Application Security Lead

vor 3 Wochen


Düsseldorf, Nordrhein-Westfalen, Deutschland METROMAKRO Vollzeit

About METRO

METRO is a leading international food wholesaler with a strong commitment to sustainability. We cater to the needs of hotels, restaurants, caterers, and independent merchants, with a unique multichannel mix that offers flexibility and convenience. Our goal is to become the cyber-resilient omni-channel wholesaler, and we're looking for a talented individual to help us achieve this vision.

Job Description

We're seeking an experienced Application Security Lead to join our team. As a key member of our cybersecurity team, you will be responsible for defining security requirements for our cloud platforms, monitoring their fulfillment, and contributing to the development of relevant guidelines and standards. You will also work closely with software engineer teams to address identified software vulnerabilities and weaknesses.

Responsibilities

  • Contribute to the development of relevant guidelines and standards related to application security, cryptography management, and software development.
  • Ensure that each step of the software development lifecycle (SDLC) used by software engineers across METRO follows best practices in terms of information security and data privacy.
  • Develop and maintain the needed technologies and processes to be included in continuous software development processes (CI/CD pipelines) to include tollgates to secure that security control validations are automatically performed during development and deployment phases.
  • Support software engineer teams across METRO to address identified software vulnerabilities and weaknesses.
  • Support cyberdefense and software engineer teams in case of identified risks or security alerts related to software or third-party library vulnerabilities to determine METRO's exposure to such vulnerabilities and risks.

Requirements

  • Bachelor's degree in Cybersecurity, Information Technology, or a related field (or equivalent experience).
  • Minimum of 5 years of experience in Application security engineering or DevSecOps.
  • Proven experience in defining and implementing Secure-SDLC controls.
  • Strong understanding of cloud security best practices and industry standards (e.g., GCP Security Best Practices, ASVS, OWASP, CIS Controls).
  • In-depth knowledge of SAST, SCA, DAST security concepts.
  • Experience with CI/CD tools.
  • Experience with cloud security tools and technologies (e.g., CloudTrail, GuardDuty, Security Hub).
  • Excellent communication, collaboration, and problem-solving skills.
  • Experience with bug bounty programs.
  • Ability to work independently and as part of a team.

What We Offer

  • A fast-growing international team with significant scaling ambitions across multiple markets.
  • Trusted working hours, 30 days of vacation, and home office options.
  • A comprehensive further training offer and an annual training budget.
  • Health programs, a free fitness studio on our campus, and regular employee events.
  • Very good public transport connections and free parking spaces, including charging facilities for e-mobility.

Please note that all job opportunities at METRO AG require that you live in/move to Germany and can be in office in Düsseldorf at least 2 times per week. We don't offer 100% remote opportunities.



  • Düsseldorf, Nordrhein-Westfalen, Deutschland METROMAKRO Vollzeit

    Transform Cybersecurity Capabilities at METROAs a leading international food wholesaler, METRO is committed to delivering exceptional customer experiences while ensuring the highest level of security and data protection. We are seeking a highly skilled Application Security Lead to join our team and drive the development of our cybersecurity...


  • Düsseldorf, Nordrhein-Westfalen, Deutschland METROMAKRO Vollzeit

    Transform Cybersecurity Capabilities at METROAs a leading international food wholesaler, METRO is committed to delivering exceptional customer experiences while ensuring the highest level of security and data protection. We are seeking a highly skilled Application Security Lead to join our team and drive the development of our cybersecurity...


  • Düsseldorf, Nordrhein-Westfalen, Deutschland METROMAKRO Vollzeit

    About METROMETRO is a leading international food wholesaler with a strong commitment to sustainability. We cater to the needs of hotels, restaurants, caterers, and independent merchants, with a unique multichannel mix that offers flexibility and convenience. Our goal is to become the cyber-resilient omni-channel wholesaler, and we're looking for a talented...


  • Düsseldorf, Nordrhein-Westfalen, Deutschland METROMAKRO Vollzeit

    About METROAt METRO, we are a leading international food wholesaler, catering to the needs of hotels, restaurants, caterers, and independent merchants. With approximately 15 million customers worldwide, our unique multichannel mix offers flexibility in purchasing goods in-store or via our digitally connected Food Service Distribution (FSD) delivery. We...

  • Cloud Security Lead

    vor 4 Wochen


    Düsseldorf, Nordrhein-Westfalen, Deutschland METROMAKRO Vollzeit

    Cloud Security LeadAt METRO, we are committed to delivering exceptional customer experiences while ensuring the security and integrity of our cloud-based systems. As a Cloud Security Lead, you will play a critical role in defining and implementing cloud security strategies that align with industry standards and regulations.Key Responsibilities:Develop and...

  • Cloud Security Lead

    vor 4 Wochen


    Düsseldorf, Nordrhein-Westfalen, Deutschland METROMAKRO Vollzeit

    Cloud Security LeadAt METRO, we are committed to delivering exceptional customer experiences while ensuring the security and integrity of our cloud-based systems. As a Cloud Security Lead, you will play a critical role in defining and implementing cloud security strategies that align with industry standards and regulations.Key Responsibilities:Develop and...

  • Cloud Security Lead

    vor 3 Wochen


    Düsseldorf, Nordrhein-Westfalen, Deutschland METROMAKRO Vollzeit

    About METROMETRO is a leading international food wholesaler, catering to the needs of hotels, restaurants, caterers, and independent merchants. With a unique multichannel mix, we offer flexibility in purchasing goods in-store or via our digitally connected Food Service Distribution delivery. Our commitment to sustainability is reflected in our actions and...

