Backend Security Engineer
Remote - Germany
komoot
Turn your next ride, hike, or run into an adventure with komoot. Get inspired by tapping into shared community knowledge and recommendations, then bring your adventures to life with the easy route planner.About komoot
Komoot is an app that lets you find, plan, and share adventures. Driven by a desire to explore, and powered by the outdoor community’s recommendations, it’s Komoot’s mission to inspire great adventures making them accessible to all. And we’re good at what we do: Google and Apple have listed us as one of their Apps of the Year numerous times!
Today, with over 27 million users and 200,000 five-star reviews, Komoot is well on its way to becoming the most popular cycling and hiking app for people who love adventures worldwide.
Join our fully remote team and change the way people explore!
About the role
As komoot’s next Security Backend Engineer, you join a highly-motivated team of tech enthusiasts. We believe that simple and smart solutions are the solution to complex security challenges. Join us if you love building easy-to-use security foundations, infrastructure as code, and building resilient, self-healing micro-services.
Ready for your next adventure?
What you will do
- Take care of our security core-infrastructure: The oauth2 authentication api, rate-limiting, spam-protection, metrics and security logs.
- Build and extend microservices written in Java/Kotlin and deploy them on AWS.
- Contribute to project planning with your security and privacy feedback.
- Review security reports from our bug-bounty program and discuss fixes with the responsible development teams.
- Develop end-to-end backend / security solutions including: concept, road map planning, implementation, testing, deployment, and monitoring
Why you will love it
- You’ll work on a global product that inspires millions of users to enjoy the great outdoors
- Take over responsibility for core infrastructure already with your first project
- You join a newly formed team at komoot and will influence how security is “done right”
- We strive for honest security and enable our colleagues to do their best work.
- You’ll work together with enthusiastic engineers, hikers, and cyclists.
- We let you work from wherever you want, be it a beach, the mountains, your house, co-working location of your choice (covered by us), or anywhere else that lies in any time zone situated between UTC-1 and UTC+3
- You’ll travel with our team to amazing outdoor places several times a year (when safe) to exchange ideas, learnings and go for hikes and rides.
Requirements
You will be successful in this position if you
- Are highly self-driven, responsible and keen to learn and improve
- Have a deep understanding of https, oauth2, hmac, (a)symmetric encryption.
- Know about the most common web attacks and how to mitigate them
- Have 3+ years of professional experience in developing distributed and resilient backend APIs
- Have 3+ years of professional experience with Kotlin or Java
- You have been responsible for configuring and running applications in production on AWS, Google Cloud, Microsoft Azure or Kubernetes
- Have experience with Infrastructure as Code, continuous integration & deployment and monitoring
- Enjoy paying attention to details and care about solid solutions
- Are a great communicator in a diverse team
Benefits
Some of our Perks
- 38 days of vacation (incl. public holidays)
- Dedicated time and budget to spend on your professional development: classes, conferences, books – you decide!
- Discounts from leading outdoor and cycling brands
- Flexible working hours and ability to work from anywhere in Europe
- Three whole-company gatherings per year in beautiful locations
- Optional “togetherness” trips with your team
- Costs covered for your co-working space membership or your work from home office
- The latest devices and equipment to do your best work
Curious to find out more about our recruitment process?
- Find out more info here: https://www.komoot.com/jobs-process
- At komoot we want to make great adventures accessible to everyone. We support diversity and inclusivity within the outdoors and welcome all prospective applicants.
- We have a rolling recruitment process. If this role is online it means it’s still open. We’re accepting applications and actively looking for the perfect candidate. Is it you?
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs AWS Azure Cloud Encryption GCP HMAC Java Kotlin Kubernetes Microservices Monitoring Privacy
Perks/benefits: Career development Conferences Flex hours Flex vacation Travel
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs