Security Engineer - (Application Security/DevSecOps) (f/m/d) at Delivery Hero SE (Berlin, Germany)
Location: Berlin, Germany
Type: Full Time
Created: 2022-01-12 05:00:05
Apply Here
Want to be a Hero? - Join one of the leading global online food ordering and delivery platforms!
We are looking for a Security Engineer - (Application Security/DevSecOps) (f/m/d) to join our team and reinvent on-demand delivery with us. If you're a creative problem solver who is eager to deliver solutions and hungry for a new adventure, an international workplace is waiting for you in the heart of Berlin!
Your Mission:
The DevSecOps Engineer will support the integration of the security solutions in other SaaS, PaaS, IaaS and on-premise components to foster a high-security posture for our hybrid infrastructure.
Develop and integrate new modules in the security management system.
This function is moreover responsible for the monitoring and the implementation of automation for the security solutions as well as the definition of measures based on these activities.
Champion security with development teams to make their code more secure, primarily through manual code/architecture review.
Perform security assessments on a wide range of developed applications services and networks.
Conduct security-centric code reviews of new and legacy applications and services to identify security vulnerabilities.
Collaborate with the responsible engineers to resolve identified security weaknesses.
Create, implement and maintain security automation tools as required.
Develop secure coding resources for engineers ranging from wiki articles to master classes covering both standardized topics like OWASP Top 10 to custom tailored content to address common issues.
Provide security event analysis and escalation for identified threats.
Your Heroic Skills:
Must Haves:
Full DevSecOps practice integrating Github/Gitlab based version control, automated builds, and release management CI/CD.
Working knowledge in Security Management Systems (e.g. ServiceNow, Archer)
Proficiency and break code in languages including Python, Java, C/C++ and PHP.
Experience in security tooling & technologies (e.g. IDS, AWS or GCP security configurations/setup, Linux security configurations/setups, etc.)
Familiarity with one or more cloud vendor services and management tools (AWS, GCP) and DevSecOps processes i.e. code pipeline.
+2 years experience in agile development.
+2 years of experience PostgrestSQL, MongoDb or similar.
+2 years of experience of deployment and management of public cloud security services (AWS, GCP) like VPC Service Controls, Shielded VMs, CAs, CMKs, Security Hub, Cloudwatch, Cloudtrail, Secrets Manager and IAM.
Experience in security tooling & technologies (e.g. IDS, AWS or GCP security configurations/setup, Linux security configurations/setups, etc.)
Designing and implementing system integration patterns in the public cloud (AWS,GCP), network and service security, and CICD pipelines and Infrastructure as Code (IaC) including Cloudformation and Terraform.
Working knowledge of common application and network security assessment tools and techniques such as nmap, nessus, burpsuite, etc.
Experience with vulnerability management (identifying, tracking, prioritizing, and collaboration with responsible teams to resolve).
Extensive experience working with distributed systems, including deep understanding of UDP & TCP protocols.
Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
Security implementation experience (OWASP, SAST, DAST…etc.)
Network stack/protocols, SSO, oAUTH2 and DNS.
Experience working with both internal and external stakeholders
Enjoys working in an accomplishment-oriented, fast-paced environment.
Fluency in English (verbal and written).
Nice to Have:
AWS or GCP certification is a plus.
Experience working with network security and analysis tools such as IDS/IPS, sniffers, WAFs, firewall ACLs is a plus.
Working history of performing security assessments in cloud environments is a plus.
Experience of working in a federated organization.
Certifications like OSCP, OSCE are also a plus.