Web Application Security Engineer
Haystack
Heimarbeit
We're working with a leading European provider of professional information, software solutions, and services, offering innovative solutions for various industries.
The Role
- Directly influence and improve the security of applications used by hundreds of thousands of businesses in Germany.
- Collaborate closely with feature teams, providing security expertise during conception, implementation, and operation.
- Deep dive into technical matters, developing and maintaining cross-team security mechanisms.
- Actively explore, build, and shape new initiatives within the Security Enablement Team with opportunities like Hacking Days.
- Work within a modern, agile environment, leveraging methodologies from DevOps to Scrum or Kanban.
- Strong knowledge and extensive experience in web application and cloud security (preferably AWS).
- Proficiency in secure configuration, building, and releasing modern web applications (IaC, CI/CD, SDLC).
- Ability to assess vulnerabilities within the application context and develop effective recommendations.
- Knowledge of Java web applications and JavaScript (TypeScript) web clients, along with dependency management tools like NPM and Gradle.
- Development experience and ability to automate tasks using scripting languages like Bash or Python.
- Familiarity with Threat Models and a passion for collaborating on their creation, adopting a red team mindset.
- Excellent communication skills to convey vulnerabilities and security recommendations clearly to feature teams.
- Very good German (C2) and English language skills are essential.
- Direct impact on the security of a widely used product.
- Opportunities to continuously learn and develop expertise in cutting-edge security technologies.
- Collaborative and agile working environment with a focus on innovation.
- A supportive team that values new ideas and active participation.