Senior Security Engineer (all genders)

Munich, Germany

zooplus SE

Explore career opportunities with Europe's leading online pet supplier.

View company page

Company Description

More than 20 years ago, zooplus was one of the first to bring the pet category into the world of eCommerce. Today, we stand strong as Europe’s leading online pet platform, delivering moments of happiness to more than 9 million pet parents each year.

Job Description

Join our dynamic e-commerce zooplus as a Senior Security Engineer and be part of our cutting-edge IT security team.

At the heart of zooplus IT, you will play a crucial role in ensuring the continuous operation and relentless improvement of our 24/7 e-commerce infrastructure.

As a member of the infrastructure platform & security services department, you will focus on technical IT security while also collaborating with cross-functional teams. With our strong devops and infrastructure-as-code approach, we are dedicated to developing and innovating new aspects of our platform. Additionally, you will have the opportunity to guide and support our technical users and devops teams, while having the freedom to specialize in preferred technical products and guidelines within your team. Engaging with and supporting other technical products is also encouraged and supported.

#Team Overview

The IT security team is a central function within our organization, reporting directly to the head of IT security. Our mission is to proactively support and consult all technical products in zooplus IT, as well as other business functions. We operate crucial security-related technical products centrally, with a holistic approach aimed at increasing security levels and improving the operational resilience of zooplus through tailored risk management.

# Your Responsibilities

* Provide support to the IT security team, focusing on central technologies and process integration.
* Collaborate with the Information Security Officer (ISO), Data Protection Officer (DPO), and security ambassadors in our DevOps teams.
* Play a crucial role as an IT security consultant for both technical and business-oriented teams.
* Develop a comprehensive 360-degree IT security roadmap aligned with the CIO, ISO, and DPO, based on best practices and business needs.
* Drive transparency by identifying and communicating current and future security risks in our IT and business functions, utilizing corporate tools.
* Design and implement a central bug bounty framework, and oversee external penetration testing partners while incorporating their findings into corporate workflows.
* Aggregate security events using technical means to gain a centralized view, and actively participate in security incident management.
* Represent IT security as a stakeholder in central infrastructure platform and technology initiatives at the architecture level.
* Operate central security technologies, such as SIEM or vulnerability management tools (excluding firewalls).
* Support our DevOps teams in utilizing our products and services in the most secure manner.
* Contribute to and help establish a rotating on-call duty for your team, as soon as personnel capacity allows.



Your Profile, Experience:

* Possess an advanced university degree in Computer Science (Bachelor, Master, or Diploma).
* Have at least two years of experience working in an IT security function.
* Passionate about securing new technologies and addressing emerging threats to established technologies.
* Optional: Hold relevant certifications in good standing, such as OSCP, OSCE, TISP, CISSP, CISM, ISO 27001, or ISO27035 Lead Manager.
* Knowledge/Experience in at least one of the following areas would be helpful:
  * Developing and implementing operational IT security measures for agile e-commerce units.
  * Hands-on experience in e-commerce IT infrastructure.
  * Planning, developing, and implementing a central identity management framework (IDP).
  * Building or participating in a central security operations center (SOC).
  * Planning and executing a central penetration testing program.
  * Working in a team with a holistic IT security setup.
  * Experience working with DevOps teams and public clouds (e.g., AWS, Azure, or GCP).
* Familiarity with the DevOps toolbox, including git, docker, Jira, Confluence, BitBucket, and others.
* General understanding of network infrastructure basics such as DNS, DHCP, firewalling, and load balancing, enabling cross-functional collaboration.
* Fluent English language skills (at least CEFR B2).

Join our team of forward-thinking professionals and contribute to the security of our modern e-commerce infrastructure, and shape the future of our zooplus!

Additional Information

With more than 1,000 passionate professionals located across 10 European offices, we believe our success comes from working together and leveraging our international strengths. Expect to work in a hybrid environment, collaborating with colleagues in different locations remotely or face-to-face at the office.

Our benefits:
🐾 20% discount in our zooplus shop
📖 Internal and external training
🎈 Team events
✈️ 28 vacation days and days off on 24th and 31st of December
🏋️ Corporate rates at a local gym chain (Body & Soul)
📱 Company mobile phone for work and personal use

Want to know more? Learn more about who we are and what we do and visit our LinkedIn company profile.

zooplus is committed to equal opportunity. We value and embrace diversity and inclusion of all Team Members.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Agile AWS Azure Bitbucket CISM CISSP Computer Science DevOps DNS Docker E-commerce Ecommerce Firewalls GCP ISO 27001 IT infrastructure Jira OSCE OSCP Pentesting Risk management SIEM SOC Vulnerability management

Perks/benefits: Team events Transparency

Region: Europe
Country: Germany
Job stats:  12  2  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.