Senior Security Engineer (f/m/d)

Orbem is an impact-driven deep-tech startup from Munich, Germany. We develop fast, accurate, and accessible imaging solutions that provide access to otherwise unattainable sources of knowledge.

We seek to make a difference – and develop solutions to sustainably feed the world, accelerate the transition to a green economy, and transform disease detection.

Join us on our mission to unleash AI-powered imaging for everything and everyone.

Senior Security Engineer (f/m/d)

• Starting date: As soon as possible

• Yearly Salary: €70,000 - €75,000 (fixed range, annual gross)

• Equity: €20,000 - €40,000 in company shares

• Benefits: Up to €5,000 annually

• Work model: Full-time, Hybrid (based in Munich)

Your role

As a Senior Security Engineer, you will be at the forefront of protecting our platform and data. You will architect, implement, and maintain a robust security posture that safeguards our systems and enables secure, efficient software delivery. Your work will directly impact Orbem’s core operations by ensuring the trust and safety of our platform for our teams and customers both in the cloud and at customer sites. You will be instrumental in creating a scalable and resilient security infrastructure, which is a crucial element in solving some of the world's most challenging problems. You will collaborate closely with cross-functional teams to champion security best practices and enhance our defenses across the entire company.

Your day-to-day

As a Senior Security Engineer, you will be an integral part of the Platform team, which is a key component of our Core department. Your primary focus will be:

• Architecting, building, and maintaining our security infrastructure to counter emerging threats.

• Conducting regular security assessments, penetration testing, and vulnerability scans across cloud and edge environments to identify and remediate risks.

• Developing and implementing security policies and procedures to ensure compliance with industry best practices and regulations.

• Integrating security into our CI/CD pipeline (DevSecOps) to automate security testing and validation.

• Leading incident response efforts, including investigation, mitigation, and post-mortem analysis.

• Acting as a security champion to improve the developer experience by providing security tools and promoting self-service security practices.

• Collaborating with various stakeholders (architecture board and product teams)  on architectural decisions to ensure security is embedded from the start.

• Driving continuous improvement initiatives to enhance security posture, optimize performance, and manage costs effectively.

• Designing, implementing, and managing security solutions for data protection (DLP, encryption, data lifecycle management) and identity/access management (IAM, PAM) across hybrid environments.

Requirements

Your experiences and skills

Fit to our values

• We own every challenge: we enjoy complexity and thrive under uncertainty.

• We strive for better: we seize any opportunity for growth and challenge the status quo. We are constantly learning and improving.

• We imagine new frontiers: we think beyond ‘doable’ and ‘reasonable’. We design a sustainable and healthy future together.

Technical Expertise

• You have a deep and practical understanding of enterprise security, with hands-on experience in system hardening across various operating systems (Linux, Windows) and network devices.

• You possess extensive knowledge and proven experience in conducting penetration tests and vulnerability scanning, and you are proficient with the relevant tools (e.g., Metasploit, Nessus, Burp Suite).

• You have significant experience with Security Information and Event Management (SIEM) systems, including deployment, configuration, and creating effective correlation rules and alerts.

• You are an expert in incident response, with a track record of managing security incidents from detection and containment through to eradication and recovery.

• You are proficient in designing, implementing, and managing robust backup and disaster recovery solutions for both cloud (GCP native, SaaS) and edge environments.

• You have a strong understanding of Information Security Management Systems (ISMS) and frameworks like ISO 27001.

• You have WAF and intrusion detection/prevention systems (IDP/IDS)

• You are fluent in at least one scripting language, such as Python or Shell, for automating security tasks.

What makes you stand out from other candidates

• Proactive Threat Hunter: You don't just wait for alerts. You have a passion for proactively identifying and mitigating threats, performing threat modeling, and hunting for vulnerabilities in our systems before they can be exploited.

• ISMS Architect: You have proven experience not just working within but architecting and implementing an Information Security Management System (ISMS) from the ground up, aligning security controls with business objectives.

• Incident Response Commander: You have experience leading and commanding the response to major security incidents, coordinating cross-functional teams under pressure, and communicating effectively with technical and non-technical stakeholders.

• Security Automation Expert: You are an expert at automating security operations. You have a history of building scripts and tools to automate repetitive tasks, from vulnerability scanning and patching to compliance checks and incident response actions.

• Master of Defense in Depth: You move beyond single layers of security, architecting sophisticated, multi-layered defense-in-depth strategies that are resilient and adaptable to emerging threats.

• Security Mentor: You are passionate about sharing your knowledge and elevating the security expertise of the entire organization, acting as a mentor to junior team members and a security champion for development teams.

  
  

Behavioral competencies

• Customer-Obsessed: You consistently place the developer experience (DevEx) and the security of our end-customers' deployments at the forefront of all planning and execution. You actively seek to understand developer pain points and are relentless in their pursuit of a frictionless engineering environment.

• Strategic & Visionary Thinker: Instead of just responding to tickets, they develop a clear vision and strategic roadmap for internal platforms. They think about the long-term health, scalability, and usability of the tools and services they provide.

• High Degree of Ownership: The candidate takes end-to-end ownership of the developer experience. They are accountable for the reliability, documentation, and continuous improvement of the internal toolchain, treating it with the same rigor as a customer-facing product.

• Empathetic Communicator & Collaborator: You excel at building strong relationships with development teams. You proactively gather feedback, clearly communicate changes, and champion the "why" behind their initiatives, ensuring buy-in and smooth adoption.

• Data-Driven Prioritization: They don't guess what developers need; they use data. By analyzing metrics on build times, deployment frequency, onboarding speed, and support requests, they make informed decisions to focus on initiatives that deliver the most value.

  
  

Innovating the status quo

• You enjoy bringing together perspectives from all team members and departments.

• You have a practical approach to product building and road mapping.

• You iterate fast, ensuring up-to-date knowledge integration.

What we offer

International Environment: Join a team with 40+ nationalities across 5 continents, all driven by a shared purpose: shedding light on the world’s toughest challenges.

Attractive Compensation Package:

• Stock Options: Share in Orbem’s success.

• Visa & Relocation Support: Seamless support for your move to Germany.

• Learning & Development: €1,750 annual budget for personal growth.

• Fitness Membership: Access to Urban Sports Club or Wellpass.

• Childcare Reimbursement: Support for Kita/Kindergarten fees.

• Deutschland Ticket: Full coverage of public transportation.

Work-Life Integration:

• Flexible Hours & Home Office: Work when and where it suits you.

• WFH Perks: Get €185 to upgrade your home office + a sleek external monitor on us!

• 30 Days Paid Leave: Plenty of time to recharge.

• Personal Leave: Flexibility for life’s important moments.

• Work from Anywhere: Experience new cultures and environments for up to 60 days per year.
  

Make a Difference: Join an ambitious, fast-growing team working on breakthrough technology. In our scale-up environment, you’ll have the freedom to lead your projects and make an impact. We provide a platform for you to explore, innovate, and define your vision for the future. At Orbem, we’re committed to helping you discover your strengths, and while we aim to teach you, we also want to learn from you.  

Your team

As a Senior Security Engineer, you become part of our diverse and international Infrastructure team. Learn more about the team members, their work, and their challenges here: www.orbem.ai 

At Orbem, we're committed to building a smart, diverse team, and we recognize that self-doubt can prevent talented individuals from applying. If you feel you don't meet every requirement, we'd love to hear from you anyway!