IT Security Consultant / DevSecOps Specialist - Los 11

IT Security Consultant / DevSecOps Specialist - Los 11

Job Openings IT Security Consultant / DevSecOps Specialist - Los 11

About the job IT Security Consultant / DevSecOps Specialist - Los 11

NAXCON GmbH, located in the heart of Freiburg, is at the forefront of the German IT and engineering industry.

Our experts have extensive knowledge in software and hardware development, state-of-the-art electronics, and future-oriented technologies such as artificial intelligence and virtual reality.

We are not only dedicated to project work for our customers, but also intensively pursue in-house innovation projects as well as research & development. Renowned companies from a wide range of German industries place their trust in us—demonstrating the outstanding expertise and commitment of our engineers.

Position : IT Security Consultant / DevSecOps Specialist

Type : Full-time/Mostly remote

Position Overview

We are seeking an experienced IT Security Consultant / DevSecOps Specialist to support enterprise‑level IT security initiatives, secure software development processes, and modern DevSecOps environments. The role focuses on strengthening cybersecurity standards across infrastructure, applications, cloud environments, CI/CD pipelines, and operational platforms.

The position involves close collaboration with development teams, infrastructure specialists, security architects, and operational stakeholders to ensure secure system architectures, vulnerability management, compliance, and continuous security improvement within highly regulated enterprise and public‑sector environments.

The role includes both strategic consulting and hands‑on technical implementation in areas such as application security, secure software development lifecycle (SSDLC), container security, identity management, monitoring, automation, and security operations.

Key Responsibilities

IT Security & DevSecOps

• Design, implement, and optimize secure DevSecOps processes and workflows
• Integrate security controls into CI/CD pipelines and automated deployment environments
• Conduct security assessments, vulnerability analysis, and risk evaluations
• Support security hardening for applications, servers, databases, containers, and cloud platforms
• Develop and maintain security concepts, policies, and technical documentation
• Implement security monitoring, logging, and incident response measures
• Support identity and access management concepts, authentication, and authorization mechanisms
• Analyze and remediate security vulnerabilities across enterprise environments
• Contribute to secure architecture design for modern distributed systems and APIs

Security Operations & Compliance

• Ensure compliance with organizational security standards and regulatory requirements
• Support audits, penetration testing activities, and remediation planning
• Assist in implementing security best practices aligned with BSI standards and enterprise governance
• Coordinate with infrastructure, development, and operations teams regarding security‑related topics
• Monitor security incidents and support troubleshooting activities
• Participate in security reviews, technical workshops, and operational coordination meetings

Automation & Platform Security

• Automate security checks and compliance validations
• Support container and Kubernetes security concepts
• Implement secure infrastructure‑as‑code and configuration management practices
• Support secure cloud and hybrid infrastructure operations
• Contribute to performance optimization and operational stability from a security perspective

Requirements

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field; alternatively equivalent professional experience
• Several years of professional experience in IT security, cybersecurity consulting, DevSecOps, or secure infrastructure environments
• Strong experience with DevSecOps methodologies and security automation
• Experience with CI/CD tools and secure deployment pipelines
• Practical experience with container technologies such as Docker and Kubernetes
• Experience with scripting or automation technologies such as PowerShell, Bash, Python, or similar
• Knowledge of vulnerability management, penetration testing concepts, and security monitoring
• Experience with authentication technologies, PKI, encryption, and identity management
• Knowledge of cloud and hybrid infrastructure security
• Experience with logging, monitoring, and SIEM‑related concepts
• Familiarity with ITIL‑oriented operational processes is considered beneficial
• Strong analytical, troubleshooting, and problem‑solving skills
• Ability to work independently in complex technical environments
• Strong communication and stakeholder coordination skills
• Very good German language skills and good English language skills
• Willingness to work in security‑sensitive environments and undergo security clearance procedures

Preferred Skills

• Experience with public‑sector or highly regulated enterprise environments
• Experience with secure container orchestration platforms
• Knowledge of infrastructure security, network security, and API security
• Familiarity with automated testing and security scanning tools
• Experience with Git‑based development workflows and modern DevOps platforms
• Certifications such as CISSP, CEH, Security+, ISO 27001, Kubernetes Security, or similar are advantageous
• Hybrid working model with regular on‑site presence
• Collaboration within interdisciplinary technical and operational teams
• Participation in enterprise‑scale infrastructure and digital transformation projects
• Long‑term projects with modern technologies and security‑focused environments

What we offer

• Join a cosmopolitan and internationally mixed team: We welcome individuals from all backgrounds and cultures to contribute their unique perspectives and talents to our team.
• Polish your German language skills: If you are looking to improve your German language skills, we offer a supportive environment where you can practice and develop your language abilities: whether you are a beginner or an advanced speaker.
• Benefit from a fixed contact person from the company: We understand the importance of having a reliable point of contact within the company. That is why we assign a dedicated contact person who will provide guidance and support throughout your employment with us.
• Professional growth and development: With us, our engineers can immerse themselves in new industries or projects after just 1‑2 years and actively transfer knowledge.
• Enjoy regular team events with the company: We believe in the power of team building and fostering positive relationships within the workplace. That is why we organize regular team events to promote collaboration and strengthen our team bonds.
• Competitive compensation package: At NAXCON, we believe that our engineers are our greatest asset. That is why we offer a comprehensive and competitive compensation package that includes a salary commensurate with experience and expertise.