## Your daily workout Are you excited to shape application security in a modern, cloud-native product environment? Do you enjoy working closely with software engineers and enabling teams to build secure products by design? Then apply now as an Application Security Engineer (m/f/d) for our team in Berlin or Munich! - Secure-by-Design Enablement: You work closely with software engineering teams to integrate application security into design, development, and deployment processes - Security Reviews: You perform and manage security reviews for major features, services, APIs, and critical applications - Tooling & Automation: You design, introduce, and continuously improve application security tooling such as SAST and DAST, including CI/CD integration - Vulnerability Management: You identify, validate, and help prioritize vulnerabilities across applications, APIs, and cloud-native environments, supporting teams with pragmatic remediation guidance - Advisory & Consulting Role: You act as a trusted security advisor, translating security requirements and findings into practical, developer-friendly solutions - Cloud & Platform Security: You collaborate with SRE, DevOps, and platform teams to improve security in containerized and cloud-native setups (e.g. Kubernetes, Docker, GCP/AWS) - Security Awareness: You contribute to improving security awareness and knowledge across engineering teams through documentation, guidance, and hands-on support - Continuous Improvement: You stay up to date with emerging threats, application security trends, and DevSecOps best practices - Compliance & Certification Leadership: You lead technical readiness and evidence collection for security certifications (e.g., SOC 2, ISO 27001) and emerging regulatory requirements, ensuring the product ecosystem meets global security standards - Trust & Sales Enablement: You serve as the technical authority for security questionnaires, providing accurate and timely responses to prospects and clients to streamline the sales process and demonstrate compliance with customer security requirements ## Your fitness level - Professional Experience: You have several years of experience in Application Security, Software Security Engineering, or a closely related role - Application Security Know-how: You have strong knowledge of OWASP Top 10, secure coding principles, threat modeling, and security testing approaches such as SAST and DAST - Technical Skills: You are comfortable working with modern software stacks and can read or write code (e.g. Go, Java, Python, or similar) to support reviews, PoCs, or tooling - Cloud & DevSecOps Understanding: You are familiar with cloud-native architectures, APIs, CI/CD pipelines, and containerized environments - Mindset: You enjoy working with engineers rather than acting as a gatekeeper - Working Style: You work in a structured, pragmatic, and collaborative way and feel comfortable shaping processes in a greenfield environment - Language Skills: You have professional proficiency in English ## Your training goal for your first 6 months - Understanding: You gain a deep understanding of our tech stack, development processes, and teams - Planning: You create and align a plan to continuously improve the application security posture across the organization - Execution: You collaborate with engineering teams on concrete AppSec initiatives such as security tooling rollout and process improvements - Impact: You drive and deliver individual application security projects derived from the aligned plan ## The equipment we provide - Learning Time: Use 10% of your time on learning topics of your choice (conferences, hackathons, internal and external events, videos, books or innovation projects) - Modern Tech Stack Engagement: Interested in working with other technologies as well? Check out our tech radar: Website - Choose Your Equipment: Use state-of-the-art laptops (MacOS, Linux, Windows? Choose your weapon! Also choose your Distro!) - International Team: Join our diverse and international team to collaborate with talented professionals from around the world - Work-Life-Balance: Benefit from flexible working hours, home office possibilities and 30 days of vacation per year - Fit & Healthy: Train for free with EGYM Wellpass in several thousand sports and health facilities across Germany and/or alternatively use our in-house gym with EGYM products - Flex Budget: Use €60 per month flexibly for public transportation and a meal subsidy - Discounts: Get a variety of great discounted offers, from fashion to leisure, through our employee benefits portal