The PSI Group develops software products for optimizing the flow of energy and materials for utilities and industry. As an independent software producer with more than 2,300 employees, PSI has been a technology leader since 1969 for process control systems that ensure sustainable energy supply, mobility and production by combining AI methods with industrially proven optimization methods. The innovative industry products can be operated on-premises or in the cloud.
SENIOR APPLICATION SECURITY ARCHITECT (M/F/D)
Typ: Full-time
Region: Berlin
Business Unit: PSI Software SE Zentrale Dienste
Job description
* Define and implement application security measures
* Design secure SDLC and create corresponding concepts, standards and guidance materials
* Select, introduce and operate SAST and DAST
* Design Threat Modelling using industry frameworks like STRIDE or PASTA and implement together with Product Security Officer
* Coordinate information security test management
* Ensure security across CI/CD pipelines and practices
* Application vulnerability and patch management incl. SBOM
* Ensure usage and compliance to open-source software licenses
* Promote secure coding practices and educate developers on the importance of security in software development
* Design and implement secure application architectures that align with organizational security policies and standards
* Collaborate with cross-functional teams, including development, operations, security, and compliance, to ensure effective communication of security risks and recommendations
* Communicate technical information to both technical and non-technical stakeholders, including senior leadership and customers
Requirements
* Strong understanding of web application vulnerabilities (e.g., OWASP Top 10) and remediation strategies
* Proficiency in secure coding practices and development methodologies
* Experience with cloud-based platforms and containerization (e.g., Docker)
* Knowledge of security frameworks and standards (e.g., NIST Cybersecurity Framework, OWAS Top10, OWASP ASVS)
* CISSP, or related security certifications
* Great enthusiasm for Information Security
* Intrinsic motivation, never ending curiosity
* Quick thinking and continuous learning personality and thus are able to dive into new topics quickly, filter and digest the relevant information
* Inquisitive and analytical mindset
* Strong problem-solving and analytical abilities
* Excellent communication skills verbal and written, clear and to the point
* Proactivity driver attitude happy to collaborate with others
* Ability to work comfortably in a lean and agile environment
What we offer
* Home office options up to three days a week
* Flexible working hours and a variable holiday option
* Solid familiarisation with an exciting and varied job
* Pleasant and team-oriented working atmosphere
* Workplace in the heart of Berlin including free drinks and fruit basket
* Further training opportunities
* Great team that is looking forward to meeting you
Does this sound like the right challenge for you? Then we look forward to receiving your CV and cover letter, stating your salary expectations and earliest possible starting date.
#J-18808-Ljbffr