Air Apps
Security Engineer(m/w/x)
Full-timeOn-siteExperienced
Berlin
New Job?Nejo!
Your personal AI career agent
BABabbel
Senior Application & Product Security Engineer(m/w/x)
Berlin
Full-timeOn-siteSenior
AI/ML
Nejo AI Summary
Embedding security into the development lifecycle for a language learning platform, with threat modeling and cloud security posture improvement. Solid understanding of cloud-native architectures and platforms (AWS, GCP, Azure) required. 30 vacation days, Jobbatical up to 3 months in EU/UK.
Requirements
- Strong experience in application, product, or software security engineering roles
- Solid understanding of modern software development practices, cloud-native architectures, and cloud platforms (AWS, GCP, Azure)
- Hands-on experience with secure coding principles, common vulnerability classes (OWASP Top 10), and secure code reviews
- Proficiency with security tooling (SAST, DAST, SCA, CSPM, secrets scanning, CI/CD security automation)
- Experience performing threat modeling and delivering actionable recommendations
- Familiarity with securing AI/ML systems, LLM integrations, or agentic AI architectures
- Strong communication skills
- Ability to partner with engineers
- Ability to contribute to architectural discussions
- Ability to explain security concepts to non-technical stakeholders
- Background as a software engineer or developer
- Experience with Infrastructure as Code (Terraform) and CI/CD automation (GitHub Actions)
- Experience in a product-led or agile development environment
- Knowledge of regulatory or certification frameworks (ISO 27001)
- Ability to work in English
- Openness to learning
Tasks
- Build, maintain, and evolve the application and product security program.
- Embed security into the development lifecycle.
- Improve cloud security posture.
- Identify risks early with pragmatic solutions.
- Lead threat modeling throughout the development lifecycle.
- Identify risks in new features, architecture, and existing systems.
- Mitigate risks in new features, architecture, and existing systems.
- Define and implement secure coding standards.
- Conduct and guide secure code reviews.
- Deliver developer training and best practices.
- Design and manage security automation across the SDLC.
- Implement automated scanning.
- Implement security gates in CI/CD pipelines.
- Enforce policy-as-code.
- Manage software supply chain security.
- Manage vulnerability detection, triage, prioritization, and remediation.
- Monitor emerging threats.
- Monitor industry trends relevant to the technology stack.
- Lead application-layer incident response.
- Drive secure AI adoption across the organization.
- Establish a framework for responsible and secure AI use.
- Adapt security to evolving AI capabilities and integrations.
Work Experience
- approx. 4 - 6 years
Education
- Bachelor's degreeOR
- Master's degree
Languages
- English – Business Fluent
Tools & Technologies
- AWS
- GCP
- Azure
- APIs
- containers
- serverless
- OWASP Top 10
- SAST
- DAST
- SCA
- CSPM
- secrets scanning
- CI/CD security automation
- Terraform
- GitHub Actions
- LLM
- ISO 27001
Benefits
Flexible Working
- Flexible working hours
More Vacation Days
- 30 vacation days
Family Support
- Family and life situation counseling
Workation & Sabbatical
- Jobbatical (up to 3 months in EU/UK)
Modern Office
- Office with nap, faith, family rooms
Learning & Development
- Internal learning opportunities
- Yearly L&D budget
Other Benefits
- Free Babbel language access
- DE&I Community Networks
Parking & Commuter Benefits
- Mobility benefits
Corporate Discounts
- Discounted Urban Sports Club membership
Team Events
- Cultural and social events
Find the original job posting in its most current version here. Nejo automatically captured this job from the website of Babbel and processed the information on Nejo with the help of AI for you. Despite careful analysis, some information may be incomplete or inaccurate. Please always verify all details in the original posting! Content and copyrights of the original posting belong to the advertising company.
Like this job?
BetaYour Career Agent finds similar jobs for you every day.
Not a perfect match?
- Trade Republic
Senior Security Engineer - Application Security(m/w/x)
Full-timeOn-siteSeniorBerlin - Trade Republic
Senior Security Engineer - Cloud Security(m/w/x)
Full-timeOn-siteSeniorBerlin - 1GLOBAL
Senior DevSecOps / Cloud Security Engineer(m/w/x)
Full-timeOn-siteSeniorBerlin - Ivy
Security Engineer(m/w/x)
Full-timeOn-siteExperiencedBerlin
BABabbel
Senior Application & Product Security Engineer(m/w/x)
Berlin
Full-timeOn-siteSenior
AI/ML
Nejo AI Summary
Embedding security into the development lifecycle for a language learning platform, with threat modeling and cloud security posture improvement. Solid understanding of cloud-native architectures and platforms (AWS, GCP, Azure) required. 30 vacation days, Jobbatical up to 3 months in EU/UK.
