Senior Cloud Security Engineer (F/M/D)
— Munich, GermanyBy agreement
Munich, GermanyFull-timeSeniornavvis
Description (EN)
<p><img style="max-width: 100%;" src="https://3339696.fs1.hubspotusercontent-na1.net/hubfs/3339696/greenhouse_hero.jpg" alt="" width="900"></p>
<h3>THE OPPORTUNITY</h3>
<p><span data-contrast="auto">As a </span><strong><span data-contrast="auto">Cloud Security Engineer</span></strong><span data-contrast="auto"> at NavVis, you will play a critical role in strengthening our cloud security posture across AWS and Kubernetes environments. You will own and optimize our Wiz platform, implement security automation, and ensure compliance with ISO 27001 and SOC 2 standards. </span><span data-ccp-props="{}"> </span></p>
<p><span data-contrast="auto">This is a hands-on role where you will collaborate closely with engineering teams to embed security into our infrastructure and processes.</span><span data-ccp-props="{}"> </span></p>
<p> </p>
<h3>HOW YOU WILL MAKE AN IMPACT</h3>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1"><span data-contrast="auto">Own and continuously improve our cloud security posture using </span><strong><span data-contrast="auto">Wiz, AWS native services and internal monitoring</span></strong><span data-ccp-props="{}"> </span></li>
</ul>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="2" data-aria-level="1"><span data-contrast="auto">Drive security automation and hardening across </span><strong><span data-contrast="auto">AWS, EKS and on-prem infrastructure</span></strong><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="3" data-aria-level="1"><span data-contrast="auto">Integrate security controls into </span><strong><span data-contrast="auto">CI/CD pipelines</span></strong><span data-contrast="auto"> (Terraform, Helm, GitOps) to prevent misconfigurations early</span><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="4" data-aria-level="1"><span data-contrast="auto">Design and maintain </span><strong><span data-contrast="auto">guardrails and detection rules</span></strong><span data-contrast="auto"> for identity, network and workload security</span><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="5" data-aria-level="1"><span data-contrast="auto">Design and enforce </span><strong><span data-contrast="auto">least-privilege IAM</span></strong><span data-contrast="auto"> and support </span><strong><span data-contrast="auto">SSO and SAML workflows</span></strong><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="6" data-aria-level="1"><span data-contrast="auto">Partner closely with engineering teams to </span><strong><span data-contrast="auto">secure new services and architectural changes</span></strong><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="7" data-aria-level="1"><span data-contrast="auto">Lead </span><strong><span data-contrast="auto">vulnerability management and remediation</span></strong><span data-contrast="auto"> across cloud assets, containers and applications</span><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="8" data-aria-level="1"><span data-contrast="auto">Support </span><strong><span data-contrast="auto">risk assessments, internal security reviews and compliance initiatives</span></strong><span data-contrast="auto"> (ISO 27001, SOC 2)</span><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="9" data-aria-level="1"><span data-contrast="auto">Investigate and respond to </span><strong><span data-contrast="auto">security incidents</span></strong><span data-contrast="auto">, driving follow-up improvements</span><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="10" data-aria-level="1"><span data-contrast="auto">Contribute to internal </span><strong><span data-contrast="auto">security standards, playbooks and documentation</span></strong><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<p><span data-ccp-props="{}"> </span></p>
<h3><br>WHAT WILL HELP YOU SUCCEED IN THE ROLE</h3>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="12" data-aria-level="1"><span data-contrast="auto">Strong hands-on experience with </span><strong><span data-contrast="auto">AWS security</span></strong><span data-contrast="auto"> (IAM, KMS, networking, GuardDuty, Security Hub)</span><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="13" data-aria-level="1"><span data-contrast="auto">Solid knowledge of </span><strong><span data-contrast="auto">Kubernetes security</span></strong><span data-contrast="auto"> (RBAC, admission controllers, network policies)</span><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="14" data-aria-level="1"><span data-contrast="auto">Strong </span><strong><span data-contrast="auto">Terraform</span></strong><span data-contrast="auto"> skills and an automation-first mindset</span><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="15" data-aria-level="1"><span data-contrast="auto">Experience with </span><strong><span data-contrast="auto">CSPM and cloud monitoring tools</span></strong><span data-contrast="auto"> (Wiz is a strong plus)</span><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="16" data-aria-level="1"><span data-contrast="auto">Familiarity with </span><strong><span data-contrast="auto">ISO 27001 and SOC 2</span></strong><span data-contrast="auto"> control environments</span><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="17" data-aria-level="1"><span data-contrast="auto">Experience designing and enforcing </span><strong><span data-contrast="auto">least-privilege access models</span></strong><span data-contrast="auto"> and SSO integrations</span><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="18" data-aria-level="1"><span data-contrast="auto">Confidence handling </span><strong><span data-contrast="auto">security incidents</span></strong><span data-contrast="auto">, investigations and documentation</span><span data-ccp-props="{"134233117":false,"134233118":false,"335559738":240,"335559739":240}"> </span></li>
</ul>
<p> </p>
<h3>HOW WE WILL KNOW WE ARE A PERFECT MATCH</h3>
<p>Your recruiting partner for this role is Sylvie (she/her). You can expect to go through a screening call, and up to 4 rounds of interviews, where we would love to discover your passion and interests, introduce you to who we are and what drives us, and finally understand how we can potentially add value to each other's growth.</p>
<p> </p>
<h3>HOW WE WILL KEEP YOU SMILING</h3>
<ul>
<li>It's important to take a break from work! We offer 30 days of paid time off per year</li>
<li>Affordable access to a vast network of fitness and wellness facilities through EGYM Wellpass subsidy</li>
<li>Deutschlandticket subsidy to support sustainable travel using public transport</li>
<li>We offer flexible working hours and a hybrid work setup, enabling you to plan your work around your life, and not your life around work!</li>
<li>We offer full visa and relocation support for international candidates</li>
<li>An attractive bike leasing model through JobRad, in line with our commitment towards sustainable mobility</li>
<li>A competitive compensation package that values the skills and experience you bring</li>
<li>Up to 4000 EUR employee referral bonus </li>
<li>Financial support for local language classes to help you in your journey of integrating into the culture!</li>
</ul>
<div class="detail-block-description"><strong>We derive our strength from our diversity.</strong>
<p>NavVis’ unwavering commitment to fostering an inclusive and diverse workplace has laid the foundation for our incredible growth. We thrive on the collective strength of our people who come from diverse backgrounds. We respect and value every experience associated with race, gender identity, sexual orientation, nationality, religion and disability. We do not discriminate on the basis of any of these, or other identities, and strongly encourage everyone to apply.</p>
<p><strong>Together with you, we build NavVis!</strong></p>
<p>If you need assistance at any stage of the recruiting process due to a disability, please reach out to your recruiting partner(s) for this position.</p>
</div>
Published 12 days ago