Information Security Engineer (f/m/d)

Your area of work:
Support Team Cyber Protection with its security tools to provide a Vulnerability Management Service. In your position, you will provide IT security expertise in support to the business and in line with the key responsibilities.
 
Your Responsibilities:

• Provide a security service where your part is to design, plan and coordinate the deployment of a new security infrastructure or component. This will be achieved by collaboration with other technical teams.
• Cyber Protection offers a wide range of security tools, therefore you should be open to support different kind of detect & prevent capabilities (SAST , SCA and DAST technical awareness is plus, e.g. Fortify).
• Initially, two security services are considered, however over time, the role can be developed further by support of other vulnerability management technologies:
  • service that allows scanning of Container environment (OS oriented not applicative) in the Cloud platform
  • service that allows the assessment of an application’s source code to uncover vulnerabilities and security flaws
• Manage continuous service improvements and/or enhancements to build and maintain strong security capabilities including, e.g., handling of vulnerability false positives or strengthen detect & prevent capabilities.
• Write and review technical documentation.
• Consider regulatory aspects and compliance level of the security solutions incl. cloud (native) security in the financial industry.

 
Your Profile:

• 3+ years of experience in SDLC / Cyber security
• Knowledge in cyber security tooling for SAST, DAST, Vulnerability Scanners, etc.
• Good understanding of SDLC in code development and analysis
• Programming language like Python, Java, etc. is a plus
• Knowledge in Container and Orchestration environment such as Docker, Kubernetes or Openshift is a plus
• Strong analytical skills, reliability, and sense of responsibility
• Fluency in English, German is a plus.