How you make our customers happy
Every day, thousands of systems, applications, and analytical processes interact with highly sensitive datasets—from customer information to operational metrics to partner integrations. You help secure all of it.
You ensure that data is collected, stored, processed, transported, and deleted according to its value and associated risks, without slowing down the pace of innovation. You help design and build guardrails that engineers want to use because they are robust, automated, and aligned with how modern development teams work.
The biggest challenge
In a world where data moves freely between microservices, cloud providers, warehouses, and ML pipelines, the attack surface grows exponentially. Sensitive information is everywhere, and adversaries know it.
Your challenge: keep our data secure even when it is highly distributed, rapidly transforming, and consumed by an ever‑expanding ecosystem of applications and partners.
Think:
Classifying data by sensitivity at scale
Ensuring encryption at rest, in transit, and increasingly in use
Implementing data‑centric security controls, preventive, detective and if all else fails: responsive.
Protecting data in massively parallel analytics platforms
Securing ML feature stores and model inputs/outputs
Designing key management architectures that don’t become bottlenecks
Building cost effective detection logic on huge amounts of data that spots data leakage early
All while upholding close to 100% availability and supporting fast‑moving product teams.
What you do as a Data Security Engineer
In this role, you are the data protection security engineer inside our multidisciplinary security operations team.
You will:
Perform deep‑dive reviews of data flows and products, storage architectures, ETL pipelines, streaming systems, APIs, and cloud‑native data platforms part of GCP
Design and implement data security controls tailored to the value and sensitivity of the data (classification‑driven security).
Engineer end‑to‑end encryption strategies, including envelope encryption, HSM/KMS integrations, key rotation automation, and secrets management for high‑throughput systems.
Define and deploy tokenization, pseudonymization, masking, and data minimization controls—knowing when each is fit for purpose.
Contribute to state‑of‑the‑art detection engineering, spotting early‑stage data exfiltration attempts or misuse.
Work closely with data engineering, analytics, and ML platform teams to embed security into data everything we do.
Collaborate with cloud engineering teams on identity‑aware data boundaries, access controls, and dynamic authorization in complex, cloud native setups.
Make data‑security automation a default—CI/CD checks, IaC security patterns, automated classification, policy‑as‑code, and self‑service guardrails.
You work side‑by‑side with security engineers, data engineers, product teams, AI specialists to keep our data—and our platform—secure.
We have a lot to offer—no dull moments
Our security landscape changes fast. You’ll work with new technologies, evolving regulations, and increasingly advanced threat actors. You will have real ownership: we encourage experimentation, unconventional ideas, and engineering craftsmanship.
We follow the principle: “A good security engineer is manually lazy.”
If it can be automated, we automate it. That gives you more time for the hard, interesting challenges.
We love people who share knowledge, who aren’t afraid of failed experiments, and who help raise the maturity of others. Security shouldn’t slow innovation—it should enable safer and faster innovation, and you’ll play a central role in making that real.
Why you can make the difference
Because you’re a security engineer who lives and breathes data. You understand that not all data is equal—and that controls must match the risk, value, and lifecycle of the data, without burdening teams unnecessarily.
Must‑haves:
Experience with cloud powered data‑heavy environments (e.g., analytics platforms, microservices ecosystems, AI/ML pipelines)
Solid understanding of encryption, key management, secrets management, access control models, secure data architectures
Familiarity with cloud‑native data solutions (preferably in GCP)
Proficiency in Python, or similar scripting languages
But more important than exact tech stacks is your mindset: collaborative, curious, pragmatic, and always ready to dive deep.
3 reasons why this is (not) for you
Switch to find out
-
You’re always right
If you’re close‑minded and treat other opinions as noise, this isn’t your place.
-
Never ask for help
If you sit on problems instead of collaborating, you’ll struggle here.
-
Works on my machine
If you avoid shared responsibility for the full lifecycle of your solutions, this won’t be a match.
+
You know your stuff
You’re fascinated by encryption, secure data architectures, KMS/HSM, privacy‑enhancing technologies, and the nuances of protecting distributed data at scale.
+
Work together
You communicate openly and enjoy helping colleagues across engineering, data, and business disciplines.
+
Proud of what you do
You take ownership of your designs and defend them with care—you stand behind your solutions.
This is where you'll work
At the premier online retail tech platform of the Netherlands and Belgium. A platform serving 13 million customers, supporting 49,000 partners, and powered by over 2,900 colleagues.
Our mission: reinvent retail—together.
Our belief: diversity fuels better ideas, safer systems, and stronger innovation.
Bring your story. Bring your craft. Let’s build the safer, smarter future of data together.
Perks of having a blue heart
Discover all perks
Flexible working
We bring the best of both worlds together by working 50% at the office and 50% at home. This way, we find a balance between organisational and individual needs.
On and off
At bol we understand like no other that you have to take care of yourself first, then your environment and then bol. In that order. Therefore, everyone at bol receives 29 days of vacation.
The culture and the office
Our colleagues work hard to make the daily lives of our customers easier and more fun. But of course, we do this in an inspiring and creative environment!
Your application process
Your application
We’ll review your application with care. We aim to get in touch with you as soon as possible.
First contact
We’ll contact you to walk you through the process and take the first step to set up an interview. And since we’re already talking: feel free to ask any questions you may have.
The assessment
We will ask you to take an online HR assessment and a technical assessment. We’ll also discuss the position and the team in depth.
First date
During this interview we’ll get to know each other. We want to find out more about you, your work experience and skills.
Is this love?
Two interviews are usually enough to see if it’s a match. And if you agree… well, it’s the beautiful beginning of your career at bol.
