Beschreibung
For our client we are looking for a Security Engineering Architect (f/m/d)
Start: 18.08.2025
Duration: 31.12.2025 (long term engagement (2026))
Capacity: 100% if possible
Location: 75% Remote, 25% Berlin (1 week Berlin / 3 weeks remote in rotation), up to 50% onsite in peak times
Language: English, German is a plus
Role:
- Collaborates closely with the Security & Compliance team and development teams
- Acts as a consultant to establish security-focused practices and solutions
- Works cross-functionally to embed security into development and operational processes
Tasks:
- Design and implement central, automated security testing tools for code, dependencies, workloads, Infrastructure-as-Code, and cloud deployments
- Establish and maintain automated security testing solutions such as SAST and DAST, ensuring alignment with compliance and control frameworks
- Develop and drive DevSecOps practices, embedding security into the software development lifecycle and CI/CD pipelines
- Develop and manage vulnerability management processes to ensure secure and compliant platform and product software
- Conduct secure code reviews, application-level threat modeling, and provide remediation guidance
- Identify, assess, and suggest improvements for vulnerabilities within the platform and software products
Skills (must-have):
- Mid-to-senior level professional with 5+ years of experience in security engineering, devsecops, secure platform and product delivery, platform security, or related fields.
- Expertise in security architecture principles, secure design patterns, and frameworks.
- Experience in secure code analysis adhering to standards like OWASP
- Experience in SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing)
- Experience with tools integrating security into CI/CD pipelines (e.g. SonarQube, Snyk, Trivy, Aqua)
- Experience in vulnerability management tools and related processes
Skills (should-have):
- Hands-on experience with secure development practices (e.g., OWASP Top 10, secure coding standards)
- Familiarity with private cloud and sovereign cloud platforms
- Familiarity with DevSecOps practices and tools for integrating security into platform development.
- Experience in Threat Modeling and related standard (OWASP, STRIDE)
- Certification in Kubernetes security (CKS or CNCF related)
- Experience with cloud posture management and detection tools (CSPM, KSP, Workload protection)
- Good command and understanding of security & compliance standards and frameworks including ISO/IEC 27001, CSA CCM, BSI Grundschutz, CSI, NIST CSF, NIST OSCAL, etc.
- Basic understanding of sector-specific regulations (e.g. NIS2, CRA, KRITIS, BSI C5, …)
Start: 18.08.2025
Duration: 31.12.2025 (long term engagement (2026))
Capacity: 100% if possible
Location: 75% Remote, 25% Berlin (1 week Berlin / 3 weeks remote in rotation), up to 50% onsite in peak times
Language: English, German is a plus
Role:
- Collaborates closely with the Security & Compliance team and development teams
- Acts as a consultant to establish security-focused practices and solutions
- Works cross-functionally to embed security into development and operational processes
Tasks:
- Design and implement central, automated security testing tools for code, dependencies, workloads, Infrastructure-as-Code, and cloud deployments
- Establish and maintain automated security testing solutions such as SAST and DAST, ensuring alignment with compliance and control frameworks
- Develop and drive DevSecOps practices, embedding security into the software development lifecycle and CI/CD pipelines
- Develop and manage vulnerability management processes to ensure secure and compliant platform and product software
- Conduct secure code reviews, application-level threat modeling, and provide remediation guidance
- Identify, assess, and suggest improvements for vulnerabilities within the platform and software products
Skills (must-have):
- Mid-to-senior level professional with 5+ years of experience in security engineering, devsecops, secure platform and product delivery, platform security, or related fields.
- Expertise in security architecture principles, secure design patterns, and frameworks.
- Experience in secure code analysis adhering to standards like OWASP
- Experience in SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing)
- Experience with tools integrating security into CI/CD pipelines (e.g. SonarQube, Snyk, Trivy, Aqua)
- Experience in vulnerability management tools and related processes
Skills (should-have):
- Hands-on experience with secure development practices (e.g., OWASP Top 10, secure coding standards)
- Familiarity with private cloud and sovereign cloud platforms
- Familiarity with DevSecOps practices and tools for integrating security into platform development.
- Experience in Threat Modeling and related standard (OWASP, STRIDE)
- Certification in Kubernetes security (CKS or CNCF related)
- Experience with cloud posture management and detection tools (CSPM, KSP, Workload protection)
- Good command and understanding of security & compliance standards and frameworks including ISO/IEC 27001, CSA CCM, BSI Grundschutz, CSI, NIST CSF, NIST OSCAL, etc.
- Basic understanding of sector-specific regulations (e.g. NIS2, CRA, KRITIS, BSI C5, …)