As a member of the Cyber Protection - Detect & Prevent team, you'll collaborate with cybersecurity experts across three locations: Eschborn, Luxembourg, and Prague. Your responsibilities will include overseeing secret scanning for security, as well as contributing to projects aimed at enhancing the company's security posture. Additionally, the team specializes in malware detection, Database Activity Monitoring (DAM), Host/Network Intrusion (IDS/IPS), Web Application Firewall (WAF), and Security Information Event Management (SIEM).
Your Tasks:
- Enhance the secret scanning process and monitor it continuously for potential improvements.
- Collaborate with various stakeholders and team members to identify secrets such as API keys, database credentials, or security certificates.
- Provide timely subject matter expertise to IT support groups for risk mitigation and critical decision-making.
- Stay updated with the latest security trends to uphold the organization's security posture.
- Oversee the secure issuance of tool credentials and ensure the security of the credential management process.
- Ensure daily operational duties related to secret scanning.
Your Qualifications:
- Hold a university degree in IT, business informatics, or a comparable field.
- Possess coding experience with a strong interest in security.
- Understand development processes, branching strategies, or modern programming/scripting languages.
- Comprehend development methodologies and the secure software development lifecycle.
- Preferred familiarity with application security and DevSecOps.
- Experience with security tools such as HP Fortify MicroFocus, GitHub code and secret scanning, CodeQL, RestAPI, Define process GitHub - Custom Patterns, Imperva, JSonar, and AquaSec for CI/CD container scanning.
- Familiarity with application security testing tools like Fortify MicroFocus, GitHub Advanced Security, Imperva, AquaSec, Black Duck, and SonarQube.
- Demonstrated awareness of cybersecurity trends.
- Proficiency in using GitHub Actions/Workflows or other CI/CD platforms to implement security measures.
- Strong knowledge of Application Security including OWASP Top Ten, CWEs, and proficiency in application security testing (SSCA, SAST, DAST, SCA, etc.).
- Ability to perform well under pressure in a fast-paced environment.
- Possess strong attention to detail, analytical thinking, and exceptional problem-solving skills.
- Ability to communicate complex topics effectively.
- Proficiency in both written and spoken English, with German being a plus.
- Additionally, you should be a team player with excellent communication skills, high motivation, and adaptability.
If you are intersted please reach out to me, Louise Bagge.