What you can expect:
* Embed Security in CI/CD: Automate security testing in GitLab (SAST, DAST, dependency scans) to catch vulnerabilities early and enable developers to move fast with confidence.
* Automate and scale security controls: Implement tools for code analysis, secret management, container security, and IaC scanning, making security checks consistent, reliable, and repeatable.
* Collaborate across teams: Work closely with developers, platform engineers, and IT operations to promote secure coding, configuration, and deployment practices. You’ll be an advocate for “security as code” and shared responsibility.
* Monitor and respond effectively: Set up monitoring and alerting for AWS and Azure environments, investigate incidents, and work with teams to address root causes instead of just symptoms.
* Drive compliance and best practices: Help enforce internal security standards and regulatory requirements (GDPR, DORA, ISO 27001) while keeping documentation lean and supporting audits in a pragmatic way.
* Enable data-driven decisions: Expand and refine reporting to translate technical findings into clear insights and recommendations for stakeholders.
Your profile
* Cloud expertise: You have experience with cloud environments (preferably AWS or Azure) and understand cloud security best practices.
* CI/CD knowledge: You are familiar with GitLab pipelines and automating security testing.
* Tool experience: You have worked with security tools such as Microsoft Entra, Defender, Rapid7 or similar.
* Tech skills: You bring knowledge in containerization (Docker, Kubernetes) and infrastructure-as-code (Terraform, CloudFormation, etc.).
* Team spirit: You have a collaborative, solution-oriented mindset and are eager to learn.
* Language skills: You feel comfortable communicating in English and/or German.
* Compliance know-how: Ideally, you have experience with regulatory frameworks such as GDPR, DORA, or ISO 27001.
* Incident management experience: Preferably, you are familiar with tools like incident.io and the Atlassian Suite (Jira, Confluence).
* Monitoring and scripting: Knowledge of modern monitoring tools and scripting skills (Python, Bash) would be beneficial.
What we offer:
* Flexibility for Your Lifestyle: Enjoy family-friendly working hours and a generous home office policy, allowing you to stay agile and flexible in any situation.
* Ergonomic Work Environment: For your office days, we provide ergonomic workstations that offer you a comfortable and healthy workspace.
* Independent Work: With short decision-making paths, we enable you to work autonomously and actively contribute your ideas – we provide space for you to take on responsibility.
* Grow with Us: Unlock your potential with numerous opportunities for growth and development, along with an annual development budget to help you achieve your professional and personal goals.
* Team Spirit: Team spirit is important to us – we regularly host events and parties where fun is guaranteed.
* Mobility Your Way: Whether you prefer a train ticket or parking – we support your choice of preferred mobility.
* Stay Active: Keep fit with a discounted membership at Fitness First or Urban Sports Club, or use our in-house fitness room to stay active after work and enhance your work-life balance.
* Secure Your Future: Think about your future – we offer subsidies for company pension plans so you can plan long-term with us.
* Tailored Benefits: We consider your personal life situation – whether you're a parent or love to travel, we offer customized benefits to suit your lifestyle.