Moss
Senior Security Engineer – Cloud Security & Security Operations(m/w/x)
Full-timeWith HomeofficeSenior
Berlin
New Job?Nejo!
The AI Job Search Engine
Securing Kubernetes-based GCP infrastructure, APIs, and mobile apps at a digital medical services provider. Hands-on application/cloud security experience with Kubernetes and GCP required. Professional development and certification budgets.
Requirements
- Solid hands-on experience in application and/or cloud security
- Experience with Kubernetes and GCP
- Strong understanding of API security (OWASP API & Mobile Top 10)
- Experience securing Node.js/TypeScript systems
- Ability to work independently and drive initiatives
- CISSP, CKS, CCSP, OSCP certifications
- Container scanning experience
- GCP IAM knowledge
- Automation scripting skills
Tasks
- Manage security for services, APIs, and mobile apps
- Manage security for Kubernetes-based GCP infrastructure
- Establish pragmatic, scalable, and developer-friendly security standards
- Collaborate with engineering and leadership
- Contribute to architectural decisions
- Conduct penetration testing for Node.js/TypeScript
- Conduct penetration testing for APIs
- Conduct penetration testing for mobile apps
- Utilize tools such as Burp Suite for testing
- Identify security vulnerabilities
- Remediate auth bypass and injection flaws
- Remediate deserialization flaws
- Define and implement secure API standards
- Apply standards including JWT/OAuth and TLS/mTLS
- Implement API validation, rate limiting, and CORS
- Harden Kubernetes/GCP infrastructure
- Harden Postgres databases
- Harden Redis/BullMQ systems
- Secure mobile applications
- Establish Secure SDLC practices
- Continuously improve Secure SDLC practices
- Implement threat modeling and security reviews
- Integrate SAST/DAST into CI/CD pipelines
- Implement automated monitoring using eBPF and Falco
- Support incident response
- Contribute to GDPR initiatives
- Contribute to ISO 27001 initiatives
- Contribute to SOC 2 initiatives
Education
- Vocational certificationOR
- Bachelor's degreeOR
- Master's degree
Languages
- English – Business Fluent
Tools & Technologies
- Kubernetes
- GCP
- Node.js
- TypeScript
- GCP IAM
Benefits
Flexible Working
- Remote work
- Flexible setup
Additional Allowances
- Professional development budget
Learning & Development
- Certification budget
Find the original job posting in its most current version here. Nejo automatically captured this job from the website of DrAnsay and processed the information on Nejo with the help of AI for you. Despite careful analysis, some information may be incomplete or inaccurate. Please always verify all details in the original posting! Content and copyrights of the original posting belong to the advertising company.
Not a perfect match?
- Nebius
Application Security Engineer(m/w/x)
Full-timeWith HomeofficeExperiencedBerlin - Contentful
Cloud Security Engineer(m/w/x)
Full-timeRemoteNot specifiedBerlin - commercetools
Principal Engineer, Product Security(m/w/x)
Full-timeWith HomeofficeSeniorBerlin - commercetools
Principal Engineer, Product Security(m/w/x)
Full-timeWith HomeofficeSeniorMünchen, Berlin
Securing Kubernetes-based GCP infrastructure, APIs, and mobile apps at a digital medical services provider. Hands-on application/cloud security experience with Kubernetes and GCP required. Professional development and certification budgets.
Requirements
- Solid hands-on experience in application and/or cloud security
- Experience with Kubernetes and GCP
- Strong understanding of API security (OWASP API & Mobile Top 10)
- Experience securing Node.js/TypeScript systems
- Ability to work independently and drive initiatives
- CISSP, CKS, CCSP, OSCP certifications
- Container scanning experience
- GCP IAM knowledge
- Automation scripting skills
Tasks
- Manage security for services, APIs, and mobile apps
- Manage security for Kubernetes-based GCP infrastructure
- Establish pragmatic, scalable, and developer-friendly security standards
- Collaborate with engineering and leadership
- Contribute to architectural decisions
- Conduct penetration testing for Node.js/TypeScript
- Conduct penetration testing for APIs
- Conduct penetration testing for mobile apps
- Utilize tools such as Burp Suite for testing
- Identify security vulnerabilities
- Remediate auth bypass and injection flaws
- Remediate deserialization flaws
- Define and implement secure API standards
- Apply standards including JWT/OAuth and TLS/mTLS
- Implement API validation, rate limiting, and CORS
- Harden Kubernetes/GCP infrastructure
- Harden Postgres databases
- Harden Redis/BullMQ systems
- Secure mobile applications
- Establish Secure SDLC practices
- Continuously improve Secure SDLC practices
- Implement threat modeling and security reviews
- Integrate SAST/DAST into CI/CD pipelines
- Implement automated monitoring using eBPF and Falco
- Support incident response
- Contribute to GDPR initiatives
- Contribute to ISO 27001 initiatives
- Contribute to SOC 2 initiatives
Education
- Vocational certificationOR
- Bachelor's degreeOR
- Master's degree
Languages
- English – Business Fluent
Tools & Technologies
- Kubernetes
- GCP
- Node.js
- TypeScript
- GCP IAM
Benefits
Flexible Working
- Remote work
- Flexible setup
Additional Allowances
- Professional development budget
Learning & Development
- Certification budget
Find the original job posting in its most current version here. Nejo automatically captured this job from the website of DrAnsay and processed the information on Nejo with the help of AI for you. Despite careful analysis, some information may be incomplete or inaccurate. Please always verify all details in the original posting! Content and copyrights of the original posting belong to the advertising company.
About the Company
DrAnsay
Industry
Healthcare
Description
DrAnsay builds digital medical services to make healthcare accessible, efficient, and scalable through a platform connecting technology, medical expertise, and data-driven decision-making.
Not a perfect match?
- Moss
Senior Security Engineer – Cloud Security & Security Operations(m/w/x)
Full-timeWith HomeofficeSeniorBerlin - Nebius
Application Security Engineer(m/w/x)
Full-timeWith HomeofficeExperiencedBerlin - Contentful
Cloud Security Engineer(m/w/x)
Full-timeRemoteNot specifiedBerlin - commercetools
Principal Engineer, Product Security(m/w/x)
Full-timeWith HomeofficeSeniorBerlin - commercetools
Principal Engineer, Product Security(m/w/x)
Full-timeWith HomeofficeSeniorMünchen, Berlin