Application Security Engineer (m/w/d)

We are seeking an experienced Security Engineer to enhance the visibility, security, and resilience of our technology stack, server infrastructure, and hardware assets. This role is crucial in ensuring robust security controls and optimized system performance.

1. Observability and Monitoring:

• Implement solutions to improve monitoring and visibility of our infrastructure for real-time insights.
• Automate alerting processes to proactively identify and resolve issues.
• Maintain documentation of system performance, security and uptime.

1. Security Control for Servers:

• Establish and enforce security policies, configurations, and best practices across server environments.
• Apply best practices for server configuration and maintenance.
• Conduct security audits and vulnerability assessments to identify and mitigate risks.
• Ensure compliance with industry standards and regulations related to data protection and access control.

1. Hardware Security Management:

• Manage the physical and network security of all hardware assets, including workstations and mobile devices.
• Develop asset management policies to track, safeguard, and manage access to hardware.
• Provide security training to staff to promote best practices for handling hardware and sensitive data.

Requirements

Preferred Qualifications:

• Experience with cloud platforms (AWS, Azure, Google Cloud).
• Experience with Infrastructure as Code (Terraform, CloudFormation)
• Proficiency in container technologies (Docker, Kubernetes)
• Experience with CI/CD tools (Jenkins, GitLab CI, GitHub Actions)
• Knowledge of security testing tools (SAST, DAST, SCA)
• Scripting abilities (Python, Bash, Go)
• Experience leading projects or initiatives in infrastructure or security domains.

Requirements:

• Bachelor's degree in Information Technology, Cybersecurity, or a related field.
• 3+ years of experience in web application security and penetration testing
• Experience with secure SDLC practices and security testing automation
• Familiarity with monitoring tools (e.g., Prometheus, Grafana) and security frameworks (e.g., OWASP, NIST, CIS).
• Strong understanding of network protocols, server security, and endpoint protection.
• Excellent problem-solving skills and effective communication abilities with both technical and non-technical stakeholders.

• Competitive salary and benefits package.
• Opportunity to make a significant impact on the reliability and security of our company's technology infrastructure.
• Supportive and collaborative work environment.
• Opportunities for professional growth and development