Do you like to take over responsibility and your passion is IT Security? Are you eager to drive strategic topics and solve complex security challenges? Are you curious and continuously improving your technical and security know-how? Then we're looking for you! Join our Security Engineering Team as IT Security Engineer and help us further improve the overall security level of Germany's biggest mail and cloud provider WEB.DE and GMX.
- You consult your colleagues on all levels to topics around secure design, development and operation of products of WEB.DE, GMX and mail.com brands. You carry out threat analyses, penetration tests, supply chain audits, architecture and code reviews.
- You drive strategic initiatives like DevSecOps and Secure Product Lifecycle.
- You create concepts and implement tools which sustainably improve our security level.
- You prepare and hold security trainings and workshops. These are targeted on the members of our Security Champion community as well as on all kinds of engineers. You train them on concepts like secure coding and threat modeling.
- If necessary, you support fast resolution of security incidents by carrying out technical analyses, e.g. forensic or log analysis.
Have you completed a technical degree or do you have comparable education? Do you have a multiple-year experience with IT Security and were you already able to deliver strategic improvements in complicated situations? Are you able to grasp complicated concepts quickly and you're continously searching for even better solutions? Do you appreciate hands-on work, are you a true team player, and do you value dynamic complex environment? We're eager to get your application!
- You have a strong engineering mindset: you are a problem solver and continuous improver. You have both wide and deep general technical background and you're well versed with topics like networking, protocols, operating systems, and distributed web applications.
- You have profound experience with technical security audits of all kinds (white-box and black-box). Optimally, you're also well connected to the international security community, e.g. due to conferences or your work on open source projects.
- You are fluent with at least one programming language, e.g. JAVA, TypeScript or Python.
- You understand the aspects of modern agile product development and you have hands-on experience with concepts and technologies like DevOps, CI/CD and Kubernetes. You always keep yourself up-to-date.
- You're a true team player, always leading by example. You're comfortable with leading projects and stakeholders efficiently also in stressful situations.