Security Engineer - Project 3

About the job

Security Engineer - Project 3. NAXCON GmbH, located in the heart of Freiburg, is at the forefront of the German IT and engineering industry. Our experts have extensive knowledge in software and hardware development, state-of-the-art electronics, and future-oriented technologies such as artificial intelligence and virtual reality. We are not only dedicated to project work for our customers, but also intensively pursue in-house innovation projects as well as research & development. Renowned companies from a wide range of German industries place their trust in us - demonstrating the outstanding expertise and commitment of our engineers.

Position

Security Engineer

Location

Hamburg, Germany

Type

Full-time / 2-4 days on-site per month

Minimum requirements

• At least 2 years of experience with agile development in Scrum or Kanban
• At least 2 years of experience with JIRA and Confluence
• At least 1 year of experience with documenting functional requirements & technical solutions
• Business fluent German
• At least 3 years of experience in application security, especially with regard to digital products
• At least 2 years of experience with OWASP standards
• At least 2 years of experience in the security assessment of mobile applications
• At least 2 years of experience in the security assessment of web applications
• At least 2 years of experience in the security assessment of backend applications (backend for frontend)
• At least 2 years of experience in the security assessment of networks and cloud solutions
• Software development skills in at least one scripting language and a framework such as Spring Boot

Requirements

• Experience with BSI basic protection requirements
• Experience in security-critical projects with knowledge of relevant standards, e.g., ISO 27001
• Experience in dealing with threat and security analyses as well as risk assessments
• Experience in authorization frameworks, in particular Open Authorization 2.0 and OpenID Connect
• At least 1 year of experience with knowledge of public key infrastructures, X.509
• Experience in assessing and exploiting vulnerabilities (e.g., through penetration tests)
• Experience in projects with data protection requirements according to EIDAS Substantial/High
• At least 1 year of experience with key exchange procedures
• Experience in cryptography algorithms
• At least 1 year of experience in software development (application of different programming languages)
• Experience in source code analysis with regard to security
• Experience with SAST & DAST tools in software development
• Experience in the statutory health insurance environment
• Experience with security-compliant development, e.g., according to BSI-TR-03107 & BSI-TR-03161
• At least 1 year of experience in the (further) development of a secure software development life cycle
• Experience with documentation according to standards such as Arc42
• Several years of development experience in multiple frameworks
• Experience with telematics infrastructure such as electronic patient records
• Experience with Gematik specifications
• Experience in penetration testing
• Experience in threat modeling

What we offer

• Join a cosmopolitan and internationally mixed team: We welcome individuals from all backgrounds and cultures to contribute their unique perspectives and talents to our team.
• Polish your German language skills: If you are looking to improve your German language skills, we offer a supportive environment where you can practice and develop your language abilities.
• Benefit from a fixed contact person from the company: We assign a dedicated contact person who will provide guidance and support throughout your employment with us.
• Professional growth and development: Engineers can immerse themselves in new industries or projects after just 1-2 years and actively transfer knowledge.
• Enjoy regular team events with the company: We organize team events to promote collaboration and strengthen our team bonds.
• Competitive compensation package: A salary commensurate with experience and expertise.

#J-18808-Ljbffr