Cloud Security Engineer (m/f/x)

commercetools - we are:

• The competitive sort: We didn’t become the fastest growing, highest ever valued SaaS software company in digital commerce with nearly 100% year-over-year growth by sitting on the sidelines.
• Inspired: Continually exploring what’s possible — the innovators of headless commerce, the visionaries behind MACH — our patented tech has radically disrupted the world of enterprise ecommerce software - and we are just getting started. 
• Valued: Smart, strong, passionate individuals hailing from over 50 countries across the globe, speaking over 43 languages, and collectively embracing diversity, encouraging inclusion, and fostering a culture of caring.
• Driven: We push the limits, technology, and ourselves to retain the trust of some of the world’s leading and fastest growing brands every single day.

The Opportunity:

We are looking for a security specialist experienced with all layers of our tech stack, from IaaS / PaaS over APIs to single-page web applications. If you are a seasoned product security expert and want to work with a team that is committed to security, this job is for you. This is a hands-on role where you need to dig into all layers , linux, cloud and code, to ensure security. We love e-commerce and that comes with a need to secure PII data and build high scalability applications. To enable this we are putting security first at all layers. We are looking forward to your contribution to our product!

Please note that for this role, we can currently offer full-remote work for candidates based in the European Union and in the United Kingdom.

Your Mission:

• Introducing security by design flows and principles
• You code and implement security measures on all levels
• Running threat modeling workshops
• Conducting risk analysis for planned implementations
• Designing automated processes that ensure security in a CI/CD world
• Organizing or conducting security tests together with external companies
• Supporting the corporate security and legal team in audits
• Working with the security special interest group
• Make sure security topics are addressed in product roadmap planning

What you need to succeed:

• Experience with cloud infrastructure and cloud security
• Experience with Automated security principles like, DAST, SAST and IAST
• Previous experience in a technology/software oriented role in a technology company
• Solid experience in working with product teams on security
• Experience with penetration testing
• Sound knowledge of Linux systems, Kubernetes, API, and web application security
• Practical experience in DevSecOps, including Proficiency in at least one scripting language (javascript , go ..) 
• Security Certifications such as OSCP, Certified Kubernetes Security Specialist, or GCP security certification
• Good English writing/documentation skills
• Experience communicating with stakeholders (legal, c-level, engineering)
• Research new topics in a short period of time, to help teams with new technologies
• Be comfortable with agile development principles
• (Preferable) Experience with European and international privacy laws

Team Values:

Positivity. Negativity is the enemy of progress.

Trust & Transparency. Promote direct and continuous feedback.

Learning. Be proud if you’ve failed at something. Think big, start small, learn fast!

Tech at commercetools:

We Are Open Source And Innovative By Design

🚀 We make rapid progress by being early adopters of React, Scala, and GraphQL

📋 We share & contribute to the open source community: https://github.com/sangria-graphql

⚙️ We <3 Automation and Machine Learning

We care about your Growth and Well-being

☀️ Remote Work: Up to 60 days/year from a country different from your base country  

💻 Open Learning & Development Budget

📚 ct Academy: Regular internal training sessions

⌚️ Flexibility: Morning person or night owl? We believe in outcome and motivated employees

🚀 Mindset & Growth: A diverse, creative workspace with an international culture & learning environment

Are you ready? Come grow with us!

🔍 Are you looking for something else? Check out our Career Page and our Website for more information.

We are all different and that is what makes us stronger! We hire great people from a wide variety of backgrounds, not just because it’s the right thing to do, but because it makes our company better.

commercetools celebrates being a diverse environment and is proud to be an equal opportunities employer. If your professional profile aligns with our specific hiring requirements and company culture, then we encourage you to apply. We will assess your competencies, future potential, approach to learning and self-development and passion, and not your age, color, national origin, religion, gender, gender identity or expression, sexual orientation, familial status, genetics, or disability.