Product Security Engineer mfd
Product Security Engineer mfd
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
About the role:
- Strategic Security Integration: Collaborate with Engineering to embed secure design principles across the online shops native apps AdTech/MarTech platforms and other custombuilt software. Implement security testing tools (SAST DAST IAST SCA).
- Security Audits: Perform security architecture reviews threat modelling and code analysis to identify and mitigate vulnerabilities early. As single point of contact plan and steer security audits in collaboration with IT Governance and ensure alignment of the product roadmap for fast mitigation.
- Vulnerability Management Thread Detection and Risk Mitigation: Lead proactive vulnerability identification and management ensuring risks are remediated efficiently. Use tools like Nessus Qualys or similar for continuous scanning result interpretation and mitigation. Design maintain and execute incident response protocols coordinating with engineering and governance during product security incidents.
- Data Protection and Compliance: Work with Product Analytics and IT Compliance teams to ensure adherence to regulations like GDPR and PCIDSS. Accountability of steering customer data security and privacy across personalization search and sponsored product features in the department.
- Collaboration and Security Awareness: Partner with Engineering Managers QA Leads IT Operations and SRE teams to integrate fast and reliable security testing into development and continuous deployment pipelines. Drive education and training for developers on secure coding practices and threat awareness and topics like OWASP Top 10 secure APIs and compliance
- Metrics and Continuous Improvement: Quantify the state of security by defining relevant metrics and driving their adoption through the entire engineering organization.
Qualifications :
About you:
- Proven experience in product security cybersecurity securing APIs and related fields. Strong skills in vulnerability management tools secure code review and automation frameworks.
- Deep understanding of secure software development lifecycle application security DevSecOps practices integrating security into CI/CD pipelines and cloudnative security practices. Proven ability to collaborate with DevOps engineering and security teams to promote a securityfirst mindset.
- Familiarity with data protection regulations (e.g. GDPR) and their application in software development.
- Strong coding and scripting skills in at least one of the following:
- Python Bash or PowerShell for security automation log analysis and tool integration.
- Java or Node.js for secure highperformance systems and tools and API and backend development.
- Infrastructure automation languages such as Terraform HCL or Ansible YAML.
- Knowledge of secure coding practices and the OWASP Top 10.
- Exceptional problemsolving and communication skills with the ability to educate and influence crossfunctional teams.
Additional Information :
About your benefits:
In order to provide our employees with the best possible support for their individual needs we offer a wide range of benefits:
Sports: Stay healthy. Profit from a membership (M) package at Urban Sports Club so that you can take advantage of a huge variety of sport offers.
Mental Health: Get quick and professional help from psychologists of Likeminded if you feel overwhelmed in private or professional life. Anonymous and free of charge.
Work from Home: If your job does not require you to be present in the office we can arrange the place you work from individually even for up to 20 days a year anywhere in the EU.
Mobility: We provide our employees with a fully costed Deutschland Ticket which can be used at any time. Click here to learn more.
Personal development: Grow! We support and encourage your individual development through various in and external trainings.
And many more :
Remote work policy:
Our offices are open but you are free to work from home from any location in Germany. It is entirely up to you if you want to pop into the office every now and again or if you work from home all the time. At the same time we value relationship between all members of the area and therefore we have regular team and area anchor days on which every team member is asked to come to the office.
Remote Work :
Yes
Employment Type :
Fulltime
Employment Type
Remote
