Senior Security Engineer - Pentester (f/m/d) at Delivery Hero SE (Berlin, Germany)
Location: Berlin, Germany
Type: Full Time
Created: 2022-02-24 05:00:05
Apply Here
Want to be a Hero? - Join one of the leading global online food ordering and delivery platforms!
We are looking for a Senior Security Engineer - Pentester (f/m/d) to join our team and reinvent on-demand delivery with us. If you're a creative problem solver who is eager to deliver solutions and hungry for a new adventure, an international workplace is waiting for you in the heart of Berlin!
Your mission:
Champion security with development teams to make their code more secure, primarily through manual code/architecture review.
Perform security assessments on a wide range of developed applications services and networks.
Conduct security-centric code reviews of new and legacy applications and services to identify security vulnerabilities.
Collaborate with the responsible engineers to resolve identified security weaknesses.
Create, implement and maintain security automation tools as required.
Act as a technical leader for security incident management and related forensics analysis.
Develop secure coding resources for engineers ranging from wiki articles to master classes covering both standardized topics like OWASP Top 10 to custom-tailored content to address common issues.
Provide security event analysis and escalation for identified threats.
Your heroic Skills
Must Haves:
Proficiency in at least one of the languages (C, C++, Python, Java, Ruby, assembler).
You have the ability to read and break code in languages including Python, Java, C/C++ and PHP.
Working knowledge of common application and network security assessment tools and techniques such as nmap, nessus, burpsuite, etc.
Experience with vulnerability management (identifying, tracking, prioritizing, and collaboration with responsible teams to resolve).
Extensive experience working with distributed systems, including a deep understanding of UDP & TCP protocols.
Knowledge of network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
Experience working with both internal and external stakeholders
Enjoys working in an accomplishment-oriented, fast-paced environment.
Fluency in English (verbal and written).
Nice to Have:
Experience working with network security and analysis tools such as IDS/IPS, sniffers, WAFs, firewall ACLs is a plus.
Working history of performing security assessments in cloud environments is a plus.
Certifications like OSCP, OSCE are a plus.