Senior Security Engineer

komoot GmbH

Remote

Senior

About Komoot

Komoot is an app that lets you find, plan, and share adventures. Driven by a desire to explore, and powered by the outdoor community’s recommendations, it’s komoot’s mission to inspire great adventures making them accessible to all. And we’re good at what we do: Google and Apple have listed us as one of their Apps of the Year numerous times! Today, with over 19 million users and 100,000 five-star reviews, komoot is well on its way to becoming the most popular cycling and hiking app for people who love adventures worldwide.

Join our fully remote team and change the way people explore!

About the role

At komoot we strongly believe in the power of automation. Written rules are good, automated security checks are better. As a security engineer at komoot you’ll closely work together with all product development teams and help them to understand their current security risks. You’ll write and provide tooling in order to avoid security risks in future (shift-left).

Ready for your next adventure?

What you will do

Extend our CI/CD process with automatic security scanning for vulnerable dependencies, static code analysis and compliance checks
Assist your fellow developers in understanding and mitigating security vulnerabilities
Manage our bug-bounty program, triage reports and coordinate a responsible disclosure
Assess, analyse and prioritize security risks across our (AWS) infrastructure

Why you will love it

You work on the global (AWS) infrastructure for one of the most popular consumer applications - komoot inspires millions of people to enjoy the great outdoors
We believe good ideas count more than job titles.
You’ll work in a small and supportive cross-functional team.
You’ll work together with enthusiastic engineers, who also love the outdoors.
You can work from wherever you want, be it a beach, the mountains, your house, co - working location of your choice, our HQ in Potsdam or anywhere else that lies in any time zone situated between UTC-1 and UTC+30
You’ll travel with our team to amazing outdoor places several times a year (when safe) to exchange ideas, learnings and go for hikes and rides. Check out this video to find out more about our team.

You will be succesfull if you

Are highly self-driven, responsible and keen to learn and improve
Know how to model risks and how to communicate them to other teams
Have 5+ years of professional experience with AWS (including their organizations, compliance and security offerings)
Have been responsible for security in a typical web-stack environment for 3+ years – you’re familiar with typical risks in development and operations, and how to address them

Sound like you?

Great, we would love to hear from you! Please send us the following:

Your CV in English highlighting your most relevant experience
A write-up explaining who you are and why you are interested in working at komoot
Feel free to send us something that shows us a little more about what you’re interested in, be it your account on GitHub, Twitter, Instagram, Medium or your blog.

Curious to find out more about our recruitment process? Find out more info here: https://www.komoot.com/jobs-process

At komoot we want to make great adventures accessible to everyone. We support diversity and inclusivity within the outdoors and welcome all prospective applicants.

We have a rolling recruitment process. If this role is online it means it’s still open. We’re accepting applications and actively looking for the perfect candidate. Is it you?

Deadline for applications: 03.10.2021.

Apply here