Skip To Main Content
epam-logo-black.svgepam-logo-black.svg
backBack to Search

Senior Security Engineer (m/f/d)

Hybrid in Germany: Frankfurt am Main, Germany: Berlin
Security.Engineering& 8 others
Looking for something else?

Find a vacancy that works for you. Send us your CV to receive a personalized offer.

Find me a job
Choose an option

We're looking for a Senior Security Engineer (m/f/d) to join our team in Germany in a hybrid working mode.

In this role, you will be focused on building security solutions that help organizations monitor, assess and improve the security posture of open-source software. You will work on a platform that provides unified visibility into open-source vulnerabilities and delivers security ratings for open-source libraries, enabling risk-based decision-making for development teams.

The role combines expertise in DevSecOps, vulnerability management and automation to design, implement and iterate security solutions integrated into modern development workflows. You will collaborate with engineers across disciplines to deliver scalable, secure and efficient security products.

Responsibilities
  • Contribute to the design and enhancement of solutions for open-source vulnerability monitoring and security ratings
  • Integrate and improve security controls in CI/CD pipelines using GitHub Actions and automation tools
  • Apply DevSecOps principles and secure software development practices across the engineering lifecycle
  • Collaborate with cross-functional teams to ensure stability, scalability and compliance of delivered solutions
  • Share knowledge, drive continuous improvement and uphold secure engineering effectiveness within the team
Requirements
  • Strong background in security engineering, DevSecOps orchestration and security-as-code
  • Knowledge of open-source security concepts, including Software Composition Analysis and license compliance
  • Understanding of vulnerability management processes, CVSS scoring and remediation strategies
  • Hands-on experience securing CI/CD pipelines with GitHub Actions or similar tools
  • Familiarity with common security standards, secure SDLC and open-source security frameworks
  • Excellent collaboration, communication and problem-solving skills
Nice to have
  • Knowledge of OSS security monitoring platforms and compliance tools
  • Experience in creating security automation scripts and workflows
  • Familiarity with integrating security gates into build/test pipelines
  • Background in continuous improvement practices for security, risk mitigation and compliance auditing