Product Security Expert

Electrify your career

We believe the future of mobility is electric. With the backing of BMW Group, Mercedes-Benz Mobility AG & bp we are one of the leading global drivers of the change to e-mobility. DCS was founded on a simple idea: charging an EV should be as easy as it gets. Together, we are developing digital solutions that help connect the drivers with a broad network of charging stations and thereby enable our users a seamless charging experience.

Make an impact by

Reporting directly to our ISO, you will be our key player when it comes to fostering DCS' Information Security and helping us scale it to the next level. A strong focus of the role will be building security into the development lifecycle and decreasing the number of vulnerabilities deployed to production.

• Secure all steps in the software development life cycle holistically
• Define secure coding guidelines as part of security requirements and implement them in CI/CD
• Ensure fast feedback on security requirements to the software developers by running security checks in an automated cycle within the CI/CD pipeline
• Working in alignment with software engineering leadership to steer effort for security fixing and make it a positive experience for software engineers
• Monitor and report on potential vulnerabilities with automated ticket creation to provide fixing from within the teams
• Conduct secure coding awareness training and sharing of best practices
• Develop threat models and attack trees for the applications in DCS
• Conduct / setup of penetration tests across all applications including web and mobile (android/iOS) applications in DCS and track findings for remediation
• Assist ISO to ensure compliance to current standards e.g. ISO27001, TISAX and GDPR
• Attack modelling and red teaming

Your profile

• A degree in Computer Science or relevant experience
• 3-5 years of experience to secure the delivery and operations of SaaS offering on public clouds and Penetration Testing.
• Professional knowledge and practical experience to secure the software delivery process including the ability to test applications for security flaws
• Knowledge of OWASP Top 10 Security risks
• Practical knowledge of security tools for automated software testing within CI/CD pipeline
• Strong communication skills towards software engineers and ability to motivate teams to increase their capability to build security by design
• Strong understanding of one of the programming languages Java, swift
• Certifications OSCP, OSWE, CRTP, or similar

We offer

• A unique opportunity combining the energy of a scale up with the power of BMW, Mercedes Benz Mobility & bp
• Working on products & services with a high social impact
• An international team of talented people who love what they do and live a collaborative spirit
• An open minded culture with room for growth and the freedom to bring in own ideas
• Subsidized gym membership
• Subsidized office lunch benefit
• Personal development budget for your professional growth
• Monthly mobility budget
• Up to 2 days of home office in a week
• Offsite/ team events & much more and modern, sunny offices in Berlin & Munich

… and of course the classics: delicious coffee & tea, fresh fruits and an office dog friendly environment

At DCS we acknowledge the value of diversity, promote equality and challenge unfair discrimination. We strive to create an inclusive work environment, safe for anyone regardless of their gender identity, sexual orientation, abilities, ethnicity or race. We have the clear goal of driving diversity and inclusion across all dimensions and treat each applicant with the same respect and consideration.