Security Administrator

We are the platform turning browsing into shopping.

We connect 200 million shoppers with deals they love while boosting local sales for hundreds of top retailers and brands. We help consumers save time and money while making smart shopping decisions, and we support retailers and brands in engaging customers from online research to in-store purchases.

Ready to spark your growth with us?

What you will find at Shopfully

- An opportunity to thrive in a rapidly scaling multinational company
- A vibrant, informal, and inclusive work environment
- We champion autonomy, flexibility, and a hybrid work model, empowering you to own your work
- Access to learning opportunities and regular feedback sessions
- Enjoy our central, modern offices featuring fresh snacks, coffee (including vegan options), and ergonomic setups
- Engage in meaningful team events: offsites, happy hours, company parties and celebrations that unite us beyond daily tasks
- We provide all the necessary equipment for you to work effectively and set up your workspace, wherever you are
- Benefit from additional country-specific advantages based on local contracts and practices

Your Point of ContactWho we look for

We are looking for a highly skilled and motivated Security Administrator to become the foundational member of our new cybersecurity team.

This is a unique opportunity to work directly with the Director of Information Security and play a key role in shaping and executing our cybersecurity strategy across the Flipp & Shopfully group. You will operate in a dynamic, fast-paced, and global environment, contributing to the creation of a mature and resilient security posture.

As an early and key team member, you will support a wide spectrum of activities and act as a strategic technical partner to the Director of Information Security, with the possibility to specialize further as the team grows.

Who we areWhat you will do

Technical Implementation & Operations

• Work closely with the CISO on the implementation and operation of core security tools and technologies (e.g., WAF, DDoS protection, security scanners, SIEM).
• Serve as the first point of contact (Tier 1) for user-reported security issues and incidents.
• Collaborate with engineering teams to troubleshoot and resolve vulnerabilities identified during penetration tests and security assessments.
• Contribute to the design and deployment of a Zero Trust security model and mandatory 2FA implementation.

Governance, Risk & Compliance (GRC)

• Support the creation and rollout of a unified Information Security Policy and related guidelines.
• Conduct security assessments and due diligence on third-party vendors as part of the Vendor Risk Management program.
• Collaborate with the Legal team on GDPR and DPO-related activities.

Application & Cloud Security

• Partner with engineering and product teams to integrate security into the secure development lifecycle (SSDLC).
• Promote secure coding practices and assist developers in remediating application-level vulnerabilities.
• Contribute to ongoing security assessments of our AWS cloud environment, including configurations, access controls, and overall security posture.

Strategic & General Security Tasks

• Support the execution of the overall cybersecurity strategy and roadmap in alignment with business objectives.
• Perform risk assessments and help prioritize initiatives using a risk-based approach.
• Act as a key partner to the CISO in day-to-day operations and special projects.

What you will need

• 7–10 years of hands-on experience in cybersecurity, ideally in fast-paced, high-growth, or startup-like environments.
• Proven experience in IT security, including securing and managing AWS cloud environments.
• Demonstrated experience in managing security processes, with exposure to both GRC and Application Security domains.
• Excellent communication and interpersonal skills, able to collaborate effectively with engineering, legal, product, and leadership teams.
• Strong problem-solving abilities, with a strategic mindset and the ability to execute tactically when needed.
• High sense of ownership, responsibility, and proactivity in addressing security challenges.
• Fluency in English; knowledge of Italian and/or German is a plus.
• (Nice to have) Bachelor's degree in Software Engineering, Computer Science, or equivalent practical experience.
• (Nice to have) Relevant security certifications such as CISSP, CISM, CCNA, or equivalent.

Nice to haveSalary range

€55,000 - €65,000 fixed gross salary per year.

Location

While we have an office in Milan, you can benefit from our flexible hybrid model, empowering you to work where you're most effective. Remote available from Italy.

---