Application Security Professional (m/f/d)
Düsseldorf, Germany
METRO/MAKRO
METRO is a partner of many small and mid-sized independent companies. Their success is our business. The group is headed by METRO AG, which acts as the central management holding company.Company Description
As a leading international food wholesaler, we at METRO are specialized in catering to the needs of hotels, restaurants, caterers (HoReCa), independent merchants (Traders), and more. With approximately 15 million customers worldwide, our unique multichannel mix offers the flexibility of purchasing goods in-store or via our digitally connected Food Service Distribution (FSD) delivery. In addition, we are continuously expanding our international online marketplace, METRO MARKETS, to meet the needs of our professional customers. We furthermore take pride in our commitment to sustainability which is considered in all our actions and being listed in various sustainability indices and rankings for years is proof for our dedication (e. g. MSCI, CDP, Dow Jones Sustainability Index). With our business operations spanning 32 countries, over 90,000 employees worldwide and generating sales of around €30 billion in the fiscal year 2022/23, we are determined to continue our journey to growth.
At METRO, we have set ourselves ambitious goals with our “sCore” growth strategy which is closely accompanied by our Fundamentals. These shared values provide us with rules of conduct that are binding for everyone at METRO, in all countries and companies. Our commitment to wholesale is at the forefront of our mission, and we are constantly striving to improve. With our ONE METRO spirit, everyone stands together, bringing curiosity, determination, courage, drive, commitment, and trust. Find out more about METRO at careers.metroag.de.
Job Description
Join us, in developing and strengthening an entire department and transforming cybersecurity capabilities on a global scale. If you're committed to making a real impact in the field of Cyber Security, you can #ShapeTheM with us.
Besides an interesting professional environment, we offer you a culture that wants you to thrive and allows to learn from each other:
We try together, we stumble together, we get up together and shape our future. Be part of our transformation, build cross-functional capabilities and discover new ways of excelling in the Cyber Security field.
We create impact in the world of food and offer comfort for our customers worldwide. To achieve this, we build capabilities to be the cyber-resilient omni-channel wholesaler.
We invite you to take on responsibility, make our company your company and create a business together that remains true to its roots but always seeks new solutions.
Together, we CARRY the M, we GROW the M, we INSPIRE the M, we SHAPE the M.
The purpose of this role is to define the security requirements for the cloud platforms utilized at METRO based on the industry standards and regulations as well as monitore their fulfillment. This role owns knowledge of common security threats, security controls and associated technologies and practices related to securing the relevant IaaS,PaaS and SaaS cloud platforms, cloud services, and associated IT resources based on cloud technologies.
Your Tasks:
- Develop and implement a comprehensive cloud security strategy aligned with METRO's overall security posture.
- Collaborate with cloud service providers and internal stakeholders to ensure secure cloud deployments.
- Conduct regular security assessments of cloud platforms to identify and mitigate potential risks.
- Stay up-to-date on the latest cloud security threats and vulnerabilities.
- Implement and maintain security controls for cloud platforms to protect sensitive data and assets.
- Participate in incident response activities and provide technical expertise for cloud-related security incidents.
- Develop and document cloud security policies and procedures.
- Continuously improve cloud security posture through automation and optimization.
Qualifications
- Bachelor's degree in Cybersecurity, Information Technology, or a related field (or equivalent experience).
- Minimum of 3 years of experience in cloud security engineering.
- Proven experience in defining and implementing cloud security controls.
- Strong understanding of cloud security best practices and industry standards (e.g., AWS Security Best Practices, CIS Controls).
- In-depth knowledge of IaaS, PaaS, and SaaS security concepts.
- Experience with cloud security tools and technologies (e.g., CloudTrail, GuardDuty, Security Hub).
- Excellent communication, collaboration, and problem-solving skills.
- Ability to work independently and as part of a team.
Additional Information
- We offer to be part of a fast-growing international team that has significant scaling ambitions across multiple markets.
- Work-Life Balance: Trusted working hours, 30 days of vacation and home office options
- Further training: A comprehensive further training offer over an own training team as well as an own annual training budget.
- Well-being: Health programs, a free fitness studio on our campus and regular employee events.
- Comfort: Very good public transport connections and free parking spaces including charging facilities for e-mobility. A canteens with a varied selection of meals and discounts in our stores and at many partner companies
Please note that all job opportunities at METRO AG require that you live in/move to Germany and can be in office in Düsseldorf at least 2 times per week. We don't offer 100% remote opportunities.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation AWS Cloud IaaS Incident response PaaS SaaS Security assessment Security strategy Strategy Vulnerabilities
Perks/benefits: Career development Fitness / gym Home office stipend Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs