Lead Security Engineer (m/f/d) - Remote

Permanent employee, Full-time

Your Position
xentral is growing and growing and so is our application, aside from tackling our legacy (let’s be honest, who isn’t?) we are testing new waters in development and we also are building up infrastructural teams which will be vital to the business as we grow – we need to be able to scale.

We are about to enter a period of Hypergrowth, which means our infrastructure and our security will need to keep up to facilitate this.

You will be the first hire into our Security Team, and will be responsible for its implementation throughout the business, so you will need to be prepared to be hands on, to make decisions but also to understand the business goals, and how we can optimise our infrastructure.
Your tasks
  • Create and deliver an effective Security Operations and testing programme.
  • Help evaluate and recommend new and emerging security products and technologies.
  • Implement Security Incident and Event monitoring solutions to ensure potential security incidents are correctly identified, analysed, defended, investigated, and reported.
  • Actively monitor the threat landscape for current or emerging threats as well as carrying out threat modelling which can guide the actions of the SOC.
  • Automation of security and compliance capabilities in support of DevSecOps processes (SDLC).
  • Review existing infrastructure and identify opportunities to embed security by design.Monitor and analyse activity on networks, servers, endpoints, databases, applications, websites.
  • Lead and Implement required Security Tooling for Vulnerability assessments in both code and supporting cloud infrastructure.Carry out application security testing (SAST, DAST...).
  • Help coordinate IAM activities to provide secure, controlled access to systems and services.
  • Conduct penetration tests to validate resiliency and identify areas of weakness to fix
  • Recommend how to optimize security monitoring tools based on threat hunting discoveries.
  • Advise or take a lead in aspects of IT security governance.
Your profile
  • You have a proven and strong depth of expertise in cyber and information security. ideally with hands-on experience in web and mobile security for critical 24/7 applications
  • You’re experienced with security in a DevOps environment and have knowledge of agile methodologies
  • You have a comprehensive knowledge of Web/API application security, and cloud and containers technology (Kubernetes, AWS).
  • You have experience in penetration testing and security tooling (Burp proxy, Web/Network Scanners, Static code analyzers, etc.).
  • You’ve performed security design reviews, threat modelling and risk assessments.
  • You carry good analytical and reasoning skills with a passion for technology, the internet economy and mobile applications.
  • You have extensive knowledge of Internet security issues, cloud architectures, and threat landscape.
About us
We are an established tech startup with major tech investors Frank Thelen, Sequoia Capital and Visionaries Club on our side. We are aiming at defining a new SaaS category and empower entrepreneurs and e-commerce vendors to automate their resource planning and focus on the things that matters most to them: their business. We grow all over the world, join us fully remote or in one of our hubs in Augsburg, Amsterdam, Munich or Berlin. You decide!
Your application!
Does that sound interesting? Then send us your CV and we will get back to you within a few days.

We are looking forward to your application!

Please upload your CV, optionally your recent certificates as well as a brief cover letter (in total max. 20 MB).

Click to select multiple files or use drag-and-drop
Click to select multiple files or use drag-and-drop

Uploading document. Please wait.