Associate in physical security team at Starling, supporting incident management and risk assessments. Collaborating with law enforcement and overseeing physical security practices.
About the role
- Senior Security Engineer managing security across the company for an AI healthcare startup. Overseeing vulnerability management and incident response to enhance security standards.
Responsibilities
- Manage security across the company, including running the bug bounty program, reviewing incoming reports, coordinating fixes, and maintaining automated security updates.
- Design and enforce secure architecture and engineering practices that prevent vulnerabilities and raise security standards across all teams.
- Regularly test infrastructure and applications to find weaknesses early and strengthen the organization's security.
- Lead security incident response with urgency, reducing detection and fix times while driving long-term improvements.
- Ensure ongoing compliance with security frameworks and certifications, playing a key role in achieving and maintaining HIPAA and C5.
- Monitor emerging threats and assess their impact on services to keep systems resilient in a high-stakes healthcare environment.
Requirements
- Several years of experience in vulnerability management, incident response, or security engineering in cloud-native environments.
- Strong backend engineering fundamentals, ideally with Kotlin.
- Hands-on security expertise across modern infrastructure including Linux, networking, storage, Kubernetes/Docker/containers, AWS cloud services, Infrastructure-as-Code/GitOps, and databases such as PostgreSQL, Redis, MongoDB, and DynamoDB.
- Several years of experience in assessing vulnerabilities, prioritizing risks, and designing effective long-term solutions.
- A proactive mindset, you identify weaknesses before they can be exploited.
- Clear communication and collaboration skills that influence and elevate teams.
- Experience working with security or compliance frameworks such as HIPAA, SOC 2, or C5 is beneficial but not required.
Benefits
- 30 vacation days plus your birthday off
- Germany Transport Ticket
- Urban Sports Club
- Regular company off-sites
- Access to learning platforms such as Blinkist and Audible
- Flexible working hours and a good hybrid set-up.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Senior/Lead SailPoint ISC Engineer developing IAM solutions at Truist. Collaborating with teams to support governance, streamline role management, and enhance identity lifecycle management.
IT Security Administrator managing security controls and protecting Uline's systems from threats. Collaborating with IT teams and enhancing security posture in a growing North American enterprise.
AVP of Network Security Governance at LPL Financial focused on enterprise security and networking projects, requiring extensive IT security and architecture expertise.
Manager in PwC's Identity and Access Management team focusing on cybersecurity through advanced technologies and strategies. Leading client engagements and mentoring junior staff while maintaining project success.
Manager in Cybersecurity at PwC overseeing threat intelligence strategies and team management. Liaising with stakeholders and maintaining project success while mentoring junior staff.
Product Security Manager responsible for operational security and compliance for RIB Software products, leading security reviews and risk assessments. Collaborates with multidisciplinary teams to ensure secure development practices.
Product Security Manager responsible for securing RIB Software products by executing SDL requirements and ensuring compliance throughout product lifecycles.
Cyber Supplier Qualification Specialist guiding suppliers through cyber security compliance for a defence program. Collaborating with stakeholders and supporting risk management and assurance processes.
SAP Security Architect and Team Lead ensuring security for vital defence systems. Overseeing audits and managing a team of SAP specialists in a hybrid working environment.