isecjobs.com

InfoSec Engineer

Munich

Full Time Mid-level / Intermediate EUR 34K - 79K * est.
Company logo

Hawk

Award-winning AML & CFT technology powered by explainable AI increases your risk coverage, helps you identify more crime, and reduces your false positives.

View all jobs at Hawk

Apply now Apply later

About Us 

Hawk is the leading provider of AI-supported anti-money laundering and fraud detection technology. Banks and payment providers globally are using Hawk’s powerful combination of traditional rules and explainable AI to improve the effectiveness of their AML compliance and fraud prevention by identifying more crime while maximizing efficiency by reducing false positives. With our solution, we are playing a vital role in the global fight against Money Laundering, Fraud, or the financing of terrorism. We offer a culture of mutual trust, support and passion – while providing individuals with opportunities to grow professionally and make a difference in the world. 

Your Responsibilities:

  • Application Security:

    • Perform security code reviews, static application security testing (SAST), and dynamic application security testing (DAST) to identify and remediate vulnerabilities in our applications, particularly within our Kubernetes-based, high-velocity release environment.

    • Collaborate closely with engineering teams to integrate security best practices into the entire Software Development Lifecycle (SDLC) and foster a "security-by-design" mindset.

    • Provide expert guidance on secure coding practices, threat modeling, and security architecture to development teams.

  • Cloud & Infrastructure Security:

    • Design, implement, and maintain security controls for our multi-cloud (AWS, Google Cloud) and on-premises infrastructure, with a strong focus on Kubernetes security, network segmentation, identity and access management (IAM), and data protection.

    • Conduct regular security assessments, vulnerability scans, and penetration testing on our cloud environments and critical infrastructure.

    • Automate security processes and controls within our CI/CD pipelines to ensure continuous security validation and compliance.

  • Security Operations & Tooling:

    • Evaluate, implement, and manage security tools and technologies, including Cloud Security Posture Management (CSPM), Cloud Workload Protection Platforms (CWPP), and Security Information and Event Management (SIEM) solutions.

    • Develop and maintain security monitoring, alerting, and logging capabilities to detect and respond to security incidents proactively.

    • Participate in security incident response activities, including investigation, containment, and remediation of security breaches.

  • Corporate IT Security Support:

    • Provide technical expertise and support for improving corporate IT security, including the implementation of Single Sign-On (SSO), Mobile Device Management (MDM), and Endpoint Detection and Response (EDR) solutions.

    • Collaborate with external IT agencies to ensure security standards are met and effectively managed.

  • Vulnerability Management:

    • Support the ongoing vulnerability management program, including the triage, prioritization, and tracking of identified vulnerabilities.

    • Work with engineering teams to ensure timely remediation of critical and high-severity vulnerabilities.

  • Continuous Improvement:

    • Stay abreast of the latest security threats, vulnerabilities, technologies, and industry trends, translating this knowledge into actionable security improvements for Hawk.

    • Contribute to the development and refinement of information security policies, standards, and procedures from a technical implementation perspective.

Your Profile:

  • Bachelor's degree in Information Security, Computer Science, or a related technical field.

  • Minimum of 5 years of hands-on experience in information security, with a strong focus on security engineering, application security, or cloud security.

  • Proven expertise in securing cloud environments (AWS, Google Cloud preferred) and deep understanding of Kubernetes security best practices.

  • Strong practical experience with security testing methodologies and tools (e.g., SAST, DAST, penetration testing, vulnerability scanning).

  • Proficiency in scripting languages (e.g., Python, Bash) for security automation.

  • Solid understanding of DevSecOps principles and experience integrating security into CI/CD pipelines.

  • Familiarity with security operations, incident response processes, and security monitoring tools (e.g., SIEM, EDR).

  • Knowledge of common security frameworks and standards (e.g., NIST, CIS Benchmarks).

  • Experience with corporate IT security concepts, including SSO, MDM, and endpoint security.

  • Excellent analytical, problem-solving, and troubleshooting skills.

  • Strong communication and collaboration skills, with the ability to articulate complex technical concepts to both technical and non-technical audiences.

  • Relevant technical certifications such as AWS Security Specialty, Certified Kubernetes Security Specialist (CKS), OSCP, or similar are highly desirable.

  • Fluency in English is required; German is a plus.

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  0  0
Category: Security Engineering Jobs

Tags: Application security Automation AWS Bash CI/CD Cloud Compliance Computer Science CSPM DAST DevSecOps EDR Endpoint security GCP IAM Incident response Kubernetes Monitoring NIST OSCP Pentesting Python SAST Scripting SDLC Security assessment SIEM SSO Vulnerabilities Vulnerability management Vulnerability scans

Region: Europe
Country: Germany

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Security Operations Engineer jobsSystems Engineer jobsProduct Security Engineer jobsSystems Administrator jobsSenior Security Analyst jobsCybersecurity Editor jobsCybersecurity Content Editor jobsSenior Information Security Analyst jobsInformation Security Manager jobsCyber Security Specialist jobsSenior Network Security Engineer jobsIT Security Analyst jobsChief Information Security Officer jobsSenior Information Security Engineer jobsSecurity Consultant jobsInformation System Security Officer (ISSO) jobsSecurity Specialist jobsIT Security Engineer jobsSenior Product Security Engineer jobsInformation Systems Security Engineer jobsCyber Threat Intelligence Analyst jobsSenior Cyber Security Engineer jobsSenior Software Engineer jobsSecurity Operations Analyst jobsCyber Security Architect jobs
Encryption jobsBash jobsJava jobsCEH jobsTS/SCI jobsThreat detection jobsSplunk jobsSDLC jobsTerraform jobsTop Secret jobsSQL jobsSOC 2 jobsMalware jobsIDS jobsRMF jobsIPS jobsFinance jobsForensics jobsDocker jobsCompTIA jobsActive Directory jobsITIL jobsOWASP jobsIntrusion detection jobsVPN jobs
Ansible jobsHIPAA jobsGIAC jobsCRISC jobsIT infrastructure jobsTCP/IP jobsOSCP jobsClearance Required jobsDoDD 8570 jobsCCSP jobsZero Trust jobsDNS jobsMITRE ATT&CK jobsData Analytics jobsSOX jobsSOAR jobsIndustrial jobsArtificial Intelligence jobsJira jobsMachine Learning jobsJavaScript jobsBanking jobsNIST 800-53 jobsCISO jobsUNIX jobs