Director Security Engineer | DevSecOps

As the Director of Security Engineering at Wellhub, you will lead the Information Security team in Portugal, focusing on protecting our subscription-based product that serves millions of users. This role involves driving application security, implementing DevSecOps practices, and overseeing security engineering across our ten product verticals. You will be instrumental in constructing the technical security strategy, architecting security solutions, leading threat modeling, and establishing secure development practices throughout our engineering teams.

Your key responsibilities will include defining architecture standards, security baselines, and secure coding guidelines aligned with frameworks such as OWASP ASVS, NIST SSDF, and BSIMM. You will architect and implement a comprehensive DevSecOps pipeline, integrating SAST, DAST, SCA, and container scanning across all CI/CD pipelines. Additionally, you will drive threat modeling practices, design a centralized security telemetry architecture, and lead the evaluation and implementation of security tools. Mentoring a team of 7-8 embedded DevSecOps engineers and owning the technical roadmap to improve detection and response times are also key aspects of this role.

The ideal candidate is a seasoned security engineer with extensive experience in application security, cloud security, or security engineering, including at least four years in a senior technical leadership role. You should have deep expertise in secure software development lifecycle (SSDLC), threat modeling methodologies like STRIDE and PASTA, and security architecture for distributed systems and microservices. Hands-on experience with security tools such as Checkmarx, Snyk, SonarQube, Burp Suite, OWASP ZAP, and SIEM platforms like Elastic, Splunk, or Sentinel is essential. Proficiency in cloud security (AWS and/or GCP), including IAM, VPC security, secrets management, and container orchestration security, as well as experience in building and scaling DevSecOps programs, is required.

Wellhub offers a comprehensive benefits package, including a free Gold+ membership with access to onsite gyms and studios, digital fitness programs, and online wellness resources. Employees can add up to three family members to their plan. Additional benefits include a complete emotional wellbeing program with personalized journeys and individual therapy sessions, health, dental, and life insurance, flexible work options, paid time off, paid parental leave, and career growth opportunities.

At Wellhub, we value a fulfilling, inspiring, and balanced work environment. Our team emphasizes wellbeing, collaboration, and diverse perspectives, encouraging passion and creativity to drive real impact. Joining Wellhub means contributing to a mission that shapes a healthier, more balanced world for millions globally.