Lead Security Software Engineer

Lead Security Software Engineer – High-Performance Platform

📍 Trondheim, Norway (Must be based in or willing to relocate)

TMS Technology is representing a leading engineering-led organisation that develops one of the world’s most advanced real-time data platforms. With over 1.7 million lines of production C++ and Java code, this open-source product is engineered for extreme performance, scalability, and reliability at global scale.

We are looking for a Lead Security Software Engineer with the ability to combine a pragmatic approach with deep technical expertise. This is not a compliance tick-box role. You will be the driving force behind embedding security into the product from the ground up, working closely with backend, frontend, and DevOps teams to protect both infrastructure and the vast data it processes.

What You’ll Be Doing

• Reviewing, hardening, and securing code, infrastructure, and deployment pipelines.
• Designing and implementing security controls for high-performance, large-scale distributed systems.
• Leading threat modelling and risk assessment activities.
• Building monitoring, logging, and incident response processes to ensure security visibility.
• Working with developers to embed security into every stage of the development lifecycle.
• Staying ahead of evolving threats, vulnerabilities, and compliance requirements.

What We’re Looking For

• Proven experience in application and infrastructure security for large-scale production systems.
• Strong understanding of security in Linux-based environments.
• Hands-on experience with secure coding practices and vulnerability remediation.
• Familiarity with cloud platforms such as AWS, GCP, or Azure, and containerised environments such as Docker or Kubernetes.
• Experience with CI/CD security, code analysis tools, and penetration testing.
• Excellent communication skills to influence and educate engineering teams.

Security Tech Stack:

• Tooling and practices for SAST, DAST, container security scanning, Kubernetes security policies, SIEM, and IAM in cloud-native environments.
• Familiarity with OWASP Top 10, Zero Trust Architecture, threat modelling, secrets management, and encryption best practices for distributed, high-performance systems.

Nice to Have

• Experience securing open-source products or contributing to security-focused OSS projects.
• Familiarity with high-performance or low-latency systems.
• Understanding of compliance frameworks relevant to global SaaS products.

Why This Role Is Different

• Secure a platform trusted worldwide for mission-critical workloads.
• Operate at the intersection of security, engineering, and open source.
• Join a small, highly skilled team where your technical decisions have immediate, visible impact.
• Competitive salary with relocation support to Trondheim
• Flexible working arrangements, on-site or hybrid
• Direct influence over security strategy and product direction