Application Security Engineer (m/w/d)

As a leading company in the field of software solutions for healthcare, we operate in 19 countries and employ over 9,000 dedicated staff members. You will work in a dynamic and innovative environment full of opportunities. With your commitment and passion, you have the chance to make a lasting difference. Together, we are shaping the healthcare system of the future. Become part of our mission and make a difference – for a world where knowledge saves lives! Your contribution: Serve as an authority on security best practices related to software development, platform infrastructure, and operational processes, ensuring that security considerations are prioritized at every stage of project development.

Work closely with developers, architects, and testers to seamlessly embed security measures within the Software Development Life Cycle (SDLC), fostering a culture of security awareness and proactive risk management.

Lead security reviews and threat modeling sessions aimed at uncovering potential security risks inherent in software, codebases, and cloud infrastructure. This isolated the architecture and implementation for vulnerabilities.

Engage in code reviews to evaluate security-related aspects of the code. Provide constructive feedback and actionable recommendations to enhance the security posture of the codebase.

Support the definition and implementation of security requirements and controls throughout product development and infrastructure design. Additionally, aid in choosing and deploying the appropriate security tools and technologies to continueify product security while keeping abreast of the threats and vulnerabilities for informed decision-making.

What you bring along: Deep understanding of security principles, best practices, and frameworks (e.g., OWASP, NIST, ISO 27001) or willingness to train to acquire expertise.

Proficiency in threat modeling to identify potential threats and vulnerabilities in systems and applications.

Strong foundation in secure coding practices to guide developers in writing resilient and secure code.

Skills in risk management effectively to assess and priority security risks while recommending appropriate mitigation strategies.

Familiarity with DevSecOps practices, integrating security into the DevOps pipeline, and understanding compliance and regulatory requirements (e.g., GDPR, HIPAA); background in computer science or related fields, relevant experience and certifications, and strong analytical, problem-solving, and communication skills.

What you can expect from us: Feel Good Management: We offer you fresh food daily with a diverse selection of dishes. You can also shape your workday in a hybrid manner, working remotely two days a week.

Health: Take advantage of the gym and attend our free sports classes.

Childcare: Our on-site kindergarten allows for a more flexible working arrangement.

Events: Participate in internal events and activities, which take place regularly both on-site and remotely.

Ergonomics: Design your workspace to meet your ergonomic needs, allowing you to work comfortable and healthily on-site.

Diversity is part of CGM! We look forward to your application harmonisation of ability, gender, nationality, ethnic and social background, religion, age, as well as sexual orientation and identity. Convinced? Apply online now with your comprehensive application documents (including salary expectations and your cold start date). JOBV1_EN