We are looking for an experienced Application Security Engineer to join our Information and Cyber Security team. This is a position of great responsibility that will report directly to the Head of Körber Group Application Security Centre of Excellence.
The Application Security Centre of Excellence works to ensure that Körber Group products and services are created and offered in line with cybersecurity best practices and market regulations.
As an Application Security Engineer, you will play a vital role defining, guiding and assisting development teams integrating security measures throughout the development lifecycle. You will support software architects and developers on security matters and ensure that security considerations are integral to all stages of project and product development.
To excel as an Application Security Engineer, you should possess strong analytical skills and extensive knowledge of application security principles and practices. Experience with secure coding standards, vulnerability management, and security testing is essential. You should be well-versed in web application security, secure coding practices, and implementing CI/CD and DevSecOps pipelines with integrated security measures.
Top candidates will also be excellent communicators, able to train and educate our staff in various cybersecurity topics.
Responsibilities Implement security measures in accordance with Körber Group's application security guidelines and policies.
Conduct security assessments and code reviews to identify and mitigate vulnerabilities.
Collaborate with software architects and developers to integrate security practices into the development lifecycle.
Develop and maintain secure coding standards and guidelines.
Perform threat modeling and risk assessments for new and existing applications.
Implement and manage security tools for static and dynamic analysis, and vulnerability scanning.
Assist Product Owners in defining security requirements for MVPs (Minimal Viable Products) and final products.
Enhance the secure software development lifecycle (SDLC) by integrating security into CI/CD pipelines and DevSecOps practices.
Perform regular reviews of our software development lifecycle and products.
Conduct regular security audits and penetration testing on applications.
Provide training and support to software engineers on application security best practices.
Stay updated on the latest security trends, vulnerabilities, and technologies to ensure the organization's applications are protected against emerging threats.
Qualifications After a degree in computer science or comparable course of studies you gained several years of practical experience as an application security expert.
You are a proactive and structured team worker with an eye for detail and the ability to prioritize and focus while supporting multiple initiatives at the same time.
You are skilled in communicating with different, also non-technical stakeholders to achieve common goals.
You are fluent in English; German language skills would be a plus.
A high degree of detail-orientation.
Certifications such as CISSP, CCSP, CEH, CPT, CISA, SC-100, GPEN, OSCP, are highly desirable.
Personal Skills & Behaviors Good organizational, analytical, and problem-solving skills.
Good teamwork skills.
Critical thinking.
Self-motivated.
Ability to manage multiple demanding projects concurrently.
What we offer A home for passionate people who innovate, collaborate and love what they do.
An entrepreneurial and dynamic working atmosphere with the opportunity for you to take responsibility and make an impact from day one.
Growth opportunities on and off the job and a generous individual development budget to develop your career.
A competitive salary and benefits package, with flexible working hours and remote work options, private health insurance and 3 additional vacation days.
#J-18808-Ljbffr