Cybersecurity Engineer - Cloud, Ops (human)

Neura Robotics GmbH
Metzingen, Germany
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Metzingen, Germany

Tech stack

Kubernetes Security
Artificial Intelligence
Amazon Web Services (AWS)
Amazon Web Services (AWS)
Bash
C++
Cloud Computing
Cloud Computing Security
Cloud Engineering
Computer Security
Identity and Access Management
Information Systems Security Architecture Professional
Python
Key Management
Network Segmentation
OAuth
OpenID
Open Web Application Security
Secure Coding
Software Engineering
SonarQube
Toolchain
TypeScript
Software Vulnerability Management
Policy as Code
Software Security
Backend
Gitlab-ci
Kubernetes
Information Technology
ONNX (Open Neural Network Exchange) Format
Functional Programming
Api Gateway
Terraform
Devsecops
Amazon Web Services (AWS)
Static Application Security Testing
Microservices
Dynamic Application Security Testing

Job description

  • Secure Cloud-Native Platforms: Secure cloud-native platforms (AWS EKS, Lambda, API Gateway, IoT Core, S3) via least-privilege IAM, network segmentation, secrets management, and policy-as-code (Terraform/AWS Organizations).

  • Own the AppSec Toolchain: Operate SAST (Semgrep/SonarQube), DAST (ZAP/Burp), SCA, and container/IaC scanning in GitLab CI/CD; extend coverage to Kubernetes manifests and supply chain.

  • Drive Vulnerability Management: Run risk-based vulnerability management: CVSS + exploitability rating, SLA-driven remediation tracking, and structured closure evidence for internal KPIs and regulatory reporting.

  • Perform Threat Modeling: Conduct STRIDE threat modeling across microservices, edge, and AI/ML inference pipelines; translate findings into architecture decisions.

  • Support NIS2 Compliance: Own NIS2 Art. 21 measure documentation, incident notification workflows (24h/72h), and supply-chain security assessments for cloud dependencies.

  • Define Secure Coding Standards: Define and enforce secure coding and API standards (Python, TypeScript, C++; OAuth2/OIDC, JWT) and deliver developer-oriented remediation guidance embedded in engineering workflows.

  • Lead Secure Architecture Reviews: Lead secure architecture reviews for cloud-native and AI-adjacent systems; assess AI/ML pipeline security controls (SageMaker, Triton, ONNX) and model supply chain risks.

  • Bridge to Embedded Security: Align cloud threat models and security controls with the embedded cybersecurity team to maintain end-to-end integrity from robot controller to cloud backend.

Requirements

  • Education & Certification: Degree in Computer Science, Cybersecurity, or Software Engineering; OSCP or AWS Security Specialty is a differentiator.

  • Track Record: 3-5 years in application or cloud security with demonstrated ownership of AppSec tooling and vuln management in a product environment - not advisory only.

  • Security Fundamentals: Hands-on command of OWASP Top 10/ASVS, cloud security posture (AWS preferred), and DevSecOps tooling (SAST, DAST, SCA) - not just theoretical.

  • Vulnerability Management Process: Proven vuln management lifecycle: CVSS + exploitability triage, SLA-driven closure, and audit-ready documentation.

  • Regulatory Familiarity: Working knowledge of NIS2, EU CRA, ISO 27001, or IEC 62443; able to translate findings into compliance documentation for internal governance and external audit.

  • Technical Skills: Python/Bash proficiency; hands-on with container and Kubernetes security, IaC scanning, and AWS governance tooling (Config, SCPs, GuardDuty).

  • AI/ML Pipeline Exposure: Exposure to AI/ML pipeline security (SageMaker, Triton, ONNX) and model supply chain risks is a significant differentiator.

  • Collaboration & Communication: Communicates security risk clearly to engineering and management; written outputs audit-ready. Interfaces effectively with embedded security, certification, and external auditors.

Apply for this position