Senior Application Security Engineer (m/w/d)

About Us

Your team, the JTL Security Team, is a technical, developer-focused team at the heart of the company. We ensure the security of the JTL Group against a wide range of IT security threats. Together with our development teams, we design secure products and services – for both on-premise and the growing cloud sector. You can expect a diverse and demanding field that requires both technical excellence and strategic thinking.

Responsibilities

• You will further develop our Secure Software Development Lifecycle – from architecture through CI/CD to operations.
• You will integrate security into the daily development routine: IDE plugins, SAST, Security Unit Tests, Golden Images.
• You will analyze risks (Threat Modeling) and help teams deal with them pragmatically.
• You will coach developers and product owners on security matters – on an equal footing.
• You will make security measurable, understandable, and scalable.

Requirements

• You have completed a degree in computer science or a comparable field.
• You have at least 5 years of experience in Application Security with a focus on Secure Development.
• You possess sound knowledge in at least one programming language, as well as in scripting and automation.
• You have a solid understanding of modern security standards and frameworks such as OWASP ASVS or NIST.
• You work independently, with high technical expertise and a pragmatic approach.
• You can communicate complex security requirements clearly and understandably.
• Your German (at least C1) and English skills are very good, both written and spoken.

Desirable:

• You have experience with Snyk or other security tools.
• You understand the developer's perspective and have practical experience in software development.
• You have knowledge in the introduction of RPA and GenAI solutions.

Team

Your potential new team currently consists of one Cyber Security Specialist and your Team Lead.

Application Process

• To get to know each other and clarify initial skills, there will be an approximately 1-hour digital Teams interview with the Team Lead of the ERP Development department.
• If there is continued interest from both sides, we want you to get to know the team and the team to get to know you. Therefore, there will be an approximately 2-3 hour taster day where you will get to know the work in the team and the team in general. You will also receive a short trial task that you should solve independently and which will be discussed afterwards.
• If both you and the team determine after the taster day that it's a great fit, you will receive your permanent contract from us in the next step, and we will welcome you to the JTL family :)