Security Software Engineer - Berlin, Cologne, Remote

Chance to work from home or one of our offices —we trust you to find what works best for you Stipend for one of the following: home office, co-working space, or relocation Flexible working hours 28 days paid vacation Your choice of hardware and setup Personal and professional development budget Monthly child care stipend for children under 6 Offsite team days and annual summer company retreats in Cologne Company-sponsored hackathons Privacy Notice When you apply, you’ll be automatically forwarded to our recruitment platform operated by an external service provider called Greenhouse (seated in the US). Greenhouse collects some information on its website, such as anonymous usage statistics, by using cookies, server logs, and other similar technology.

Current openings:

Get to know us

eyeo is an open-source software company that builds products like Adblock Plus, Adblock Browser and Flattr. By leveraging distribution partnerships, we bring ad-blocking technology everywhere, giving users control over their online experience while offering creators, publishers and advertisers more ways to earn money for the free content they provide.

In combining our reach based on distribution partnerships and our own products, our technology runs on over 150 million devices.

At eyeo, we’re passionate about user agency, personal privacy, sustainability and keeping the web an open, fair resource for everyone.

How we work

eyeo colleagues are based all over the world. We practice agile and work in distributed, cross-functional teams that span nearly every timezone. Many of our tech teams prefer to work asynchronously.

What you'll do

Keep us safe, keep our users safe, keep our code safe.
Make eyeo’s products more secure and help develop this culture of security within the company.

After your morning coffee, you'll be expected to...

  • Build, implement and maintain information security tools
  • Automate security controls, create security reviews of software applications, and work on process and procedure improvements to reduce risk
  • Understand and apply best practices with focus on Application Security in the SDLC
  • Communicate security risks and solutions to business partners and IT staff
  • Work closely with product and platform teams to implement, upgrade and monitor security controls and measures
  • Provide coaching and support to the teams, including secure design, code reviews and tooling
  • Assess current security posture and future architecture, providing a viable solution path to bridge the gap that balances security risks and product advancement.

Support the SecOps team in the following tasks:

  • Response and remediaiion on active attacks on enterprise assets
  • Risk assessment and Threat Modelling
  • Internal pentest and 3rd party pentest
  • Providing security guidelines to eyeo operations team, feedback on security policies, technical support on audits (Internal & External)

What you bring to the table...

  • 3 years experience minimum C++, Java (preferably on android sdk)
  • Familiar with OWASP Secure Coding Practices
  • Strong preference for working experience with security tools, using static code analysis, dynamic code analysis, and 3rd-party library assessment tools
  • Experience in Threat Modelling
  • Bachelor's degree in Computer Science or related field or equivalent working experience
  • Deployment (CI/CD) processes/concepts, REST API technology and methods and common security vulnerabilities and fixes
  • Current understanding of industry security trends and emerging threats
  • Knowledge and understanding in various disciplines: threat intelligence, IAM, key management systems, data security, application security, web application and browser security, security protocols, vulnerability management.
  • Knowledge and understanding of attack surfaces

It's awesome, but not required, if you have...

  • Experience in intrusion analysis and detection and can provide solutions
  • Experience in ethical hacking, penetration testing or being a member of a red team.
  • Familiarity with various cybersecurity-related frameworks and compliance standards (SOC 2, NIST, BSI, ISO 27001, etc.)
  • Certifications related to security (such as Security+, GSEC, GCIH, GCIA, CISSP, NCSF, OSCP etc)

What we offer

  • Chance to work from home or one of our offices —we trust you to find what works best for you
  • Stipend for one of the following: home office, co-working space, or relocation
  • Flexible working hours
  • 28 days paid vacation
  • Your choice of hardware and setup
  • Personal and professional development budget
  • Monthly child care stipend for children under 6
  • Offsite team days and annual summer company retreats in Cologne
  • Company-sponsored hackathons

Privacy Notice

When you apply, you’ll be automatically forwarded to our recruitment platform operated by an external service provider called Greenhouse (seated in the US). Greenhouse collects some information on its website, such as anonymous usage statistics, by using cookies, server logs, and other similar technology. For more information, please refer to Greenhouse’s Privacy Policy. All documents and information provided by you are stored with Greenhouse. In order to ensure an adequate level of data protection, eyeo and Greenhouse have entered into the EU Standard Contractual Clauses (“processors”) - Commission Decision C(2010)593. You can request a copy of this by contacting us at privacy[at]eyeo.com. If you don’t want your data forwarded to Greenhouse, please do not apply. For detailed and further information, please refer to our Privacy Policy at https://eyeo.com/en/privacy.

 

Why work here