Senior Security Engineer (DevSecOps)
Remote - Berlin, Berlin, Germany
komoot
Turn your next ride, hike, or run into an adventure with komoot. Get inspired by tapping into shared community knowledge and recommendations, then bring your adventures to life with the easy route planner.Millions of people experience real-life adventures with our apps. We help people all over the world discover the best hiking and biking routes, empowering our users to explore more of the great outdoors. And we’re good at it: Google and Apple have listed us as one of their Apps of the Year numerous times—and, with more than 16 million users and 100,000 five-star reviews - komoot is on its way to becoming one of the most popular cycling and hiking platforms. Join our fully remote team of 65+ people and change the way people explore!
As a security engineer at komoot, you’ll join a highly-motivated backend team of tech enthusiasts. We’re focused on impact, which is why we love finding simple but smart solutions to complex problems, and why we embrace modern technologies to face our toughest challenges.
If you know where to look for possible security / compliance issues, you know how to mitigate them, and are able to improve processes in order to find issues early (aka shift-left), we’d love to hear from you.
----
Team: Backend
Location: Remote (Must be within the UTC-1 to UTC+3 timezone)
Employment Type: Full Time, Permanent role
----
Why you will love it
- You’ll work on a global product that inspires millions of people to enjoy the great outdoors
- Positively impact millions of users directly with your onboarding project
- You work on the global (AWS) infrastructure for one of the top consumer applications.
- We believe good ideas count more than job titles
- You’ll take ownership over your projects from day one
- You’ll work in a small and effective cross-functional team
- You’ll work together with enthusiastic engineers,who also love the outdoors hikers and cyclists.
- You can work from wherever you want, be it a beach, the mountains, your house, co - working location of your choice - anywhere that lies in any time zone situated between UTC-1 and UTC+3
- You’ll travel with our team to amazing outdoor places several times a year (when safe) to exchange ideas, learnings and go for hikes and rides. Check out this video to find out more about our team.
What you will do
- Assess, analyse and prioritize security risks across our (AWS) infrastructure
- Extend our CI/CD process with automatic security scanning for vulnerable dependencies and static code analysis, and compliance checks
- Build, improve, and maintain core services like our OAuth2 authentication system, setting up rate-limiting, monitoring and alerts to make sure it runs stably and securely.
- Assist your fellow developers in understanding and mitigating security vulnerabilities
Requirements
You will be successful in this position if you:
- Are highly self-driven, responsible and keen to learn and improve
- Have 5+ years of professional experience with AWS (including their organizations, compliance and security offerings)
- Have been responsible for security in a typical web-stack environment for 3+ years – you’re familiar with typical risks in development and operations, and how to address them
- Have deep knowledge of networking including tls and dns, and you’re not afraid to debug traffic with a network packet analyzer
- Have professional experience with Infrastructure as Code, CI/CD, monitoring, logging and alerting
- Have professional experience in developing distributed and resilient (containerized) web applications in AWS
- Have experience with Java, Python or Kotlin.
- Bonus: JavaScript / web programming experience
- Are a great communicator in a diverse team
Sound like you?
Great, we would love to hear from you! Please send us the following:
- Your CV in English highlighting your most relevant experience
- A write-up explaining who you are and why you are interested in working at komoot
- Feel free to send us something that shows us a little more about what you’re interested in, be it your account on GitHub, Twitter, Instagram, Medium or your blog.
Tags: AWS CI/CD Code analysis Compliance DevSecOps DNS GitHub Java JavaScript Kotlin Monitoring Python TLS Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs