Senior Security Engineer

Description

Our Security Engineers are part of our multidisciplinary Engineering Cohort. Working closely with the engineering team, they are responsible for the security and safety of our systems.

The role will be varied, depending on the project and venture itself. Overall you will improve security awareness and define and track security lifecycle across multiple ventures and BCGDV. As an expert you will also give security trainings to our Software Engineers. A close collaboration with them is key, as you will take the role of the advisor when designing network segmentations and audit cloud security configurations in different ventures. You will help the engineering team to improve architecture by reviewing the tech stack and operation. You will also evaluate the security status by performing threat modelling and penetration testing. You will need to monitor the security status of all ventures and be able to present it to senior management.

Due to broad scope of the role, we look for candidates with varied experience in both hands-on Security Engineering as well as management abilities.

What we offer you

• The opportunity to build and implement a security policy for BCGDV. 
• Exposure to some of the world's most influential organizations. 
• A structured career development program which has both a technical expert and leadership track, guided by a mentor which you will be assigned early on. 
• A competitive salary and benefits, in addition to a flexible conference policy and Learning & Development budget which allows you to choose what are the most essential conferences for your own development. 
• A centrally located and modern office here in Mitte at which we host various startup and industry talks. Relocation assistance and free German language lessons. 

As a Security Engineer (m/f) you will need

• Degree in Computer Science, Electrical Engineering or equivalent education 
• CISSP and/or OSCP equivalent security certifications are preferred 
• 5+ years of experience in information security 
• Knowledge of regulations and applicable standards in the area of ​​cyber security 
• Deep knowledge of web application vulnerabilities, including mitigations and identification 
• Expertise in applied cryptography and according security best practices 
• Very good knowledge of common authentication and authorization frameworks, as well as their common vulnerabilities 
• Experience with risk assessment, threat modeling and penetration testing 
• Strong communication skill 
• Fluent in English, German is a plus