Requirements
- Strong experience in application, product, or software security engineering roles
- Solid understanding of modern software development practices, cloud-native architectures, and cloud platforms (AWS, GCP, Azure)
- Hands-on experience with secure coding principles, common vulnerability classes (OWASP Top 10), and secure code reviews
- Proficiency with security tooling (SAST, DAST, SCA, CSPM, secrets scanning, CI/CD security automation)
- Experience performing threat modeling and delivering actionable recommendations
- Familiarity with securing AI/ML systems, LLM integrations, or agentic AI architectures
- Strong communication skills
- Ability to partner with engineers
- Ability to contribute to architectural discussions
- Ability to explain security concepts to non-technical stakeholders
- Background as a software engineer or developer
- Experience with Infrastructure as Code (Terraform) and CI/CD automation (GitHub Actions)
- Experience in a product-led or agile development environment
- Knowledge of regulatory or certification frameworks (ISO 27001)
- Ability to work in English
- Openness to learning
Tasks
- Build, maintain, and evolve the application and product security program.
- Embed security into the development lifecycle.
- Improve cloud security posture.
- Identify risks early with pragmatic solutions.
- Lead threat modeling throughout the development lifecycle.
- Identify risks in new features, architecture, and existing systems.
- Mitigate risks in new features, architecture, and existing systems.
- Define and implement secure coding standards.
- Conduct and guide secure code reviews.
- Deliver developer training and best practices.
- Design and manage security automation across the SDLC.
- Implement automated scanning.
- Implement security gates in CI/CD pipelines.
- Enforce policy-as-code.
- Manage software supply chain security.
- Manage vulnerability detection, triage, prioritization, and remediation.
- Monitor emerging threats.
- Monitor industry trends relevant to the technology stack.
- Lead application-layer incident response.
- Drive secure AI adoption across the organization.
- Establish a framework for responsible and secure AI use.
- Adapt security to evolving AI capabilities and integrations.
Work Experience
- approx. 4 - 6 years
Education
- Bachelor's degreeOR
- Master's degree
Languages
- English – Business Fluent
Tools & Technologies
- AWS
- GCP
- Azure
- APIs
- containers
- serverless
- OWASP Top 10
- SAST
- DAST
- SCA
- CSPM
- secrets scanning
- CI/CD security automation
- Terraform
- GitHub Actions
- LLM
- ISO 27001
Benefits
Flexible Working
- Flexible working hours
More Vacation Days
- 30 vacation days
Family Support
- Family and life situation counseling
Workation & Sabbatical
- Jobbatical (up to 3 months in EU/UK)
Modern Office
- Office with nap, faith, family rooms
Learning & Development
- Internal learning opportunities
- Yearly L&D budget
Other Benefits
- Free Babbel language access
- DE&I Community Networks
Parking & Commuter Benefits
- Mobility benefits
Corporate Discounts
- Discounted Urban Sports Club membership
Team Events
- Cultural and social events
Find the original job posting in its most current version here. Nejo automatically captured this job from the website of Babbel and processed the information on Nejo with the help of AI for you. Despite careful analysis, some information may be incomplete or inaccurate. Please always verify all details in the original posting! Content and copyrights of the original posting belong to the advertising company.
Like this job?
BetaYour Career Agent finds similar jobs for you every day.
About the Company
Babbel
Industry
Education
Description
The company is one of the fastest-growing education technology companies, committed to creating diverse learning experiences.
Not a perfect match?
- Air Apps
Security Engineer(m/w/x)
Full-timeOn-siteExperiencedBerlin - Trade Republic
Senior Security Engineer - Application Security(m/w/x)
Full-timeOn-siteSeniorBerlin - Trade Republic
Senior Security Engineer - Cloud Security(m/w/x)
Full-timeOn-siteSeniorBerlin - 1GLOBAL
Senior DevSecOps / Cloud Security Engineer(m/w/x)
Full-timeOn-siteSeniorBerlin - Ivy
Security Engineer(m/w/x)
Full-timeOn-siteExperiencedBerlin