Senior Cloud Security Engineer m/f/d for Munich

YOUR TASKS

• Oversee and enhance security measures for our cloud-based infrastructure and microservices applications, ensuring robust protection and compliance.
• Develop and implement security best practices for cloud deployments, automation, monitoring, and incident response to mitigate risks and maintain a secure environment.
• Proactively monitor and address cloud security incidents, conducting root cause analysis, and driving remediation to minimize impact.
• Work closely with cross-functional teams to identify vulnerabilities, develop security controls, and implement effective solutions.
• Participate in security audits, assessments, and penetration tests to maintain compliance with ISO 27001, SOC 2, and other relevant standards.
• Conduct risk and vulnerability assessments, identifying gaps and implementing mitigating controls.
• Create and maintain comprehensive security policies and procedures for cloud-native applications, including container, API, and microservices security.
• Leverage Infrastructure as Code (IaC) tools (e.g., Terraform, ARM templates) to automate security controls, compliance checks, and integrate with Azure DevOps pipelines.
• Keep up-to-date with the latest security trends, threats, tools, and best practices, particularly in cloud-native and container security domains.

YOUR CAPABILITIES

Required Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
• At least 3 years of experience securing cloud infrastructure, with a strong focus on microservices environments.
• Solid understanding of standards like ISO 27001, SOC 2, NIST, CIS, GDPR, and best practices for cloud security.
• Proven experience with cloud security tools and WAF solutions, such as Azure Cloud Defender, Cloudflare, or Akamai.
• Skilled in monitoring, incident response, and threat detection within cloud environments.
• Strong grasp of network security, including firewalls, IDS/IPS, VPNs, and cloud-native security services.
• Strong analytical and problem-solving skills, with the ability to work independently or as part of a collaborative team.
• Excellent communication skills to engage with both technical and non-technical stakeholders.

Preferred Qualifications

• Background in securing SaaS platforms, with knowledge of cloud-native architectures and microservices patterns.
• Experience integrating security into CI/CD pipelines using Azure DevOps and familiarity with DevSecOps practices.
• Expertise in securing containerized environments, with a strong understanding of runtime security, container isolation, vulnerability scanning, and best practices for hardening containers.
• Expertise in Infrastructure as Code (IaC) tools (e.g., Terraform, ARM templates) and automation scripting (Python, Bash, PowerShell).
• Understanding of Zero Trust security principles and their application in cloud environments.
• Experience with security logging, monitoring, and incident management tools.

WE OFFER

• Onboarding: Newbies Day in Munich, 5-week onboarding with training and workshops, buddy program 
• Benefits: Participation in company success, employee stock program, Germany Ticket job pass, Pluxee vouchers, corporate benefits 
• Company Culture: Flexibility through hybrid work (work from home/work from EU), 30 days of vacation, diversity and inclusion team, (virtual) employee events (e.g., summer camps), barista in the headquarters, volunteer day 
• Career and Development: Career model with expert and leadership tracks, ATOSS Academy, LinkedIn Learning 
• Health Initiatives: Check-ups, health campaigns, Wellhub, JobRad, company doctor 
• Security and Stability: Stock exchange presence in the German SDax and TecDax, over 30% EBIT-Marge, Scale-up, 18 years with record sales and earnings, visibility, future product