11 days ago
Berlin, GermanyMid Level / Senior
H1B Sponsor
Responsibilities
- Implement and collaborate on product security features.
- Mature and extend the DevSecOps pipeline.
- Detect, defend, and respond to threats to Cresta and its customers.
- Support SOC 2 Type II, ISO 27001 & 27701, PCI-DSS, TISAX and HIPAA audit processes with technical controls and evidence.
- Perform security audits of Cresta’s products and cloud infrastructure and drive remediation of security risks.
- Improve and monitor Cresta’s vulnerability management program to ensure monitoring and mitigation of known vulnerabilities.
- Develop internal tooling and automation.
Requirements
- 4+ years of experience in application security engineering and cloud security (AWS/GCP).
- Security domain knowledge across many cybersecurity disciplines.
- Experience in static code analysis and remediation.
- Experience in security operations (SOC) and incident response.
- Working knowledge of Python and Go for developing product security features.
- Experience managing competing efforts and requirements.
- Experience with fast-growing SaaS start-ups.