Software Security & Assurance Engineer (m/f/d)

Mission Brief

As our first Software Assurance Engineer, you are the hands‑on architect of our "Secure Quality" program. This is a mission‑critical, technical role to design, build, and operate our software assurance framework from the ground up.

We believe that security and quality are not separate functions but are two sides of the same coin. Your mission is to architect and implement the automated tools (SAST, SCA, QA) and processes that empower our engineers to write secure, high‑quality code from day one. This is a unique opportunity to be the founding "builder‑architect" who will embed a culture of mission assurance into our most critical products.

Your Role in Our Space Mission

• Architect our Secure SDLC: Design, implement, and operate our technical Secure Software Development Lifecycle (SSDLC) framework, from threat modelling to secure coding standards.
• Build the DevSecOps Pipeline: Lead the selection, implementation, and integration of our Application Security (AppSec) toolchain (SAST, DAST, SCA). You will build this capability from scratch and be the primary technical owner for automating it within our CI/CD pipeline.
• Build the Quality Framework: Architect, build, and maintain the frameworks for automated functional and regression testing. Your goal is to enable development teams to self‑service their quality assurance, not to be a manual tester.
• Manage Software Vulnerabilities: Lead the technical vulnerability management process for all in‑house and third‑party code. This includes triaging findings from security tools, validating risks, and partnering with engineering for remediation.
• Drive Secure Coding Practices: Serve as the "Security Champion" within engineering, providing expert consultation, training, and documentation on secure coding, testing, and cryptographic best practices.
• Support Product Security Compliance (CRA): Act as the technical lead for our compliance with the EU Cyber Resilience Act (CRA), helping to generate Software Bills of Materials (SBOMs) and ensure our products meet "secure‑by‑design" requirements.

Qualification Checklist

• Experience: 5+ years of hands‑on experience in a technical role that blends Software Development, Quality Assurance, or Application/Product Security.
• SSDLC & DevSecOps Expertise: A proven track record of building and implementing a secure SDLC. You must have hands‑on experience selecting, deploying, and integrating AppSec tools (SAST, DAST, SCA) into a modern CI/CD pipeline (e.g., GitLab CI, Jenkins).
• Quality Assurance Automation: Demonstrable experience in designing, building, and managing automated QA testing frameworks (e.g., Selenium, Playwright, pytest, Robot Framework).
• Strong Coding & Scripting Skills: Proficiency in at least one programming language (like Python, Go, C++, or C#) and extensive scripting experience are mandatory.
• Communication & Collaboration: Ability to work as a technical partner with engineering teams, translating complex security and quality concepts into actionable guidance.
• Language: Fluent and professional communication skills in English are mandatory. Proficiency in German is a significant plus given our core operations and regulatory environment in Germany.

Bonus Skills

• Industry Context: Experience in aerospace, defense, high‑tech manufacturing, or OT/ICS environments.
• Safety‑Critical Systems: Familiarity with high‑reliability or safety‑critical software standards (e.g., DO‑178C, MISRA C).
• Cloud‑Native Security: Experience securing containerised (Docker/Kubernetes) and cloud‑native application environments.
• Certifications: Professional certifications such as CSSLP, GWEB, or advanced QA certifications (e.g., CTFL) are highly valued.
• Pragmatism and Drive: You are a highly autonomous professional who is passionate about building, automating, and enabling teams to create world‑class, secure software.
• A Mission‑Critical Mindset: You understand that in our business, a software defect doesn't just cause a blue screen, it can lead to a "Rapid Unscheduled Disassembly" (RUD). You thrive in an environment where quality and security are not just goals, but a prerequisite for mission success.

Benefits

• Employee Participation Program: Share in our success through our virtual company share program.
• 30 days of vacation: Enjoy the days off to relax and recharge.
• Company pension plan: Secure your future with our company pension plan, featuring a 20% employer contribution after the probation period.
• Subsidised lunch: Stay energised with delicious, subsidised lunches every day.
• Public transport ticket: Commute with ease using a fully financed Deutschlandticket.
• Sport Clubs membership: Stay fit with our sponsored sports club memberships (EGYM Wellpass).
• Individual learning allowance: Grow your skills with an individual learning budget granted after the probation period.
• Childcare allowance: Receive a childcare allowance for your non‑school‑age children.
• And Much More! Discover additional perks and benefits when you join our team.

Who we are

We are Isar Aerospace and we are at the forefront of New Space building a modern space business to enable faster, better and cheaper access to space.

Our mission is to help democratise space and use it for good in order to improve life on Earth now and for the future generations.

We are a fast‑growing company aiming to provide sustainable and environmentally friendly launch solutions for small and medium‑sized satellites and constellations into Low Earth Orbit. The company is privately funded by world‑leading technology investors with strong commitment and support and our team is made of driven and talented people with a real passion for space innovation.

We're making rockets in a way that hasn't been done before disrupting a traditional industry. If you are up for the challenge, want to work on cutting‑edge projects and be part of a team changing the world for better, come, join us and launch your career!

Want to find out more about us?

Visit