commercetools
Principal Engineer, Product Security(m/w/x)
Full-timeWith HomeofficeSenior
München, Berlin
New Job?Nejo!
Your personal AI career agent
Hands-on product security engineering for an open workflow orchestration platform. 5+ years SaaS/cloud product security experience required. Equity, 30 days vacation, and unlimited AI budget.
Requirements
- 5+ years product/application security engineering experience in SaaS/cloud
- Hands-on experience triaging security findings
- Hands-on experience validating security findings
- Hands-on experience coordinating remediation of security findings
- Strong understanding of web vulnerabilities
- Strong understanding of secure development principles
- Experience with SAST tooling
- Experience with DAST tooling
- Experience with dependency scanning tooling
- Experience with container scanning tooling
- Collaboration with product and engineering teams
- Ability to support teams without blocking
- Ability to document security findings
- Ability to explain security risks
- Clear communication with technical stakeholders
- Clear communication with non-technical stakeholders
- Prioritization skills
- Focus on meaningful risks
- Progress in fast-moving environments
- Excitement for joining a new security team
- Helping shape security team growth
- Experience securing cloud-native platforms
- Experience securing multi-tenant SaaS platforms
- Understanding of JavaScript security considerations
- Understanding of TypeScript security considerations
- Integration of security checks into CI/CD pipelines
- Integration of security practices into CI/CD pipelines
- Integration of security checks into developer workflows
- Integration of security practices into developer workflows
- Support for threat modeling
- Support for design reviews
- Experience with external researchers
- Experience with bug bounty platforms
- Experience with coordinated disclosure processes
- Experience in fast-growing companies
- Experience in environments with open-source communities
- Experience in environments with developer communities
- Experience in environments with technical user communities
Tasks
- Strengthen product and platform security
- Drive hands-on security work
- Reduce risk and ensure secure shipping
- Build a growing security practice
- Manage vulnerability intake and triage
- Handle security inbox and bug bounty submissions
- Coordinate remediation with engineering teams
- Track issues to resolution with clear priorities
- Support coordinated disclosures
- Manage GitHub Security Advisories
- Communicate with researchers
- Operate and improve security tooling
- Conduct security assessments
- Validate findings from internal or external testing
- Track remediation efforts
- Improve risk visibility through actionable findings
- Document technical recommendations
- Embed security into design and development
- Support threat modeling
- Provide secure coding guidance
- Conduct lightweight security reviews
- Create clear and useful documentation
- Support security incident coordination
- Investigate and track security incidents
- Communicate and follow up on security actions
- Contribute to playbooks and runbooks
- Enhance internal processes
- Shape the security function’s practical operations
- Collaborate with the Head of Security and future hires
Work Experience
- 5 years
Education
- Bachelor's degreeOR
- Master's degree
Languages
- English – Business Fluent
Tools & Technologies
- SAST
- DAST
- dependency scanning
- container scanning
- JavaScript
- TypeScript
- CI/CD
Benefits
Competitive Pay
- Equity
Learning & Development
- Annual learning budget
Social Impact
- Monthly donation budget
Additional Allowances
- Unlimited AI budget
More Vacation Days
- 30 days of vacation
Other Benefits
- Public holidays
- Short-term disability insurance
- Life insurance
Healthcare & Fitness
- Medical plans
- Dental coverage
- Vision coverage
Retirement Plans
- Pension contributions
- 401(k) retirement plan with 4% employer match
Job Security
- Long-term disability insurance
Team Events
- Hackathons
Flexible Working
- Remote-first
Find the original job posting in its most current version here. Nejo automatically captured this job from the website of n8n and processed the information on Nejo with the help of AI for you. Despite careful analysis, some information may be incomplete or inaccurate. Please always verify all details in the original posting! Content and copyrights of the original posting belong to the advertising company.
Not a perfect match?
- commercetools
Principal Engineer, Product Security(m/w/x)
Full-timeWith HomeofficeSeniorBerlin - n8n
Senior Product Engineer (TS/NodeJS/Vue)(m/w/x)
Full-timeRemoteSeniorBerlin - SAP
Senior Product Security Engineer(m/w/x)
Full-timeWith HomeofficeSeniorBonn, Walldorf, Berlin, Dresden, München - Parloa
Director Of Security Engineering(m/w/x)
Full-timeWith HomeofficeSeniorBerlin
Hands-on product security engineering for an open workflow orchestration platform. 5+ years SaaS/cloud product security experience required. Equity, 30 days vacation, and unlimited AI budget.
