Information Security Engineer

Chemnitz − Dresden

Staffbase is an enterprise SaaS platform that helps HR and Communication leaders to transform their organizations into places where people feel connected and proud to come to work. Staffbase is the first employee experience platform to let employers and employees connect authentically, right through their mobile phone.

Headquartered in Chemnitz, Germany, Staffbase is a global company with  offices in Dresden, Cologne, Amsterdam, New York and London! Our international team of more than 200 happy employees from 20+ nationalities serve a rapidly expanding portfolio of customers who want to revolutionize  the employee experience. Founded 5 years ago, we have strong-growing revenue, and our customers love us.

We are looking for an Information Security Engineer to join the team! Staffbase offers the opportunity to grow in a dynamic environment and to be part of our exciting mission! This is a full-time position on a permanent contract and should be based in Chemnitz (HQ), Dresden or Leipzig.

We create and operate our product safely and efficiently and we like to design our business processes in a flexible way to quickly react on changing information security requirements. Every staff member is consciously aware of relevant information security in their daily work.
We want to use secure established standard solutions and services to ensure a high level of information security, enabling us to protect information in the cloud from cyber attacks.

  • You understand, facilitate and refine security requirements, helping our teams as a council when working on new features
  • You establish a security culture and guidelines, especially with regards to automating DevSecOps and tooling
  • You make sure that our processes stay pragmatic and lean, focussing on productivity
  • Together with our CISO, you will perform penetration tests
  • You continuously stay up-to-date with security advancements and industry trends, teaching best practices to our engineering teams
  • You review architectures and even code for critical changes

Your Profile

  • You hold a degree in Computer Science or a related field, preferably with a specialisation in security or web engineering
  • You have a solid understanding of both SaaS cloud and web technologies (HTTPS, browser, ...)
  • You are already familiar with at least some of our tech stack (Linux, Kotlin, Java, JavaScript, Go, hybrid app development, open source software)
  • You have experience in reading code
  • Always putting security first, you are eager to continuously improve our product  infrastructure, team and organisation
  • You are curious about industry best practices and ready to grow into an expert role 
  • OWASP is your bible
  • You have a conscientious style of working
  • Previous experience in scrum and agile would be a great asset
  • You can communicate fluently in English

 

Benefits & environment

  • Work with like-minded people and top tech talent.
  • We try to be agile and not just do agile. Our organisation, processes, architecture and tech stack is constantly evolving and improving. 
  • We love technology.
  • We value sustainable pace and work-life balance and we know the importance of team events outside of a work environment. Also, we value “You Build it, you run it”.
  • Hackathons, meetups, coding dojos, LAN parties, laser tag, weekly talks at our Devquila and many more awesome things.
  • Budget for conferences, workshop and so on. Next to that every employee gets a personal growth budget of 1800€ + 1 day (2 days after the first year).
  • Notebook of your choice as well as a home office setup is of course included in the package. Same goes for drinks and snacks in our office.