Location: Amsterdam (hybrid) • Team: Product Engineering • Contract: Fulltime

Spadework is growing fast and our technical and security ambitions are high. That is why we are looking for a talented T-shaped professional who can strengthen our platform, secure our data and systems, and help drive our international expansion. Are you the builder and guardian we need?

Spadework is a fast-growing scale-up in Amsterdam that focuses on AI solutions for the recruitment industry. Our mission is to make recruitment smarter and more efficient through intelligent technology. We were founded two years ago, which means you work with a clean codebase and have the freedom to build security and features by design with the latest tools.

As a Cybersecurity Engineer / CISO at Spadework, you take on a unique hybrid role. You develop the platform while also taking strategic and hands-on ownership of our security and compliance.

You are responsible for vertical feature development in our React frontend and FastAPI backend. At the same time, you build our information security policy (ISMS) and our cloud security architecture in GCP from the ground up.

Your Responsibilities

This role combines two core domains:

As a Full Stack Developer:

• End-to-end Feature Development:

  You design, build, and implement new features. This includes work on the React frontend, FastAPI backend, and interactions with CockroachDB and Clickhouse.

• Technical Ownership:

  You take ownership of the features you deliver, including maintenance and optimization. You monitor performance and ensure the platform in GCP remains stable and scalable.

• Collaboration and Communication:

  You work directly with stakeholders such as the founders to clarify requirements. You translate functional needs into strong technical solutions and contribute to the roadmap.

As a Cybersecurity Engineer / CISO:

• Security Strategy and Architecture:

  You develop and manage the overall cloud security strategy and architecture for the Spadework platform in GCP.

• Policy and ISMS:

  You draft, implement, and maintain the information security policy (ISMS) and connected procedures.

• Risk and Compliance (GDPR):

  You translate technical risks and compliance requirements into clear action points for the founders and development team. You ensure that we remain demonstrably compliant.

• Hands-on Cloud Security:

  You secure the GCP environment, including VPC design, firewall rules, and IAM.

• DevSecOps:

  You set up and manage security tooling in the CI/CD pipeline (SAST/DAST) and handle vulnerability management.

• Security by Design:

  You collaborate closely with developers to apply secure coding and OWASP principles in both the React frontend and FastAPI backend.

• Risk Management:

  You own the risk management process and proactively identify, assess, and mitigate security risks.

• Incident Response:

  You build and manage security monitoring (SIEM) and act as the first point of contact and leader during security incidents.

Requirements

For this hybrid role in Amsterdam, we are looking for a pragmatic professional who enjoys taking ownership of both features and security.

• You have 1 to 4 years of experience in a relevant role such as Full Stack Developer, DevOps Engineer, or Security Engineer with strong development skills.

• You have solid experience with React and understand how to build modern, functional interfaces.

• You have backend experience or a strong ambition to grow into a full stack position. Knowledge of Python (FastAPI) is a significant plus.

• You have a serious interest in cybersecurity. You do not need to be an experienced CISO, but you should have hands-on experience or a clear vision of cloud security, compliance (GDPR), and DevSecOps.

• You communicate clearly and can explain technical decisions and risks to non-technical colleagues or clients.

• You work in a structured way, take initiative, and focus on solutions.

• Your education level is less important to us than your skills. Security certifications in cloud or governance are a plus.

• Experience with our stack (CockroachDB, Clickhouse, GCP, security tooling) is a strong advantage.

What You'll Find With Us

• Visible Impact:

  Our technology is gaining traction and we are scaling fast. The features you build will reach a large and growing audience.

• Real Ownership:

  You deliver features that drive our growth and build the full security foundation of the company.

• A Best-in-Class Toolkit:

  You work with powerful internal tools and a modern, agent-focused codebase so you can focus entirely on building value.

• An Ambitious Team:

  You work from a beautiful location in the heart of Amsterdam with a young, driven, and smart team that aims for international success.

• Clear Growth Opportunities:

  We invest in your development. You work closely with the founders and can grow into the leading expert in tech and security within Spadework.

• Salary:

  A gross monthly salary between 3,400 and 4,500 euros full time, depending on experience. Of course a company laptop is included.

Ready to Start?

Send your CV and preferably a portfolio to jobs@spadework.ai. No perfect CV? No problem. Show us what you have built and why you are the right match.