Software Security Engineer

About Tidalis
Do you want to be part of our innovative engineering team that helps protect “The Great Barrier Reef”, make our waterways safer and more secure and optimize the efficiency of the world’s largest ports? Then keep reading! We serve clients around the globe with advanced solutions in the areas of maritime traffic, ports, and terminals. Together, we ensure the safe and efficient movement of people and goods in the maritime world.

Your Role
As a Software Security Engineer at Tidalis, you will take ownership of ensuring security is embedded early in the software development lifecycle. Your primary responsibility will be to implement security best practices, perform code reviews, and work closely with development teams to identify and resolve security vulnerabilities. You will play a key role in shifting left to address security concerns during the development process rather than as an afterthought. You’ll collaborate with cross-functional teams to ensure that security is integrated from design through deployment, ensuring that our software is secure, scalable, and resilient to threats.

What will you do?

• Integrate security into the SDLC, ensuring vulnerabilities are identified and mitigated early.
• Conduct security code reviews, advising developers on secure coding practices and identifying potential vulnerabilities.
• Work with engineering teams to implement security testing, including static analysis, dynamic analysis, and penetration testing.
• Develop and promote secure coding guidelines and best practices for the entire engineering organization.
• Collaborate with product and engineering teams to ensure security requirements are understood and implemented from the outset.
• Stay up to date with the latest security threats and vulnerabilities, ensuring the team is proactive in addressing emerging risks.
• Work on security automation in CI/CD pipelines to detect and resolve vulnerabilities earlier in the development cycle.
• Participate in incident response and post-mortem analysis to improve security practices.
• Advocate for the implementation of security-focused tooling (e.g., SAST, DAST, IAST).
• Support security training initiatives for developers to improve security awareness across the organization.

What do you bring?

• 3+ years of experience in software security engineering or a related field.
• Strong knowledge of secure software development practices, OWASP Top 10, and common security vulnerabilities (e.g., SQL injection, cross-site scripting).
• Experience with static and dynamic analysis tools (e.g., SonarQube, Checkmarx, OWASP ZAP).
• Familiarity with security automation tools and processes in CI/CD
• Experience with cloud security, particularly in AWS, Azure, or GCP
• Knowledge of authentication and authorization mechanisms (OAuth, OpenID Connect, SSO).
• Experience in conducting penetration testing and vulnerability assessments.
• Understanding of network security concepts (firewalls, VPNs, DNS, etc.).
• Strong programming skills in one or more languages such as C#, NET, Python, Java, Go.
• Excellent communication skills, with the ability to work collaboratively with engineers and non-technical stakeholders.
• Fluent in English (spoken and written). Dutch fluency is a plus.
• Knowledge of security standards and levels like ISO27001, IEC 62443, ABDO, BIO, NIS and/or CSIR is a plus.

What we offer?

• A competitive salary aligned with your experience and seniority.
• 27 vacation days plus collective leave between Christmas and New Year.
• A premium-free pension plan to increase your net income.
• An annual internet allowance of €250.
• A vitality bonus of €260 per year.

Excited?
Send your CV and a motivation letter to jolijn.hamers@tidalis.com and tell us why you’re the perfect fit for our team! If you have questions about the position, feel free to reach out. We look forward to hearing from you!