep hands-on expertise in one or two security domains - such as application security, cloud security, identity and access management, cryptography, detection and response, or platform security - and can demonstrate genuine impact within them Think in terms of trust boundaries, failure modes, blast radius, and adversarial behaviour rather than individual vulnerabilities in isolation Can translate complex security risk into language that resonates with non-security stakeholders - engineers, product managers, and senior leadership alike - and influence outcomes without relying on authority Approach security with a risk-based mindset, making proportionate, well-reasoned decisions under uncertainty and consistently asking whether the work you are doing reduces material risk rather than simply satisfying a compliance requirement Have experience working across multiple teams and technical domains simultaneously, maintaining quality and judgement across contexts Have a track record of identifying gaps and driving security improvements to resolution, including in ambiguous or loosely scoped problem spaces Note: We operate in an industry where women, as well as other minority groups, are systematically   under-represented. We encourage you to apply even if you don’t meet all the listed qualifications; ability and impact cannot be summarised in a few bullet points. Nice to Have Experience working in or alongside regulated, high-assurance, or defence-adjacent environments where security requirements are complex and the consequences of failure are significant Hands-on offensive security experience - red teaming, penetration testing, or adversarial simulation - that informs how you approach defensive design and threat modelling Familiarity with security considerations specific to AI or machine learning systems, including model integrity, data pipeline security, or adversarial ML concepts Experience designing or contributing to security programmes at scale - security champions networks, secure development lifecycle tooling, or organisation-wide risk frameworks Background in cloud-native security engineering, particul