Senior Security Engineer Java Applications

As a Senior Security Engineer (m/f/d), you take a leading role in ensuring product security across multiple development teams. You design and drive security initiatives, define secure development practices, and work closely with software architects, product managers, and engineering leads. You are a subject matter expert for application security and contribute to strategic improvements of our software development lifecycle. You enable and mentor teams to build secure software from the ground up., * Define and evolve security architecture and secure development practices across product teams

• Act as subject matter expert for application security in architecture reviews and design decisions
• Lead the definition and implementation of a Secure Software Development Lifecycle (SSDLC)
• Identify systemic vulnerabilities and propose strategic mitigations
• Design and roll out training and awareness initiatives for secure coding
• Collaborate with architects, DevOps, and engineering leadership to align on security goals
• Evaluate and implement tools for static analysis, dependencyscanning, and security automation
• Support vulnerability management and coordinate remediation with product teams
• Provide technical leadership for application security within the development organization
• Establish and maintain secure coding guidelines and development standards
• Act as trusted advisor to engineering teams on security critical implementation details
• Monitor industry trends and threat landscapes to proactively recommend improvements
• Represent security requirements and positions in architecture boards and product planning, If you have any questions about the position or application process, our Talent Acquisition Team is happy to assist.

• University degree in computer science, mathematics, IT or equivalent professional experience
• 6-9 years of professional experience in software development or security engineering
• Deep understanding of secure software architecture and application-layer vulnerabilities
• Proven experience with SSDLC implementation and secure coding standards
• Strong knowledge of Java, Spring (especially Spring Security), JPA
• Proficient in common web technologies (REST APIs, TypeScript/Angular)
• Familiar with OWASP Top 10, CWE, CVSS, and secure development frameworks
• Experience with tools for static/dynamic analysis, SCA, and CI-integrated security testing
• Strong communication skills, able to align security priorities across teams
• Experience mentoring developers and engineers in secure development practices