Application Security Engineer (m/w/x) - For German Resident Only

About Schwarz Digits

Schwarz Digits schafft das technologische Fundament für digitale Entscheidungsfreiheit in Europa. Als IT- und Digitalsparte der Schwarz Gruppe entwickeln und verantworten wir einerseits die IT-Infrastrukturen für die Handelssparten Lidl und Kaufland sowie die Schwarz Produktion und PreZero. Gleichzeitig agieren wir als unabhängiger Anbieter am externen Markt, um Unternehmen in ganz Europa bei ihrer digitalen Transformation zu unterstützen. Unsere Kernleistungen bündeln wir in den Bereichen Cloud, Cyber Security, Data & AI, Communication und Workspace. Trage auch du zur digitalen Entscheidungsfreiheit in Europa bei.

Bei uns arbeitest du an der Schnittstelle zwischen Agilität und Sicherheit: Du profitierst von den schnellen Entscheidungswegen, genießt echte Gestaltungsspielräume in deinen Projekten und baust dabei auf das stabile Fundament der Schwarz Gruppe.

Your Tasks

• You verify vulnerabilities from automated web application scans with your deep understanding of attack vectors, identify false positives, and continuously optimize scan policies.
• You specifically use AI-powered tools and automation solutions to accelerate analysis processes and continuously improve service quality.
• You ensure that modern interfaces such as REST, GraphQL, and SOAP are not only superficially but also deeply and automatically checked for vulnerabilities.
• You guarantee the stable operation of scans in hybrid networks (on-prem & cloud) without impacting core business and confidently resolve technical hurdles with routing or firewalls.
• You act as a knowledge multiplier and mentor for your colleagues, sustainably document processes, and thus support the future expansion of the team.
• You evaluate existing systems and processes regarding their up-to-dateness and flexibly prioritize your tasks within the team according to their impact and relevance for the company.

Your Profile

• You have successfully completed a degree with a focus on computer science and have at least 3 years of professional experience in web application pentesting.
• You communicate confidently in German (B2 level) and English (B2/C1 level).
• You impress with deep web app scanner & API know-how, are a power user of relevant DAST tools, and understand exactly how to thoroughly examine complex web applications and APIs – including setting up automated scans with logins/credentials.
• You possess in-depth knowledge in the automated security of modern interfaces (REST, GraphQL, SOAP) and their thorough testing.
• You ideally have programming and scripting skills to automate manual routines and develop efficient AI workflows.
• You have a fundamental understanding of (hybrid) infrastructure, cloud technologies, or Kubernetes to independently solve scanner connections and troubleshooting within the team.
• You are characterized by a proactive, service-oriented way of working and have the ambition to continuously develop yourself and the service within the team.