Mainz, Germany | full time | Job ID: 10695
As Associate Director Application Security, you own and drive application security processes and procedures. You integrate security tools into engineering workflows and enable solution delivery teams to apply secure practices and reinforce secure software supply chains. In this role, you strengthen compliance, mitigate risks, and enhance the overall application security posture.
Your responsibilities are:
* Own and manage application security strategies, aligned with regulatory standards and industry frameworks such as ISO 27001 and SLSA
* Standardize security processes and create standard operating procedures (SOPs) and work instructions
* Drive vulnerability management practices, ensuring seamless integration of data from various sources (e.g., GitHub, JFrog)
* Provide technical solutions and tools, leveraging AWS and Terraform, to support secure development practices and security by design
* Offer advisory and enablement services to solution delivery teams on security practices and tools (e.g., threat modeling, software composition analysis, SAST, CodeQL)
* Oversee the onboarding of open-source software, conduct/automate risk assessments, and review risk check results to ensure secure integration
* Introduce KPIs and metrics to measure and report on the effectiveness of security processes and tools
What you have to offer:
* A university degree in Informatics, Computer Science, or a related field
* At least 7 years of professional experience in application security, security engineering, secure software development, or a similar domain
* In-depth knowledge and hands-on experience in application security and secure development practices
* Strong familiarity with industry standards and frameworks such as OWASP Top 10, SLSA Framework, ISO 27001, SAST/DAST, threat modeling, and security tools (e.g., CodeQL)
* Advanced programming skills combined with expertise in CI/CD pipelines and cloud technologies (e.g., Terraform, AWS)
* Excellent stakeholder management and communication skills, with the ability to convey complex security concepts to diverse audiences
* A proactive mindset and the ability to thrive in a fast-paced, dynamic work environment
* Detail-oriented with a strong focus on operational efficiency and compliance
* Fluency in both English and German, with exceptional written and verbal communication skills
Your Benefits:
It's our priority to support you:
* Your flexibility: flexible hours | vacation account
* Your growth: Digital Learning | Performance & talent development | leadership development | Apprenticeships | LinkedIn Learning
* Your value: Your voice at the table | Culture on an equal footing | Opportunities to shape & impact | Support for your full potential
* Your health and lifestyle: Company bike
* Your mobility: Job ticket | Deutschlandticket
* Your life phases: Employer-funded pension | Childcare
Apply now - We look forward to your application!
Apply to our Mainz, Germany location by sending us your documents via our online form. For any questions, contact our talent acquisition team on: + 49 (0) 6131-9084-1291 (Monday-Friday from 1 PM to 3 PM CET).
Job ID 10695 (please always specify if you have any questions)
By submitting your application, you acknowledge that a background check will be conducted as part of the recruitment process in accordance with applicable laws and regulations. If you are considered for the position, BioNTech will conduct the background check through our service provider ‘HireRight’. You will be informed accordingly by your BioNTech-Recruiter.