## What you can expect:

- Embed Security in CI/CD: Automate security testing in GitLab (SAST, DAST, dependency scans) to catch vulnerabilities early and enable developers to move fast with confidence.
- Automate and scale security controls: Implement tools for code analysis, secret management, container security, and IaC scanning, making security checks consistent, reliable, and repeatable.
- Collaborate across teams: Work closely with developers, platform engineers, and IT operations to promote secure coding, configuration, and deployment practices. You’ll be an advocate for “security as code” and shared responsibility.
- Monitor and respond effectively: Set up monitoring and alerting for AWS and Azure environments, investigate incidents, and work with teams to address root causes instead of just symptoms.
- Drive compliance and best practices: Help enforce internal security standards and regulatory requirements (GDPR, DORA, ISO 27001) while keeping documentation lean and supporting audits in a pragmatic way.
- Enable data-driven decisions: Expand and refine reporting to translate technical findings into clear insights and recommendations for stakeholders.

## Your profile

- Cloud expertise: You have experience with cloud environments (preferably AWS or Azure) and understand cloud security best practices.
- CI/CD knowledge: You are familiar with GitLab pipelines and automating security testing.
- Tool experience: You have worked with security tools such as Microsoft Entra, Defender, Rapid7 or similar.
- Tech skills: You bring knowledge in containerization (Docker, Kubernetes) and infrastructure-as-code (Terraform, CloudFormation, etc.).
- Team spirit: You have a collaborative, solution-oriented mindset and are eager to learn.
- Language skills: You feel comfortable communicating in English and/or German.
- Compliance know-how: Ideally, you have experience with regulatory frameworks such as GDPR, DORA, or ISO 27001.
- Incident management experience: Preferably, you are familiar with tools like incident.io and the Atlassian Suite (Jira, Confluence).
- Monitoring and scripting: Knowledge of modern monitoring tools and scripting skills (Python, Bash) would be beneficial.

## What we offer:

- Flexibility for Your Lifestyle: Enjoy family-friendly working hours and a generous home office policy, allowing you to stay agile and flexible in any situation.
- Ergonomic Work Environment: For your office days, we provide ergonomic workstations that offer you a comfortable and healthy workspace.
- Independent Work: With short decision-making paths, we enable you to work autonomously and actively contribute your ideas – we provide space for you to take on responsibility.
- Grow with Us: Unlock your potential with numerous opportunities for growth and development, along with an annual development budget to help you achieve your professional and personal goals.
- Team Spirit: Team spirit is important to us – we regularly host events and parties where fun is guaranteed.
- Mobility Your Way: Whether you prefer a train ticket or parking – we support your choice of preferred mobility.
- Stay Active: Keep fit with a discounted membership at Fitness First or Urban Sports Club, or use our in-house fitness room to stay active after work and enhance your work-life balance.
- Secure Your Future: Think about your future – we offer subsidies for company pension plans so you can plan long-term with us.
- Tailored Benefits: We consider your personal life situation – whether you're a parent or love to travel, we offer customized benefits to suit your lifestyle.