Full Time
Application Security Engineer: IT Security & Penetration Testing/ 1 week ago
ABOUT YOU SE & Co. KG
Attractive
Application ends: 2026-02-06
Quick Summary
This Application Security Engineer role in Hamburg requires at least 2 years of hands-on IT Security experience, focusing on penetration testing, ethical hacking, and implementing robust security measures. Key responsibilities include conducting regular pentests and code reviews, advising on AWS/Kubernetes infrastructure security, and automating auditing processes using Python/Bash scripting and Gitlab CI. Candidates must be proficient in Linux, have hands-on experience with AWS and tools like Burpsuite, and possess good knowledge of Python and PHP. Fluent English is required.
Company Description
Join one of Europe’s fastest-growing eCommerce companies. Our IT Security unit’s Application Security circle is dedicated to protecting our online shop, corporate systems, and customers.
Application Security Engineer: IT Security & Penetration Testing
We are seeking an Application Security Engineer to join our team. In this role, you will actively hack internal systems, design, and implement robust security measures to safeguard our infrastructure, applications, and data. You will collaborate closely with security engineers, developers, and IT teams to enforce security best practices, automate security processes, and respond effectively to emerging threats.
What will you do
- Conduct regular penetration tests and comprehensive code reviews.
- Advise on the setup and maintenance of applications and infrastructure, typically hosted in AWS/Kubernetes environments.
- Triage monitoring events efficiently.
- Optimize and automate security auditing processes. This includes setting up attack infrastructure, writing scripts in Python / Bash, and implementing security scanning within Gitlab CI.
Who you are
- At least 2 years of hands-on experience in the IT Security field.
- Proven experience in pentesting, ethical hacking, bug bounties, and utilizing related tooling (e.g., Burpsuite).
- Proficient in Linux for the purpose of vulnerability detection.
- Hands-on, security-related experience with a major cloud solutions provider; AWS is preferable.
- Good knowledge of a programming language (like Python).
- Good knowledge of PHP.
- Fluent English: spoken and written communication skills are required.
Nice to have:
- Knowledge of Laravel.
- Ability to read and understand JavaScript.
- Experience with incident response activities.
- Experience with web application firewalls and CDN providers, such as Cloudflare or Akamai.
- Experience with Gitlab CI/CD Pipelines.
Benefits
Grow together with one of the fastest growing eCommerce companies in Europe. We offer:
- Flexible working times (10 AM - 4 PM German Time Zone as core working-time).
- 40% discount on our online shop.
- Fresh fruits + drinks everywhere.
- Language courses (German & English).
- Free sports courses & reduced price for gym membership.
- Subsidized public transportation ticket.
- Free choice of hardware and operating system (Mac, Windows, Linux), also for private usage.
- State-of-the-art tech stack running on AWS.
- Modern office in the city center of Hamburg.
- International working environment with English as the company language.
- Company flats (subject to availability).
- Agile work environment (MOVE) and cross-functional teams.
- Free access to Germany’s greatest developer conference code.talks.
- Free access to online learning platforms like Laracast, Egghead, and A Cloud Guru.
- Help in relocation and VISA process.