Senior Security Systems Engineer - Offensive Security (all genders)

The ROLE AND THE TEAM

As a Senior Security Systems Engineer in the AppSec Offensive Security team, you will be responsible for developing, maintaining, and integrating security automation tools that enhance our security testing and vulnerability management capabilities. This role is not a penetration testing or red teaming position but focuses on building and maintaining security tooling for vulnerability management, offensive security, and security scanning. You will work in a Hybrid Cloud environment (AWS and on-prem) to ensure seamless automation, deployment, and integration of security tools.

WHERE YOUR EXPERTISE IS NEEDED

• Develop and maintain security automation tools (e.g., external attack surface scanning, pentest reporting tools).

• Manage and integrate vulnerability scanning tools (e.g., Tenable, Rapid7, Qualys, Anchore Grype, Trivy) with the Vulnerability Management System.

• Deploy and maintain security tooling on cloud (preferably AWS/GCP/etc.) and automation frameworks.

• Build APIs and integrations between security tools to improve automation and streamline workflows.

• Optimize, enhance, and maintain existing security tooling to support offensive security operations.

• Work closely with the Offensive Security team to understand tooling needs and continuously improve security automation.

• Contribute to technical documentation and knowledge sharing within the team.

WHAT WE’RE LOOKING FOR

• Proven experience in developing and maintaining security automation tools.

• Strong hands-on experience with AWS, and infrastructure automation.

• Strong experience in scripting and programming (Python, Bash, GoLang, or similar).

• Experience working with APIs and system integrations for security tools.

• Experience with Infrastructure as Code (Terraform, CloudFormation, Ansible, etc.) is a plus.

• Experience deploying and maintaining vulnerability scanning tools (e.g., Tenable, Rapid7, Qualys, Anchore Grype, Trivy).

• Familiarity with Kubernetes security topics is a plus.

• Experience with working with unstructured data is a plus.

• Strong problem-solving skills and ability to work autonomously within a fast-paced security environment.

• Excellent communication skills in English

PERKS AT WORK

• Culture of trust, empowerment and constructive feedback, commitment, meetups, game nights, 70+ internal technical and fun guilds, knowledge sharing through tech talks, internal tech academy and, product demos, parties & events

• Competitive salary, employee share shop, 40% Zalando shopping discount, discounts from external partners, centrally located offices, public transport discounts, municipality services, great IT equipment, flexible working times, additional holidays and volunteering time off, free beverages and fruits, diverse sports and health offerings

• Extensive onboarding, mentoring, and personal development opportunities and an international team of experts

• Relocation assistance for internationals, PME family service, and parent & child rooms* (*available in select locations)