We are the leading provider of software in the healthcare sector. With our vision ‘No one should suffer or die just because some medical information is missing’, we want to create a culture that makes a sustainable contribution to the future of our healthcare system. Our work serves the goal of improving healthcare by ensuring that the necessary information is available anytime and anywhere. Your contribution: Formulate and refine policies to set the standard in our secure development process. Design and lead workshops to improve our development teams' competency in application security. Work with teams to organise external penetration testing, analyse reports, recommend solutions and centralise vulnerability management. Focus on Java to ensure our code base is robust against threats. As a consultant, support product and development teams in threat modelling, security reviews and vulnerability management and play a key role in supporting and refining our bug bounty initiatives. Innovate and automate tools and processes to proactively prevent security issues. What you bring along: Strong ability to collaborate with software development teams and experience in identifying security issues, preferably in Java. Excellent written and verbal communication skills, able to simplify complex topics. Knowledge of security libraries and tools (static analysis tools, penetration testing tools, etc.) and understanding of common security flaws (e.g. OWASP Top 10) and methods to fix them. Hands-on development or scripting experience, preferably with a focus on DevSecOps, as well as solid knowledge of network and web protocols (TCP/IP, UDP, HTTP, HTTPS). Experience with frameworks such as OWASP ASVS, OWASP SAMM, OWASP DSOMM and in creating security champion programmes and implementing secure software development lifecycles. What you can expect from us: Mobile Work: Work flexibly for two days a week remotely and three days on-site. Attractive locations: In addition to fully equipped workstations, you can also expect free drinks such as water, coffee and tea at our locations. Development: Our in-house academy and our portfolio of external co-operation partners will support you in your further development. Health: Health is a valuable asset for us. In addition to a hybrid fitness programme, we offer you virtual consultation hours with our company doctor. More is always possible: We also offer corporate benefits, the option of a job bike, company pension scheme and other location-specific benefits. Diversity is part of CGM We look forward to receiving your application regardless of disability, gender, nationality, ethnic and social origin, religion, age, sexual orientation and identity. Convinced? Apply online now with your detailed application documents (including salary expectations and earliest possible starting date).