Werkstudent in Cyber Security supporting Security Consultants in Munich. Assisting in security assessments and documentation while gaining practical experience in the field.
About the role
- Software Security Specialist enabling developers to build secure software and mitigate vulnerabilities at PNC. Focus on coaching, mentoring, and providing security expertise to software development teams.
Responsibilities
- Responsible for enabling developers to create more secure software through coaching and mentoring developers and provides subject matter expertise to Application Security programs
- Works with developers to help them create more secure code
- Manages projects and tasks related to developer
- Sets secure coding standards and requirements with team
- Coaches developers on language specific coding techniques to avoid or remediate coding flaws.
Requirements
- Deep expertise guiding development teams in remediating common application vulnerabilities, including OWASP Top 10, API security, and secure design principles
- Proven hands-on experience performing threat modeling to identify and mitigate risks in software
- Practical experience building and implementing strong authentication solutions
- A genuine passion for secure software development, with the ability to clearly articulate its importance
- Strong analytical skills to identify gaps in the Software Development Lifecycle (SDLC) and recommend actionable improvements
- Hands-on experience with secure design, security architecture, and implementing software security solutions
- Ability to work both independently and collaboratively within cross-functional teams
- Familiarity with Agile development methodologies (e.g., Scrum, Kanban)
- Experience with SAST, DAST, RASP, and integrating security into CI/CD pipelines
- Excellent communication and relationship-building skills
- Hands-on experience with secure coding and secure by design practices
- Knowledge of software security frameworks such as BSIMM or SAMM
- Strong technical skills in application security, product security
- Relevant certifications such as CSSLP, SANS GWAPT
- Experience securing public cloud environments (e.g., AWS, Azure, GCP)
- Background in software development
- Familiarity with tools like SD Elements or similar platforms
- Ability to define and track security metrics and reporting
- Proven hands-on experience designing, building, and securing AI systems in production environments
- Led or contributed to a Security Champions program to promote secure development practices and foster cross-functional security awareness.
Benefits
- medical/prescription drug coverage (with a Health Savings Account feature)
- dental and vision options
- employee and spouse/child life insurance
- short and long-term disability protection
- 401(k) with PNC match
- pension and stock purchase plans
- dependent care reimbursement account
- back-up child/elder care
- adoption, surrogacy, and doula reimbursement
- educational assistance, including select programs fully paid
- a robust wellness program with financial incentives
- paid time off, depending on your eligibility: maternity and/or parental leave; up to 11 paid holidays each year; 8 occasional absence days each year; between 15 to 25 vacation days each year, depending on career level; and years of service.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Cyber Security Werkstudent supporting security consultants in customer projects and gaining insights into information security challenges. Assisting with risk analysis, documentation, and internal security tasks.
Lead Cybersecurity Manager providing cybersecurity support and compliance with Federal and DoD cybersecurity policies. Ensuring secure integration of network components in Army environments.
Mental Health Security Specialist for Florida's DCF ensuring safety and security of patients and staff. Patrols facility, responds to emergencies, conducts safety inspections, and handles incidents.
Expert in information security with a focus on managing penetration tests for a leading financial services provider. Involves cloud transformation and regulatory compliance in a dynamic team environment.
Staff Offensive Security Engineer at RD Saúde concentrating on Adversary Emulation and Purple Engineering. Improving adversary simulations and defenses through collaboration and structured plans.
Senior Cybersecurity Engineer at RD Saúde focusing on security solutions like SIEM and incident response. Collaborating with teams for continuous improvement in organizational security measures.
Head of Product Security leading the security strategy and engineering functions at Our Future Health. Managing a multidisciplinary security team to drive secure, trusted product development.
Information Systems Security Officer managing security oversight of federal systems. Conducting assessments and addressing cybersecurity risks in government projects.
Information Systems Security Officer ensuring compliance with security standards for U.S. Department of Commerce systems. Conducting oversight activities and managing cybersecurity risks overall.