Security Specialist
DrAnsay.com
full-time
Posted on:
Location Type: Remote
Location: Germany
Visit company websiteExplore more
Tech Stack
About the role
- Take ownership of application and cloud security across our services, APIs, mobile apps, and Kubernetes-based GCP infrastructure
- Conduct hands-on penetration testing (Node.js/TypeScript, APIs, iOS/Android), including tools such as Burp Suite
- Identify and remediate vulnerabilities (e.g., auth bypass, injection, deserialization flaws)
- Define and implement secure API standards (JWT/OAuth, TLS/mTLS, validation, rate limiting, CORS)
- Harden infrastructure (Kubernetes/GCP, Postgres, Redis/BullMQ) and secure mobile applications
- Establish and continuously improve Secure SDLC practices (threat modeling, reviews, SAST/DAST in CI/CD)
- Implement automated monitoring (eBPF, Falco) and support incident response
- Contribute to GDPR, ISO 27001, and SOC 2 initiatives
Requirements
- Solid hands-on experience in application and/or cloud security
- Experience with Kubernetes and GCP
- Strong understanding of API security (OWASP API & Mobile Top 10)
- Experience securing Node.js/TypeScript systems
- Comfortable working independently and driving initiatives forward
- Nice to have: CISSP, CKS, CCSP, OSCP | Container scanning | GCP IAM | Automation scripting
Benefits
- Remote work & flexible setup
- Professional development & certification budget
- A role with real ownership and strong visibility
- High impact in a high-growth environment
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
penetration testingNode.jsTypeScriptAPI securityKubernetesGCPsecure API standardsSecure SDLCautomated monitoringvulnerability remediation
Soft Skills
ownershipindependenceinitiative driving
Certifications
CISSPCKSCCSPOSCP