What awaits you
Are you looking for a new challenge in a forward-thinking company that truly adds value to society?
Do you have an intrinsically motivated hands-on mentality, and is security deeply embedded in your DNA?
Do you thrive in a dynamic environment and value flat hierarchies just as much as short communication paths?
Is it important to you to work in an authentic and appreciative environment where our values are not just empty words but a lived culture?
Then we are exactly the right company for you to continue growing and be successful – and could you be our new hero?
DRACOON stands for making the world a bit safer and giving back data sovereignty. Behind our team are unique individuals who live this mission and are committed to it.
This is what awaits you at DRACOON:
* Exciting tasks in the area of development, which you can actively shape with your ideas and your performance.
* Top prospects in an innovative scale-up SaaS company headquartered in Sillicon Valley.
* An agile working environment with colleagues who are innovatively changing and shaping the cloud environment.
* An employer that enables data sovereignty and digital freedom and thus offers real added value to society.
* A corporate culture in which we work together to find solutions to major challenges
* A motivated team where personal and business successes are celebrated together and setbacks are a reason to improve together
In a fully remote, hybrid, or Regensburg-based setting, we are looking for a dedicated and ambitious Senior Security Engineer / Cyber Security Professional (f/m/d) in full-time.
Your Tasks:
* Analyze: Assess reported vulnerabilities, evaluate risks using CVSS methods, and determine their impact.
* Review: Conduct product code reviews with a strong focus on security to ensure robust defenses.
* Consult: Provide expert guidance in design and security reviews for the development of new features.
* Execute: Perform white-box security scans and apply system/application hardening measures.
* Research: Investigate, evaluate, and integrate new security technologies and tools within CI pipelines.
* Develop: Create automation and security tools to enhance the overall security posture of the organization.
* Document: Record security fixes meticulously and support customer service by preparing security advisories.
* Maintain: Ensure comprehensive documentation of security issues and manage CVE filings.
* Model: Perform thorough threat modeling to identify potential security risks.
Your Profile:
* Degree: Hold a Bachelor’s or Master’s degree, with 5+ years of hands-on experience in cybersecurity roles.
* Expertise: Possess deep knowledge of common web application vulnerabilities and effective mitigation strategies.
* Practice: Demonstrate a proven ability to validate and implement security fixes, managing vulnerability reports with expertise.
Key Skills:
* Analyze: Be proficient in analyzing vulnerability reports such as pentest results and bug bounty reports.
* Secure: Have in-depth knowledge in secure software development practices.
* Harden: Bring hands-on experience with blue team responsibilities, including security hardening.
* Code: Proficient in Java and TypeScript for security-related tasks.
Nice to have:
* Bonus: Experience in professional software development is a significant plus.
* Integrate: Showcase expertise in integrating security measures into CI/CD pipelines using tools like GitLab, Jenkins, etc.
* Certification: Possessing security certifications (e.g., SANS) is highly valued.
Your Benefits:
* Your Workplace: Remote work, hybrid, or in the office – work wherever you want!
* Your Working Hours: Whether you're a night owl or an early bird, work when you're most productive.
* Your Workation: Work from home or the other side of the world, up to 183 days a year.
* Your Equipment: Mac or Microsoft – you work with the IT equipment of your choice.
* Your Pension: We contribute 20% to your company pension scheme (BAV) and also cover ongoing contracts.
* Your Discounts: Enjoy attractive employee discounts via Bitkom with numerous well-known providers.
* Your Extra: Shop with the Edenred gift card, with an average of €20 per month.
* Your Development: Continue your education with your personal annual training budget.
* Your Health: Stay fit with our gym subsidy.
* Your Flexibility: With your flexitime account, you can make up for longer days at any time.
* Your Birthday: Celebrate yourself with a special day off on your birthday.
* Your Engagement: Use a special vacation day to engage in social or environmental causes.
* Your DRACOON: On-site, enjoy a drink flat rate from A for apple juice to Z for Coke ZERO, and of course, the obligatory fruit basket.
At DRACOON, we place great importance on equal opportunities, individuality, and diversity. We warmly welcome all qualified applicants, regardless of ethnic background, origin, or sexual orientation, to apply.
Start Date: December or by arrangement
Compensation: By arrangement
About us
DRACOON
"Your Key to Digital Freedom"
Every company faces the challenge of securely storing, managing, and sharing data digitally. DRACOON, based in Regensburg, is the market leader in enterprise file services in the German-speaking region, and its platform is dedicated to giving the world back sovereignty over its data.
The platform has been recognized as a "Leader" by independent top analysts like ISG, and it meets the highest security standards as verified by various certificates, seals, and audits, including BSI C5, ISO 27001, and IDW PS 951.
Following the principle of "Privacy by Design," DRACOON integrates client-side encryption. Data that is sent and stored is maximally protected, as the decryption key always remains with the owner. Not even the admin or DRACOON as the operator has access. The fine-grained user and rights management system offers individualized access rights to all stored data, ensuring that authorized users maintain full control.
Big News: DRACOON Joins the Kiteworks Group
DRACOON is joining the Kiteworks Group, marking a significant milestone in the company’s history and further strengthening its commitment to data security. Kiteworks, headquartered in Silicon Valley, offers a Private Content Network that helps organizations manage risks related to sensitive content. This integration combines DRACOON’s local expertise with Kiteworks' global reach. The enhanced partnership promises improved resources, innovation, and strengthened security and compliance solutions.
We look forward to receiving your compelling resume! A cover letter is not required.