4 days ago
Security Engineer
AutoScout24
On Site
Full Time
€75,000
Berlin, Berlin, Germany
Job Overview
Job TitleSecurity Engineer
Job TypeFull Time
CategoryCommerce
Experience5 Years
DegreeMaster
Offered Salary€75,000
LocationBerlin, Berlin, Germany
Who's the hiring manager?
Sign up to PitchMeAI to discover the hiring manager's details for this job. We will also write them an intro email for you.
Job Description
About the Security Engineer Role at AutoScout24
Join the AutoScout24 security team and be part of our Information Security team, a highly skilled group supporting all our teams to build and run secure digital products. We have understood that cybersecurity is an essential part of our business and including it in all our initiatives is natural. We are looking for a Security Engineer who really cares – for you!
What You'll Do
- Own end-to-end risk management. You’ll identify areas of risk, assess our environment and validate whether the risk is present, build detective and preventive controls to quickly identify indicators, track risks in our risk registry, and partner with teams to mitigate issues.
- Design and build security products and ensure they align with our infrastructure strategy and integrate smoothly into the software development lifecycle.
- Define and improve our security best practices and lead initiatives to increase their company-wide adoption.
- Promote adoption of the security products our team provides and support other teams in understanding our best practices and applying them to their use cases and needs.
- Be responsible for multiple technical areas or processes within the team. Lead technical discussions and improvements around them.
- Participate in the on-call rotation and “cop of the day” duties: triage and respond to security alerts, support user requests, monitor our tools for errors, and coordinate with engineering teams as needed.
- Implement security compliance controls owned by our team for SOC 2 and PCI, and support the GRC team in the broader compliance effort.
- Investigate and remediate security incidents, and occasionally serve as the incident commander.
What We're Looking For
- A genuine interest and passion in security.
- More than two years of working experience as a Security Engineer.
- Hands-on experience with AWS and a solid understanding of secure architecture and secure development principles in cloud environments.
- Strong knowledge of common attack vectors and defense strategies (for example, OWASP Top 10).
- Experience designing and building security products, ideally leveraging open-source solutions.
- Experience partnering with software engineers and providing security guidance throughout the software development lifecycle.
- Deep understanding of SAST and other code security detective and preventive controls and their integration in development process and pipelines of engineers.
- Proficiency with at least one programming language (preferably Python but it's not a must).
- Experience with our stack of technologies: (AWS, CDK, ECS, Docker), SaaS solutions (e.g. GitHub, SonarQube, Okta), Python based backend tools and authentication protocols (OAuth and OpenID).
- Enjoy working with Unix environments and command-line tools.
- Experience using AI and GenAI to improve engineering productivity, automate repetitive tasks, and streamline workflows. A proactive approach to exploring and adopting AI tools that help teams move faster. Understanding of emerging AI-related threats and practical approaches to reducing those risks.
You Will Succeed In This Role If You
- Enjoy solving large-scale, complex challenges.
- Take ownership of the solutions you design and build, seeing them through from idea to production.
- Pragmatically balance short- and long-term priorities and make decisions based on data.
- Are comfortable with ambiguity and enjoy tackling open-ended problems.
- You have a customer-first mindset and care about improving developer experience by applying effective, well-designed security controls.
- You make every system you work inherently better.
- A pragmatic view of GenAI: you understand its limitations and risks and know how to put guardrails in place (reviews, tests, policies) to keep usage safe, compliant and sustainable at scale.
A Culture of Growth
With over 50 nationalities represented, we’re proud to welcome people of all backgrounds to our growing community, and we’re always finding new ways to help people feel welcomed and included. Here, you’ll have the tools, training and support you need to work in a way that suits you, learn new skills and reach your potential.
For a career where you can drive our business and shape your future, apply now.
Key skills/competency
- Cloud Security
- Risk Management
- AWS Architecture
- Secure SDLC
- SAST
- Incident Response
- Compliance (SOC 2, PCI)
- Python Programming
- OWASP Top 10
- Generative AI Security
How to Get Hired at AutoScout24
- Research AutoScout24's culture: Study their mission, values, recent news, and employee testimonials on LinkedIn and Glassdoor.
- Tailor your resume: Customize your resume to highlight experience in AWS security, secure SDLC, and risk management, using keywords from the Security Engineer job description.
- Showcase cloud security expertise: Prepare to discuss practical experience with AWS, secure architecture, and implementing SAST controls in development pipelines.
- Demonstrate passion for security: Be ready to share examples of personal projects, certifications, or contributions that reflect a genuine interest in cybersecurity.
- Highlight problem-solving skills: Practice articulating how you've tackled complex security challenges and balanced pragmatic solutions with long-term goals.
Frequently Asked Questions
Find answers to common questions about this job opportunity
01What is the AutoScout24 security team's approach to cybersecurity?
02What cloud environment experience is critical for a Security Engineer at AutoScout24?
03How does AutoScout24 integrate security into the software development lifecycle?
04What compliance standards will a Security Engineer work with at AutoScout24?
05What programming language proficiency is preferred for the Security Engineer role at AutoScout24?
06How does AutoScout24 view the use of AI in security engineering?
07What are the primary responsibilities during the Security Engineer's on-call rotation at AutoScout24?
08What types of security products will I be designing as a Security Engineer at AutoScout24?
09How can I demonstrate my understanding of common attack vectors during the interview for Security Engineer at AutoScout24?
10What is AutoScout24's company culture like for a Security Engineer?
Explore similar opportunities that match your background