Application Security Engineer

Your role in the team

• Our recently established Application Security Team is part of E.ON's Cyber Security Unit. We provide oversight of application security practices, we work closely with other entities and units to enhance harmonization and standardization. Our main aim is to ensure application security is integrated into every step of the software development lifecycle (SDLC) and agile processes.

• Support the development and roll out of the application security roadmap.

• Work closely with development and operations teams to support and enforce security practices.

• Provide security guidance early in the software development lifecycle to help identify threats and mitigate potential risks.

• Closely collaborate with Technology Platform teams to integrate security tooling and processes in CI/CD pipelines.

• Guide developers on secure coding practices and help fix identified vulnerabilities.

• Execute application security training and awareness programs for developers.

What we offer

• We grow and we want you to grow with us. Learning on the job, exchanging with others, or taking part in individual training - our learning culture enables you to bring your personal and professional development to the next level.

• You have 30 days of paid vacation per year plus Christmas and New Year's Eve off. Your battery still needs charging? You can exchange parts of your salary for more paid vacation or you can take a sabbatical.

• You can combine coming to the office and working from home flexibly. It's even possible to go on a workation for up to 20 days per year within Europe.

• From car and bike leasing offers to a subsidised Deutschland-Ticket - your way is our way.

• With our company pension scheme and a great insurance package we take care of your future.

Our expectations:

Qualifications

• Proven track record in application security or software development.

• Knowledge of common application security risks (e.g., OWASP Top 10) and how to mitigate them.

• Understanding of application security activities e.g. secure coding, threat modeling, vulnerability management.

• Fluency in German and English is mandatory.

Experience

• Good experience with scripting languages.

• Solid experience with application security tools like SCA, SAST, or DAST.

Benefits

• Jobbike

• Summer and Christmas Bonus

• Company Restaurant

• Flexible Working Hours

•

•

• Employee Parking Space

• Company Retirement Provision

• Educational Leave/Sabbatical

• Fitness Offers

• Workation

• Day Care for Kids