Senior Security Engineer - Pentester (f/m/d) at Delivery Hero SE (Berlin, Germany)

Senior Security Engineer - Pentester (f/m/d) at Delivery Hero SE (Berlin, Germany)


Add To Bookmarks
Company:
Location: Berlin, Germany
Type: Full Time
Created: 2022-02-24 05:00:05

Apply Here


Want to be a Hero? - Join one of the leading global online food ordering and delivery platforms!

We are looking for a Senior Security Engineer - Pentester (f/m/d) to join our team and reinvent on-demand delivery with us. If you're a creative problem solver who is eager to deliver solutions and hungry for a new adventure, an international workplace is waiting for you in the heart of Berlin!

Your mission:

  • Champion security with development teams to make their code more secure, primarily through manual code/architecture review.

  • Perform security assessments on a wide range of developed applications services and networks.

  • Conduct security-centric code reviews of new and legacy applications and services to identify security vulnerabilities.

  • Collaborate with the responsible engineers to resolve identified security weaknesses.

  • Create, implement and maintain security automation tools as required.

  • Act as a technical leader for security incident management and related forensics analysis.

  • Develop secure coding resources for engineers ranging from wiki articles to master classes covering both standardized topics like OWASP Top 10 to custom-tailored content to address common issues.

  • Provide security event analysis and escalation for identified threats.

Your heroic Skills

Must Haves:

  • Proficiency in at least one of the languages (C, C++, Python, Java, Ruby, assembler).

  • You have the ability to read and break code in languages including Python, Java, C/C++ and PHP.

  • Working knowledge of common application and network security assessment tools and techniques such as nmap, nessus, burpsuite, etc.

  • Experience with vulnerability management (identifying, tracking, prioritizing, and collaboration with responsible teams to resolve).

  • Extensive experience working with distributed systems, including a deep understanding of UDP & TCP protocols.

  • Knowledge of network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).

  • Experience working with both internal and external stakeholders

  • Enjoys working in an accomplishment-oriented, fast-paced environment.

  • Fluency in English (verbal and written).

Nice to Have:

  • Experience working with network security and analysis tools such as IDS/IPS, sniffers, WAFs, firewall ACLs is a plus.

  • Working history of performing security assessments in cloud environments is a plus.

  • Certifications like OSCP, OSCE are a plus.