Application Security Engineer

• Lead threat modeling and secure design reviews for new features, services, and architectural changes to discover and mitigate security findings early (shift left).
• Design and implement security-sensitive application functionality such as authentication, authorization, roles and permissions, and customer data handling.
• Build and maintain security libraries, tooling, and AI-powered agent suites that enable engineering teams to ship secure code by default and run frequent in-house security tests.
• Own our security testing lifecycle: integrate SAST, DAST, and SCA into CI/CD, contract and operate external penetration tests, and lead remediation of findings end-to-end.
• Perform secure code reviews and partner with developers on fixes, not just filing tickets, but pairing on solutions.
• Harden cloud infrastructure and runtime environments, including container security, network policies, secrets management, and least-privilege access controls.
• Evaluate security risks of portfolio companies.

Do you have experience in Terraform?, Do you have a Master's degree?, * BSc. or MSc. in Computer Science or comparable degree.

• At least 5 years of experience in software engineering and infrastructure with focus on security.
• Exceptional problem-solving abilities, effective communication, and teamwork skills.
• You should be strong in Backend & Application Security Engineering and at least one of the remaining three skill sets:
• Backend & Application Security Engineering (required)

• Strong proficiency in Go (or motivation to learn it); experience with Python is a plus.
• Experience building secure backend services, APIs, and security-sensitive application features (auth, access control, data protection).
• Hands-on experience with threat modeling methodologies (e.g., STRIDE) and secure design reviews.
• Experience with security testing tools (SAST, DAST, SCA) such as Semgrep, CodeQL, Snyk, or Burp Suite.
• Deep understanding of OWASP Top 10, common vulnerability classes, and secure coding practices.

• Security & Compliance Engineering

• Experience implementing and automating security controls in cloud environments (AWS preferred).
• Familiarity with PCI DSS standards and compliance lifecycle management.
• Understanding of IAM, network security, encryption, and secure SDLC practices.
• Experience with cloud-native security tools (e.g., AWS Security Hub, GuardDuty, CloudTrail).
• Experience with security audits, risk assessments, and evidence collection.

• Cloud Infrastructure (AWS)

• Strong hands-on experience with AWS services such as IAM, VPC, ECS/EKS, and Lambda.
• Experience with Infrastructure as Code tools (Terraform, CDK, or CloudFormation).
• Understanding of container security, secrets management, and CI/CD hardening.
• Experience with observability, monitoring, and cloud compliance automation.

• Infra & CI/CD

• Experience setting up secure CI/CD pipelines and tooling (Terraform, Docker, etc.).
• Setup and management of large-scale applications using Kubernetes on AWS.
• Knowledge of security management, least privilege enforcement, and compliance automation.

Join us at the forefront of innovation in the AI sector. Our mission is to accelerate the future of work. We're not merely envisioning the future; we're actively constructing it. Our work is inspired by Ford's assembly line and Ohno's production system. We are a well-funded Silicon Valley based Series A startup backed top-tier VCs. Our founding team boasts a remarkable track record in AI and startup ecosystem, with each member having previously steered AI startups to unicorn status (Cresta.ai). As we write this new chapter in AI, we invite you to be part of this exciting journey. Be a part of an exceptional team that's not just watching the future unfold but actively making a huge impact in a short amount of time. We are growing our engineering team centered around Berlin. This is a great opportunity to work in a European tech hub with global impact.