Security Engineer – Application Security
Neko Health
full-time
Posted on:
Location Type: Hybrid
Location: Berlin • 🇩🇪 Germany
Visit company websiteJob Level
Mid-LevelSenior
About the role
- Drive Secure Software Development Lifecycle (SSDLC) adoption across teams.
- Perform code reviews and vulnerability assessments for critical applications.
- Integrate and manage SAST/DAST/SCA tools in CI/CD pipelines.
- Conduct threat modelling for new features and products.
- Collaborate with developers to remediate vulnerabilities and improve secure coding practices.
- Produce audit-ready evidence for compliance frameworks.
Requirements
- Strong knowledge of application security principles and OWASP Top 10.
- Experience with secure coding practices and developer enablement.
- Hands-on experience with SAST/DAST/SCA tools.
- Familiarity with CI/CD security integration.
- Understanding of compliance frameworks (ISO 27001, NIST CSF, HIPAA).
Benefits
- Flexible workplace focusing on work/life balance
- Company meetups a couple of times per year
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
Secure Software Development Lifecycle (SSDLC)code reviewsvulnerability assessmentsSAST toolsDAST toolsSCA toolsCI/CD pipelinesthreat modellingsecure coding practicescompliance frameworks
Soft skills
collaborationdeveloper enablement
Certifications
ISO 27001NIST CSFHIPAA