We're looking for a Senior Security Engineer (m/f/d) to join our team in Germany in a hybrid working mode.
In this role, you will be focused on building security solutions that help organizations monitor, assess and improve the security posture of open-source software. You will work on a platform that provides unified visibility into open-source vulnerabilities and delivers security ratings for open-source libraries, enabling risk-based decision-making for development teams.
The role combines expertise in DevSecOps, vulnerability management and automation to design, implement and iterate security solutions integrated into modern development workflows. You will collaborate with engineers across disciplines to deliver scalable, secure and efficient security products.
Responsibilities
-
Contribute to the design and enhancement of solutions for open-source vulnerability monitoring and security ratings
- Integrate and improve security controls in CI/CD pipelines using GitHub Actions and automation tools
- Apply DevSecOps principles and secure software development practices across the engineering lifecycle
- Collaborate with cross-functional teams to ensure stability, scalability and compliance of delivered solutions
- Share knowledge, drive continuous improvement and uphold secure engineering effectiveness within the team
Requirements
-
Strong background in security engineering, DevSecOps orchestration and security-as-code
- Knowledge of open-source security concepts, including Software Composition Analysis and license compliance
- Understanding of vulnerability management processes, CVSS scoring and remediation strategies
- Hands-on experience securing CI/CD pipelines with GitHub Actions or similar tools
- Familiarity with common security standards, secure SDLC and open-source security frameworks
- Excellent collaboration, communication and problem-solving skills
Nice to have
-
Knowledge of OSS security monitoring platforms and compliance tools
- Experience in creating security automation scripts and workflows
- Familiarity with integrating security gates into build/test pipelines
- Background in continuous improvement practices for security, risk mitigation and compliance auditing
We offer
-
30 days holiday per annum
-
Company Pension Scheme
-
Regular performance assessments
-
Discount on Fitness-First Black Membership
-
bitkom - Corporate Benefits
-
Employee Stock Purchase Plan (ESPP) (subject to certain eligibility requirements)
-
Learning and development opportunities, including in-house training and coaching, professional certifications, and courses
-
Friendly and enjoyable working team
-
Regular corporate and social events
-
Flexible and remote working opportunities
-
Award-winning workplace: Great Place To Work® certified in 2026, Kununu (Top Company 2022–2026), NewWork Business Award 2025 for outstanding culture, innovation and employee satisfaction.