Requirements
- 5+ years product/application security engineering experience in SaaS/cloud
- Hands-on experience triaging security findings
- Hands-on experience validating security findings
- Hands-on experience coordinating remediation of security findings
- Strong understanding of web vulnerabilities
- Strong understanding of secure development principles
- Experience with SAST tooling
- Experience with DAST tooling
- Experience with dependency scanning tooling
- Experience with container scanning tooling
- Collaboration with product and engineering teams
- Ability to support teams without blocking
- Ability to document security findings
- Ability to explain security risks
- Clear communication with technical stakeholders
- Clear communication with non-technical stakeholders
- Prioritization skills
- Focus on meaningful risks
- Progress in fast-moving environments
- Excitement for joining a new security team
- Helping shape security team growth
- Experience securing cloud-native platforms
- Experience securing multi-tenant SaaS platforms
- Understanding of JavaScript security considerations
- Understanding of TypeScript security considerations
- Integration of security checks into CI/CD pipelines
- Integration of security practices into CI/CD pipelines
- Integration of security checks into developer workflows
- Integration of security practices into developer workflows
- Support for threat modeling
- Support for design reviews
- Experience with external researchers
- Experience with bug bounty platforms
- Experience with coordinated disclosure processes
- Experience in fast-growing companies
- Experience in environments with open-source communities
- Experience in environments with developer communities
- Experience in environments with technical user communities
Tasks
- Strengthen product and platform security
- Drive hands-on security work
- Reduce risk and ensure secure shipping
- Build a growing security practice
- Manage vulnerability intake and triage
- Handle security inbox and bug bounty submissions
- Coordinate remediation with engineering teams
- Track issues to resolution with clear priorities
- Support coordinated disclosures
- Manage GitHub Security Advisories
- Communicate with researchers
- Operate and improve security tooling
- Conduct security assessments
- Validate findings from internal or external testing
- Track remediation efforts
- Improve risk visibility through actionable findings
- Document technical recommendations
- Embed security into design and development
- Support threat modeling
- Provide secure coding guidance
- Conduct lightweight security reviews
- Create clear and useful documentation
- Support security incident coordination
- Investigate and track security incidents
- Communicate and follow up on security actions
- Contribute to playbooks and runbooks
- Enhance internal processes
- Shape the security function’s practical operations
- Collaborate with the Head of Security and future hires
Work Experience
- 5 years
Education
- Bachelor's degreeOR
- Master's degree
Languages
- English – Business Fluent
Tools & Technologies
- SAST
- DAST
- dependency scanning
- container scanning
- JavaScript
- TypeScript
- CI/CD
Benefits
Competitive Pay
- Equity
Learning & Development
- Annual learning budget
Social Impact
- Monthly donation budget
Additional Allowances
- Unlimited AI budget
More Vacation Days
- 30 days of vacation
Other Benefits
- Public holidays
- Short-term disability insurance
- Life insurance
Healthcare & Fitness
- Medical plans
- Dental coverage
- Vision coverage
Retirement Plans
- Pension contributions
- 401(k) retirement plan with 4% employer match
Job Security
- Long-term disability insurance
Team Events
- Hackathons
Flexible Working
- Remote-first
Find the original job posting in its most current version here. Nejo automatically captured this job from the website of n8n and processed the information on Nejo with the help of AI for you. Despite careful analysis, some information may be incomplete or inaccurate. Please always verify all details in the original posting! Content and copyrights of the original posting belong to the advertising company.
About the Company
n8n
Industry
IT
Description
n8n is an open AI workflow orchestration platform that empowers technical teams to automate faster and smarter.
Not a perfect match?
- commercetools
Principal Engineer, Product Security(m/w/x)
Full-timeWith HomeofficeSeniorMünchen, Berlin - commercetools
Principal Engineer, Product Security(m/w/x)
Full-timeWith HomeofficeSeniorBerlin - n8n
Senior Product Engineer (TS/NodeJS/Vue)(m/w/x)
Full-timeRemoteSeniorBerlin - SAP
Senior Product Security Engineer(m/w/x)
Full-timeWith HomeofficeSeniorBonn, Walldorf, Berlin, Dresden, München - Parloa
Director Of Security Engineering(m/w/x)
Full-timeWith HomeofficeSeniorBerlin