Senior Security and Compliance Engineer (m/f/d)

codesphere · Munich

ExclusiveRemoteFull-timeSeniorposted 11h ago

Apply directly on codesphere’s careers site — no account needed.

Get the next jobs like this one by email

One free alert to apply before the crowd — jobs land straight from company career pages. One-click unsubscribe.

About the role

About Codesphere

Codesphere is a Virtual Cloud Provider from Germany building the future of sovereign cloud infrastructure. Our platform gives enterprises and governments full sovereignty without giving up modern cloud capability – a vision recently validated by a series of multi-million European government tenders.

Since our founding in Karlsruhe in 2020, we’ve expanded into an international team of 60+ experts. Based in Karlsruhe and Munich and backed by top-tier investors, we are chasing a bold vision.

We’re scaling fast and would love for you to join us and grow alongside us 🚀

About the role

Codesphere runs cloud infrastructure that enterprises and governments depend on – security is not an afterthought, it's a foundation. As a Senior Security & Compliance Engineer (m/f/d), you own the security posture of our platform: from vulnerability management and incident response to compliance frameworks and developer enablement.

What you'll drive

  • You conduct security assessments, penetration testing, and vulnerability scanning – and drive remediation with development teams

  • You manage security scanning tooling (DAST/SAST) and perform security code reviews

  • You design and implement security controls across our full technology stack, defining and enforcing standards for development, infrastructure, and data

  • You integrate security into our CI/CD pipelines and development processes – Shift Left and DevSecOps in practice, not just on paper

  • You develop and maintain our Security Incident Response Plan, monitor security logs via SIEM, and lead forensic analysis when needed

  • You ensure compliance with relevant standards and regulations – including GDPR and ISO 27001

  • You manage IAM systems with a least privilege approach

  • You develop and deliver security awareness training for the whole company – and specialised secure coding training for engineering teams

What makes you a great fit

  • 5+ years in a security engineering or similar role, ideally in a cloud or SaaS environment

  • Hands-on experience with penetration testing, vulnerability management, and DAST/SAST tooling

  • Solid understanding of DevSecOps principles and CI/CD security integration

  • Familiarity with SIEM tools, incident response, and forensic analysis

  • Knowledge of relevant compliance frameworks – GDPR, ISO 27001, and ideally BSI IT-Grundschutz

  • Strong communicator – able to translate security risks into clear guidance for both technical and non-technical audiences

  • Fluent in English; German is a strong plus given the nature of our compliance landscape

What's in it for you

  • 30+ vacation days – including Christmas Eve and New Year's Eve, adding up to 32 days per year

  • Meal allowance – up to 15 digital meal vouchers per month, worth up to €7.67 each

  • Flexibility – hybrid work setup with mobile work options and flexibility around core hours

  • Steep learning curve – fast-moving environment, real ownership, and a front-row seat to scaling a company

  • Job-Rad – lease a bike through us, tax-free

  • Gym access – stay active on site (Karlsruhe office only)

  • Employee events – from team offsites to regular get-togethers

  • Company pension scheme – company-supported pension to set you up for later

  • Great public transport links – both offices are within walking distance of tram and metro stops

Skills

  • JavaScript
  • TypeScript
  • Python
  • Go
  • Rust
  • Java
  • Kotlin
  • Swift
  • C
  • C++
  • C#
  • Ruby
  • PHP
  • Scala
  • Elixir

Get the next jobs like this one by email

One free alert to apply before the crowd — jobs land straight from company career pages. One-click unsubscribe.

Similar jobs

Senior Security and Compliance Engineer (m/f/d) — codesphere · Real Job Offers