Senior Platform Security Engineer
Location:
Hamburg Altstadt, Hamburg, Germany
Salary:
€80000 - €95000 per annum
Job Type:
Permanent
Date Posted:
3 days ago
Expiry Date:
12/06/2025
Job Ref:
BH-51720
Start Date:
28/04/2025
Contact:
Jonathan Malone
Contact Email:
jonathan.malone@xcede.de
Specialism:
CyberGermany
A multi-national Global leading company we are partenred with are looking for a Security engineer to join their and enhance the security posture of their platforms.
Responsibilities:
Responsibilities:
- Lead the adoption and integration of DevSecOps practices within DevOps environments.
- Act as the main point of contact for security matters, facilitating access to subject matter expertise within the cybersecurity organization.
- Evaluate information security risks associated with business initiatives, assess potential impacts, and monitor remediation activities throughout project lifecycles.
- Collaborate closely with IT professionals, including developers, architects, product owners, and business stakeholders, to align platform security with organizational risk tolerance and evolving threat landscapes.
- Develop deep expertise in platform-specific security requirements, ensuring embedded security measures are appropriate and effective.
- Partner with colleagues to identify and implement shared security solutions and best practices.
- Support risk and compliance functions by contributing to the development, review, and updating of information security policies and standards.
- Maintain up-to-date knowledge of emerging security technologies, systems, trends, and industry best practices.
- Master’s or Bachelor’s degree in Information Technology, Cybersecurity, Information Systems Security, or a related discipline, or equivalent technical training and experience.
- At least 4 years of hands-on experience in IT and Information Security, with a demonstrated ability to work independently.
- Strong understanding of security architectures across cloud, mobile, enterprise, web, and application environments.
- Proficient in using threat modeling frameworks such as MITRE ATT&CK, STRIDE, and PASTA.
- Solid knowledge of key security standards and frameworks, including ISO 27001, ISO 27017, NIST, NTSC, OWASP, CIS Benchmarks, and CVSS.
- Skilled in security testing methodologies to prevent vulnerabilities such as remote code execution, SQL injection, and cross-site scripting (XSS).
- Experience with securing cloud environments and microservices-based architectures.
- Familiarity with legal and regulatory requirements related to information security and data protection.
- Specialized expertise in areas such as web and mobile application security and data protection strategies, with the ability to mentor and share knowledge with peers.
- Broad knowledge of security principles, with deep technical expertise in two or three specific domains.
- Excellent communication skills, with the ability to clearly convey technical concepts to both technical and non-technical audiences.
- Openness to working in a hybrid model, with availability to work onsite up to three days per week (e.g., at a designated office location).
APPLY FOR THIS JOB
For your job application, please fill in the form below.
Jonathan Malone
Specialisms: Cyber, InfoSec, GRC & Vulnerabilities, Security Architecture & Engineering, Network Security & Operations