  • Cloud Security Lead

    vor 4 Wochen


    Düsseldorf, Nordrhein-Westfalen, Deutschland METROMAKRO Vollzeit

    About the RoleMETRO is seeking a highly skilled Cloud Security Lead to join our team. As a key member of our cybersecurity team, you will be responsible for defining and implementing security requirements for our cloud platforms.Key ResponsibilitiesDevelop and maintain a cloud security governance framework to ensure the secure use of cloud servicesConduct...

  • Cloud Security Lead

    vor 3 Wochen


    Düsseldorf, Nordrhein-Westfalen, Deutschland METROMAKRO Vollzeit

    About METROMETRO is a leading international food wholesaler, catering to the needs of hotels, restaurants, caterers, and independent merchants. With a unique multichannel mix, we offer flexibility in purchasing goods in-store or via our digitally connected Food Service Distribution delivery. Our commitment to sustainability is reflected in our actions and...

  • Cloud Security Lead

    vor 3 Wochen


    Düsseldorf, Nordrhein-Westfalen, Deutschland METROMAKRO Vollzeit

    About METROAs a leading international food wholesaler, METRO is specialized in catering to the needs of hotels, restaurants, caterers, independent merchants, and more. With approximately 15 million customers worldwide, our unique multichannel mix offers the flexibility of purchasing goods in-store or via our digitally connected Food Service Distribution...


  • Düsseldorf, Nordrhein-Westfalen, Deutschland METRO AG Vollzeit

    Cyber Security Incident Response Process LeadTransforming cyber security capabilities on a global scale requires a strategic approach to incident response. As a Cyber Security Incident Response Process Lead at METRO AG, you will play a crucial role in developing and strengthening our entire department. Your expertise in incident response will enable us to...


  • Düsseldorf, Nordrhein-Westfalen, Deutschland METROMAKRO Vollzeit

    About the RoleAt METRO, we are seeking a highly skilled Cloud Security Lead to join our team. As a Cloud Security Lead, you will be responsible for defining the security requirements for our cloud platforms, monitoring their fulfillment, and ensuring compliance with industry standards and regulations.Key ResponsibilitiesDefine a cloud security governance...

  • IT Security Auditor

    vor 2 Monaten


    Düsseldorf, Nordrhein-Westfalen, Deutschland TÜV TRUST IT Unternehmensgruppe TÜV AUSTRIA Vollzeit

    About UsTÜV TRUST IT is part of the TÜV AUSTRIA Group, a global leader with over 2000 professionals across more than 20 countries. We specialize in delivering customized solutions in industrial services, testing, monitoring, cybersecurity, data protection, and insurance services, along with training for professional development.Your RoleWe are seeking a...

  • IT Security Auditor

    vor 3 Monaten


    Düsseldorf, Nordrhein-Westfalen, Deutschland TÜV TRUST IT Unternehmensgruppe TÜV AUSTRIA Vollzeit

    About UsTÜV TRUST IT is part of the TÜV AUSTRIA Group, a global leader with over 2000 professionals across more than 20 countries. We specialize in delivering customized solutions in industrial services, testing, monitoring, cybersecurity, data protection, and insurance services, along with training for professional development.Your RoleWe are seeking a...


  • Düsseldorf, Nordrhein-Westfalen, Deutschland METROMAKRO Vollzeit

    Job DescriptionAt METRO, we are seeking a highly skilled Network & Infrastructure Security Lead to join our team. As a key member of our cybersecurity team, you will be responsible for designing, implementing, and maintaining our IT and Network infrastructure with a focus on security.Your Responsibilities:Plan, architect, and formulate designs for Network &...


  • Düsseldorf, Nordrhein-Westfalen, Deutschland METROMAKRO Vollzeit

    Job DescriptionAt METRO, we are seeking a highly skilled Network & Infrastructure Security Lead to join our team. As a key member of our cybersecurity team, you will be responsible for designing, implementing, and maintaining our IT and Network infrastructure with a focus on security.Your Responsibilities:Plan, architect, and formulate designs for Network &...


  • Düsseldorf, Nordrhein-Westfalen, Deutschland Stepstone GmbH Vollzeit

    About the RoleWe are seeking a highly skilled Senior SOC Engineer to join our team at The Stepstone Group. As a key member of our security operations team, you will be responsible for monitoring, analyzing, and responding to security threats in real-time.Key ResponsibilitiesMonitor and analyze security data from diverse sources, including logs, EDR...


  • Düsseldorf, Nordrhein-Westfalen, Deutschland Stepstone GmbH Vollzeit

    About the RoleWe are seeking a highly skilled Senior SOC Engineer to join our team at The Stepstone Group. As a key member of our security operations team, you will be responsible for monitoring, analyzing, and responding to security threats in real-time.Key ResponsibilitiesMonitor and analyze security data from diverse sources, including logs, EDR...

  • IT Operations Lead

    vor 4 Wochen


    Düsseldorf, Nordrhein-Westfalen, Deutschland Uniper Vollzeit

    At Uniper, we are proactively transforming the world of energy while ensuring security of energy supply. Our corporate culture is characterized by equal opportunities, mutual appreciation, and respect. We are looking for a skilled IT Operations Lead to join our diverse, international team of DevOps engineers, architects, and product owners/project...

  • IT Operations Lead

    vor 4 Wochen


    Düsseldorf, Nordrhein-Westfalen, Deutschland Uniper Vollzeit

    At Uniper, we are proactively transforming the world of energy while ensuring security of energy supply. Our corporate culture is characterized by equal opportunities, mutual appreciation, and respect. We are looking for a skilled IT Operations Lead to join our diverse, international team of DevOps engineers, architects, and product owners/project...