Application Security Engineer (m/f/d) - IT, Entwicklung, Qualitätsmanagement

Your daily workout

Are you excited to shape application security in a modern, cloud-native product environment? Do you enjoy working closely with software engineers and enabling teams to build secure products by design? Then apply now as an Application Security Engineer (m/f/d) for our team in Berlin or Munich!

• Secure-by-Design Enablement: You work closely with software engineering teams to integrate application security into design, development, and deployment processes
• Security Reviews: You perform and manage security reviews for major features, services, APIs, and critical applications
• Tooling & Automation: You design, introduce, and continuously improve application security tooling such as SAST and DAST, including CI/CD integration
• Vulnerability Management: You identify, validate, and help prioritize vulnerabilities across applications, APIs, and cloud-native environments, supporting teams with pragmatic remediation guidance
• Advisory & Consulting Role: You act as a trusted security advisor, translating security requirements and findings into practical, developer-friendly solutions
• Cloud & Platform Security: You collaborate with SRE, DevOps, and platform teams to improve security in containerized and cloud-native setups (e.g. Kubernetes, Docker, GCP/AWS)
• Security Awareness: You contribute to improving security awareness and knowledge across engineering teams through documentation, guidance, and hands-on support
• Continuous Improvement: You stay up to date with emerging threats, application security trends, and DevSecOps best practices
• Compliance & Certification Leadership: You lead technical readiness and evidence collection for security certifications (e.g., SOC 2, ISO 27001) and emerging regulatory requirements, ensuring the product ecosystem meets global security standards
• Trust & Sales Enablement: You serve as the technical authority for security questionnaires, providing accurate and timely responses to prospects and clients to streamline the sales process and demonstrate compliance with customer security requirements

Your fitness level

• Professional Experience: You have several years of experience in Application Security, Software Security Engineering, or a closely related role
• Application Security Know-how: You have strong knowledge of OWASP Top 10, secure coding principles, threat modeling, and security testing approaches such as SAST and DAST
• Technical Skills: You are comfortable working with modern software stacks and can read or write code (e.g. Go, Java, Python, or similar) to support reviews, PoCs, or tooling
• Cloud & DevSecOps Understanding: You are familiar with cloud-native architectures, APIs, CI/CD pipelines, and containerized environments
• Mindset: You enjoy working with engineers rather than acting as a gatekeeper
• Working Style: You work in a structured, pragmatic, and collaborative way and feel comfortable shaping processes in a greenfield environment
• Language Skills: You have professional proficiency in English

Your training goal for your first 6 months

• Understanding: You gain a deep understanding of our tech stack, development processes, and teams
• Planning: You create and align a plan to continuously improve the application security posture across the organization
• Execution: You collaborate with engineering teams on concrete AppSec initiatives such as security tooling rollout and process improvements
• Impact: You drive and deliver individual application security projects derived from the aligned plan

The equipment we provide

• Learning Time: Use 10% of your time on learning topics of your choice (conferences, hackathons, internal and external events, videos, books or innovation projects)
• Modern Tech Stack Engagement: Interested in working with other technologies as well? Check out our tech radar:
• Choose Your Equipment: Use state-of-the-art laptops (MacOS, Linux, Windows? Choose your weapon! Also choose your Distro!)
• International Team: Join our diverse and international team to collaborate with talented professionals from around the world
• Work-Life-Balance: Benefit from flexible working hours, home office possibilities and 30 days of vacation per year
• Fit & Healthy: Train for free with EGYM Wellpass in several thousand sports and health facilities across Germany and/or alternatively use our in-house gym with EGYM products
• Flex Budget: Use €60 per month flexibly for public transportation and a meal subsidy
• Discounts: Get a variety of great discounted offers, from fashion to leisure, through our employee benefits portal