Skip to sign up

Job matched to your search

N

Cybersecurity Engineer - Cloud, Ops (human)

Neura Robotics Gmbh · Stuttgart

Stuttgart · On-siteFull-TimePosted 2mo ago

Free · Join 5,000+ job seekers using Qarera

How well do you match this role?

Tap the skills you already have — then see your real match score, what’s missing, and your resume fixed for this job.

↑ tap the skills you have
Loading sign-in…
Free · no credit card · 30 seconds

Job description

Our Systems Engineering Department turns market demands into safe, certifiable, and competitive robot systems — spanning software, hardware, safety, and certification. Join us to shape the next generation of human-robot systems and find extraordinary opportunities at the intersection of security, compliance, and cutting-edge robotics.

YOUR MISSION & CHALLENGES

  • Secure Cloud-Native Platforms: Secure cloud-native platforms (AWS EKS, Lambda, API Gateway, IoT Core, S3) via least-privilege IAM, network segmentation, secrets management, and policy-as-code (Terraform/AWS Organizations).

  • Own the AppSec Toolchain: Operate SAST (Semgrep/SonarQube), DAST (ZAP/Burp), SCA, and container/IaC scanning in GitLab CI/CD; extend coverage to Kubernetes manifests and supply chain.

  • Drive Vulnerability Management: Run risk-based vulnerability management: CVSS + exploitability rating, SLA-driven remediation tracking, and structured closure evidence for internal KPIs and regulatory reporting.

  • Perform Threat Modeling: Conduct STRIDE threat modeling across microservices, edge, and AI/ML inference pipelines; translate findings into architecture decisions.

  • Support NIS2 Compliance: Own NIS2 Art. 21 measure documentation, incident notification workflows (24h/72h), and supply-chain security assessments for cloud dependencies.

  • Define Secure Coding Standards: Define and enforce secure coding and API standards (Python, TypeScript, C++; OAuth2/OIDC, JWT) and deliver developer-oriented remediation guidance embedded in engineering workflows.

  • Lead Secure Architecture Reviews: Lead secure architecture reviews for cloud-native and AI-adjacent systems; assess AI/ML pipeline security controls (SageMaker, Triton, ONNX) and model supply chain risks.

  • Bridge to Embedded Security: Align cloud threat models and security controls with the embedded cybersecurity team to maintain end-to-end integrity from robot controller to cloud backend.

WHAT WE CAN LOOK FORWARD TO

  • Education & Certification: Degree in Computer Science, Cybersecurity, or Software Engineering; OSCP or AWS Security Specialty is a differentiator.

  • Track Record: 3–5 years in application or cloud security with demonstrated ownership of AppSec tooling and vuln management in a product environment — not advisory only.

  • Security Fundamentals: Hands-on command of OWASP Top 10/ASVS, cloud security posture (AWS preferred), and DevSecOps tooling (SAST, DAST, SCA) — not just theoretical.

  • Vulnerability Management Process: Proven vuln management lifecycle: CVSS + exploitability triage, SLA-driven closure, and audit-ready documentation.

  • Regulatory Familiarity: Working knowledge of NIS2, EU CRA, ISO 27001, or IEC 62443; able to translate findings into compliance documentation for internal governance and external audit.

  • Technical Skills: Python/Bash proficiency; hands-on with container and Kubernetes security, IaC scanning, and AWS governance tooling (Config, SCPs, GuardDuty).

  • AI/ML Pipeline Exposure: Exposure to AI/ML pipeline security (SageMaker, Triton, ONNX) and model supply chain risks is a significant differentiator.

  • Collaboration & Communication: Communicates security risk clearly to engineering and management; written outputs audit-ready. Interfaces effectively with embedded security, certification, and external auditors.

Don’t just read the job — see if you’ll get it.

Get your match score, a resume tailored to this exact role, and jobs like it — free.

Check my fit for this job
Loading sign-in…
Apply →