Security Engineer (Threat Detection)

At Helmes, our lean security team protects software development operations across Estonia, Latvia, Lithuania, and Poland — and we’re now looking for a Security Engineer to join us.

You’ll work hand-in-hand with the CISO, with significant autonomy in your daily work.

Your contribution to the team:

• Threat detection, hunting and incident response across Microsoft Sentinel, Defender and other platforms
• Security analytics - KQL queries, custom detection rules, automation workflows
• Forensic investigations spanning endpoints, cloud infrastructure, and network traffic
• Security architecture design and development
• Collaboration with development teams on application security

We’d love to hear from you if you have:

• SOC or security engineering experience
• Knowledge of AD/Entra, Azure, SIEM platforms, EDR tools
• Strong scripting ability (KQL, Python, PowerShell, Bash or similar)
• Experience with security automation and Logic Apps/playbooks
• Clear technical communication
• Strong self-management and autonomous work capabilities
• Fluent Estonian and English

It’s useful if you also have experience with Windows, MacOS and Linux security features and architecture, NDR platforms, OAuth/OIDC security, and software development.

If you don’t meet every requirement, we still encourage you to apply — we value potential, curiosity, and a willingness to grow.

What is in it for you?

• Small team, high impact and visibility
• Minimal bureaucracy, agile decisions
• Lots of freedom and responsibility
• Varied work – mix of operational security and strategic projects
• Fully transparent salary and career model
• Healthy work-life balance with flexible hybrid working options
• Supplementary health insurance
• Opportunities to engage in a variety of sports, including volleyball, football, and badminton, along with sports compensation
• Participating in enjoyable team events, hikes, and other engaging activities at Helmes e.g. Helmes Summer Days, New Year Gala