Job matched to your search
Senior Security and Compliance Engineer (m/f/d)
Codesphere Β· Munich
Free Β· Join 5,000+ job seekers using Qarera
How well do you match this role?
Tap the skills you already have β then see your real match score, whatβs missing, and your resume fixed for this job.
Job description
ABOUT CODESPHERE
Codesphere is a Virtual Cloud Provider from Germany building the future of sovereign cloud infrastructure. Our platform gives enterprises and governments full sovereignty without giving up modern cloud capability β a vision recently validated by a series of multi-million European government tenders.
Since our founding in Karlsruhe in 2020, weβve expanded into an international team of 60+ experts. Based in Karlsruhe and Munich and backed by top-tier investors, we are chasing a bold vision.
Weβre scaling fast and would love for you to join us and grow alongside us π
ABOUT THE ROLE
Codesphere runs cloud infrastructure that enterprises and governments depend on β security is not an afterthought, it's a foundation. As a Senior Security & Compliance Engineer (m/f/d), you own the security posture of our platform: from vulnerability management and incident response to compliance frameworks and developer enablement.
WHAT YOU'LL DRIVE
-
You conduct security assessments, penetration testing, and vulnerability scanning β and drive remediation with development teams
-
You manage security scanning tooling (DAST/SAST) and perform security code reviews
-
You design and implement security controls across our full technology stack, defining and enforcing standards for development, infrastructure, and data
-
You integrate security into our CI/CD pipelines and development processes β Shift Left and DevSecOps in practice, not just on paper
-
You develop and maintain our Security Incident Response Plan, monitor security logs via SIEM, and lead forensic analysis when needed
-
You ensure compliance with relevant standards and regulations β including GDPR and ISO 27001
-
You manage IAM systems with a least privilege approach
-
You develop and deliver security awareness training for the whole company β and specialised secure coding training for engineering teams
WHAT MAKES YOU A GREAT FIT
-
5+ years in a security engineering or similar role, ideally in a cloud or SaaS environment
-
Hands-on experience with penetration testing, vulnerability management, and DAST/SAST tooling
-
Solid understanding of DevSecOps principles and CI/CD security integration
-
Familiarity with SIEM tools, incident response, and forensic analysis
-
Knowledge of relevant compliance frameworks β GDPR, ISO 27001, and ideally BSI IT-Grundschutz
-
Strong communicator β able to translate security risks into clear guidance for both technical and non-technical audiences
-
Fluent in English; German is a strong plus given the nature of our compliance landscape
Β
WHAT'S IN IT FOR YOU
-
30+ vacation days β including Christmas Eve and New Year's Eve, adding up to 32 days per year
-
Meal allowance β up to 15 digital meal vouchers per month, worth up to β¬7.67 each
-
Flexibility β hybrid work setup with mobile work options and flexibility around core hours
-
Steep learning curve β fast-moving environment, real ownership, and a front-row seat to scaling a company
-
Job-Rad β lease a bike through us, tax-free
-
Gym access β stay active on site (Karlsruhe office only)
-
Employee events β from team offsites to regular get-togethers
-
Company pension scheme β company-supported pension to set you up for later
-
Great public transport links β both offices are within walking distance of tram and metro stops
More jobs in Munich
Donβt just read the job β see if youβll get it.
Get your match score, a resume tailored to this exact role, and jobs like it β free.
Check my fit for this job