Job description
Application Security Manager
Berlin (Hybrid)
Stott and May are proud to be working with one of the market leaders in developing AI-driven software for energy management, production, and logistics, specializing in optimizing, controlling, and simulating industrial processes. Due to continued growth within their Security division we are looking for a Application Security Manager to join the business
Responsibilities
Requirements
Whats on offer
Berlin (Hybrid)
Stott and May are proud to be working with one of the market leaders in developing AI-driven software for energy management, production, and logistics, specializing in optimizing, controlling, and simulating industrial processes. Due to continued growth within their Security division we are looking for a Application Security Manager to join the business
Responsibilities
- Communicate technical information to both technical and non-technical stakeholders, including senior leadership and customers
- Enable and support product-specific application security roles across our various business units
- Coordinate, align, track and steer business unit specific product and project security roles to achieve secure SDLC implementation across the business
- Form a community and foster knowledge exchange, provide guidance, feedback, training and professional development opportunities to the business unit application security roles
- Collaborate with cross-functional teams, including development, operations, security, and compliance, to ensure effective communication of security risks and recommendations
- Define and implement application security measures
- Design secure SDLC and create corresponding concepts, standards and guidance materials
- Select, introduce and operate SAST and DAST
- Design Threat Modelling using industry frameworks like STRIDE or PASTA and implement together with Product Security Officer
- Coordinate information security test management
- Ensure security across CI/CD pipelines and practices
- Application vulnerability and patch management incl. SBOM
- Ensure usage and compliance to open-source software licenses
- Promote secure coding practices and educate developers on the importance of security in software development
- Design and implement secure application architectures that align with organizational security policies and standards
Requirements
- Strong understanding of web application vulnerabilities (e.g., OWASP Top 10) and remediation strategies
- Proficiency in secure coding practices and development methodologies
- Experience with cloud-based platforms and containerization (e.g., Docker)
- Knowledge of security frameworks and standards (e.g., IEC, NIST Cybersecurity Framework, OWAS Top10, OWASP ASVS)
- CISSP, or related security certifications are a plus
- Great enthusiasm for Information Security
- Intrinsic motivation, never ending curiosity
- Quick thinking and continuous learning personality and thus are able to dive into new topics quickly, filter and digest the relevant information
- Inquisitive and analytical mindset
- Strong problem-solving and analytical abilities
- Excellent communication skills verbal and written, clear and to the point
- Proactivity driver attitude happy to collaborate with others
- Ability to work comfortably in a lean and agile environment
Whats on offer
- Modern environment with flat hierarchies.
- Modern hardware and the opportunity to work with cutting-edge technologies
- Flexible working model with home office days
- Training budget for personal growth
- 30 days vacation
- Events for employees to celebrate our achieved goals and great team-spirit
- Cooperate benefits and insurances
