Senior Cloud Security Engineer
Remote - Berlin, Berlin, Germany
Komoot is an app that lets you find, plan, and share adventures with the easy route planner. Driven by a desire to explore, and powered by the outdoor community’s recommendations, it’s komoot’s mission to inspire great adventures making them accessible to all. Join our fully remote team of 80 people and change the way people explore!
About the role
At komoot we strongly believe in the power of automation. Written rules are good, automated security checks are better. As a cloud security engineer at komoot you’ll take care of our AWS and Google cloud organizations. You manage accounts/projects, users, roles and permissions. You build and maintain security scanning tools and prepare for possible attacks. Together with the software development teams you extend our CI/CD pipelines with compliance rules for permissions, backups and encryption.
Ready for your next adventure?
What you will do
- Build automation to continuously assess security risks around our AWS/Google cloud infrastructure and further SaaS tools we integrate with like GitHub
- Triage reports from our bug-bounty program with the development teams and coordinate a responsible disclosure with the reporters
- Organize pen-testing and audits of our software and infrastructure
- Define security requirements (encryption, backups, data retention, …) together with our backend and web teams and automate their enforcement
- Extend our CI/CD process with automatic security scanning for vulnerable dependencies, static code analysis and compliance checks
- Support new projects and features early in the process with your expertise; Create security requirements and test cases where needed
Why you will love it
- You’ll work in a flat hierarchy structure, where ideas are heard and implemented without multiple levels of gatekeeping.
- You have the freedom to organize yourself the way you work best, using the tools you love.
- With 20mio users from our own apps and external integrations we face massive traffic and continuous attempts for finding vulnerabilities
- You join a new team with the opportunity to influence and design new approaches and processes.
- Your effort matters: You will protect the personal data of millions of cyclists, hikers and outdoor enthusiasts all over the world.
- We let you work from wherever you want, be it a beach, the mountains, our headquarters in Potsdam or anywhere that lies between the time zones UTC-1 and UTC+3.
- You’ll travel with our team to amazing outdoor places several times a year (when safe) to exchange ideas, learnings and go for hikes and rides. Check out this video to find out more about our team.
You will be successful if you
- Have 3+ years of experience managing AWS organizations. You know the ins and outs of AWS when it comes to security.
- Have 3+ years of experience security a typical web-stack environment – you’re familiar with typical risks in development and operations, and how to address them
- You are not afraid of using wireshark to debug an issue
- Are highly self-driven, responsible and keen to learn and improve
- Have solid programming skills for automation in python and bash
- Java development and oauth2 experience is a plus
Sound like you?
We would love to hear from you! Please send us the following:
- Your CV in English highlighting your most relevant experience
- A write-up explaining who you are and why you are interested in working at komoot
- Feel free to send us something that shows us a little more about what you’re interested in, be it your account on GitHub, Twitter, Instagram, Medium or your blog.
Curious to find out more about our recruitment process?
- Find out more info here: https://www.komoot.com/jobs-process
- At komoot we want to make great adventures accessible to everyone. We support diversity and inclusivity within the outdoors and welcome all prospective applicants.
- We have a rolling recruitment process. If this role is online it means it’s still open. We’re accepting applications and actively looking for the perfect candidate. Is it you?
- Dedicated time and budget to spend on classes, events, conferences, boot camps, or books for your curiosity and personal development, you decide!
- Blinkist subscription and discounts with outdoor brands like Patagonia and Wahoo
- Flexible working hours and locations
- 3 all-expenses paid Company gatherings per year
- The latest devices and equipment
- And more!
Explore more Information Security career opportunities
- Open Senior Infrastructure Security Engineer Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open SOC Analyst Jobs
- Open Senior Penetration Tester Jobs
- Open IT Security Engineer Jobs
- Open Information Security Architect Jobs
- Open Principal Security Engineer Jobs
- Open Information Security Officer Jobs
- Open Staff Security Engineer Jobs
- Open Vulnerability Analyst Jobs
- Open Personnel Security Officer Jobs
- Open Infrastructure Security Engineer Jobs
- Open Chief Information Security Officer Jobs
- Open Senior Information Security Analyst Jobs
- Open DevOps Security Engineer Jobs
- Open Software Security Engineer Jobs
- Open Senior Information Security Engineer Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open Senior Incident Response Analyst Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open Privacy Manager Jobs
- Open IAM Engineer Jobs
- Open Threat Intelligence Analyst Jobs
- Open Manager, Cybersecurity and Trust Jobs
- Open Cybersecurity Analyst Jobs
- Open Clearance-related jobs
- Open NIST-related jobs
- Open PCI-related jobs
- Open Open Source-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open Machine Learning-related jobs
- Open Ruby-related jobs
- Open Intrusion detection-related jobs
- Open OSCP-related jobs
- Open Security assessments-related jobs
- Open IPS-related jobs
- Open Encryption-related jobs
- Open Threat detection-related jobs
- Open Docker-related jobs
- Open HIPAA-related jobs
- Open Cryptography-related jobs
- Open TCP/IP-related jobs
- Open DevSecOps-related jobs
- Open Unix-related jobs
- Open PowerShell-related jobs
- Open DNS-related jobs