Moss
Senior Security Engineer – Cloud Security & Security Operations(m/w/x)
Vollzeitmit HomeofficeSenior
Berlin
Neuer Job?Nejo!
Die KI-Suchmaschine für Jobs
Securing Kubernetes-based GCP infrastructure, APIs, and mobile apps at a digital medical services provider. Hands-on application/cloud security experience with Kubernetes and GCP required. Professional development and certification budgets.
Anforderungen
- Solid hands-on experience in application and/or cloud security
- Experience with Kubernetes and GCP
- Strong understanding of API security (OWASP API & Mobile Top 10)
- Experience securing Node.js/TypeScript systems
- Ability to work independently and drive initiatives
- CISSP, CKS, CCSP, OSCP certifications
- Container scanning experience
- GCP IAM knowledge
- Automation scripting skills
Aufgaben
- Manage security for services, APIs, and mobile apps
- Manage security for Kubernetes-based GCP infrastructure
- Establish pragmatic, scalable, and developer-friendly security standards
- Collaborate with engineering and leadership
- Contribute to architectural decisions
- Conduct penetration testing for Node.js/TypeScript
- Conduct penetration testing for APIs
- Conduct penetration testing for mobile apps
- Utilize tools such as Burp Suite for testing
- Identify security vulnerabilities
- Remediate auth bypass and injection flaws
- Remediate deserialization flaws
- Define and implement secure API standards
- Apply standards including JWT/OAuth and TLS/mTLS
- Implement API validation, rate limiting, and CORS
- Harden Kubernetes/GCP infrastructure
- Harden Postgres databases
- Harden Redis/BullMQ systems
- Secure mobile applications
- Establish Secure SDLC practices
- Continuously improve Secure SDLC practices
- Implement threat modeling and security reviews
- Integrate SAST/DAST into CI/CD pipelines
- Implement automated monitoring using eBPF and Falco
- Support incident response
- Contribute to GDPR initiatives
- Contribute to ISO 27001 initiatives
- Contribute to SOC 2 initiatives
Ausbildung
- Abgeschlossene BerufsausbildungODER
- Bachelor-AbschlussODER
- Master-Abschluss
Sprachen
- Englisch – verhandlungssicher
Tools & Technologien
- Kubernetes
- GCP
- Node.js
- TypeScript
- GCP IAM
Benefits
Flexibles Arbeiten
- Remote work
- Flexible setup
Sonstige Zulagen
- Professional development budget
Weiterbildungsangebote
- Certification budget
Die Originalanzeige dieses Stellenangebotes in der aktuellsten Version findest du hier. Nejo hat diesen Job automatisch von der Website des Unternehmens DrAnsay erfasst und die Informationen auf Nejo mit Hilfe von KI für dich aufbereitet. Trotz sorgfältiger Analyse können einzelne Informationen unvollständig oder ungenau sein. Bitte prüfe immer alle Angaben in der Originalanzeige! Inhalte und Urheberrechte der Originalanzeige liegen beim ausschreibenden Unternehmen.
Noch nicht perfekt?
- EGYM
Application Security Engineer(m/w/x)
Vollzeitmit HomeofficeBerufserfahrenMünchen, Berlin - Nebius
Application Security Engineer(m/w/x)
Vollzeitmit HomeofficeBerufserfahrenBerlin - Contentful
Cloud Security Engineer(m/w/x)
VollzeitRemoteKeine AngabeBerlin - commercetools
Principal Engineer, Product Security(m/w/x)
Vollzeitmit HomeofficeSeniorBerlin
Securing Kubernetes-based GCP infrastructure, APIs, and mobile apps at a digital medical services provider. Hands-on application/cloud security experience with Kubernetes and GCP required. Professional development and certification budgets.
Anforderungen
- Solid hands-on experience in application and/or cloud security
- Experience with Kubernetes and GCP
- Strong understanding of API security (OWASP API & Mobile Top 10)
- Experience securing Node.js/TypeScript systems
- Ability to work independently and drive initiatives
- CISSP, CKS, CCSP, OSCP certifications
- Container scanning experience
- GCP IAM knowledge
- Automation scripting skills
Aufgaben
- Manage security for services, APIs, and mobile apps
- Manage security for Kubernetes-based GCP infrastructure
- Establish pragmatic, scalable, and developer-friendly security standards
- Collaborate with engineering and leadership
- Contribute to architectural decisions
- Conduct penetration testing for Node.js/TypeScript
- Conduct penetration testing for APIs
- Conduct penetration testing for mobile apps
- Utilize tools such as Burp Suite for testing
- Identify security vulnerabilities
- Remediate auth bypass and injection flaws
- Remediate deserialization flaws
- Define and implement secure API standards
- Apply standards including JWT/OAuth and TLS/mTLS
- Implement API validation, rate limiting, and CORS
- Harden Kubernetes/GCP infrastructure
- Harden Postgres databases
- Harden Redis/BullMQ systems
- Secure mobile applications
- Establish Secure SDLC practices
- Continuously improve Secure SDLC practices
- Implement threat modeling and security reviews
- Integrate SAST/DAST into CI/CD pipelines
- Implement automated monitoring using eBPF and Falco
- Support incident response
- Contribute to GDPR initiatives
- Contribute to ISO 27001 initiatives
- Contribute to SOC 2 initiatives
Ausbildung
- Abgeschlossene BerufsausbildungODER
- Bachelor-AbschlussODER
- Master-Abschluss
Sprachen
- Englisch – verhandlungssicher
Tools & Technologien
- Kubernetes
- GCP
- Node.js
- TypeScript
- GCP IAM
Benefits
Flexibles Arbeiten
- Remote work
- Flexible setup
Sonstige Zulagen
- Professional development budget
Weiterbildungsangebote
- Certification budget
Die Originalanzeige dieses Stellenangebotes in der aktuellsten Version findest du hier. Nejo hat diesen Job automatisch von der Website des Unternehmens DrAnsay erfasst und die Informationen auf Nejo mit Hilfe von KI für dich aufbereitet. Trotz sorgfältiger Analyse können einzelne Informationen unvollständig oder ungenau sein. Bitte prüfe immer alle Angaben in der Originalanzeige! Inhalte und Urheberrechte der Originalanzeige liegen beim ausschreibenden Unternehmen.
Über das Unternehmen
DrAnsay
Branche
Healthcare
Beschreibung
DrAnsay builds digital medical services to make healthcare accessible, efficient, and scalable through a platform connecting technology, medical expertise, and data-driven decision-making.
Noch nicht perfekt?
- Moss
Senior Security Engineer – Cloud Security & Security Operations(m/w/x)
Vollzeitmit HomeofficeSeniorBerlin - EGYM
Application Security Engineer(m/w/x)
Vollzeitmit HomeofficeBerufserfahrenMünchen, Berlin - Nebius
Application Security Engineer(m/w/x)
Vollzeitmit HomeofficeBerufserfahrenBerlin - Contentful
Cloud Security Engineer(m/w/x)
VollzeitRemoteKeine AngabeBerlin - commercetools
Principal Engineer, Product Security(m/w/x)
Vollzeitmit HomeofficeSeniorBerlin