Codesphere logo

Senior Security and Compliance Engineer (m/f/d)

Posted about 23 hours ago

RemoteMunichSE

About Codesphere

Codesphere is a Virtual Cloud Provider from Germany building the future of sovereign cloud infrastructure. Our platform gives enterprises and governments full sovereignty without giving up modern cloud capability – a vision recently validated by a series of multi-million European government tenders.

Since our founding in Karlsruhe in 2020, we’ve expanded into an international team of 60+ experts. Based in Karlsruhe and Munich and backed by top-tier investors, we are chasing a bold vision.

We’re scaling fast and would love for you to join us and grow alongside us πŸš€

About the role

Codesphere runs cloud infrastructure that enterprises and governments depend on – security is not an afterthought, it's a foundation. As a Senior Security & Compliance Engineer (m/f/d), you own the security posture of our platform: from vulnerability management and incident response to compliance frameworks and developer enablement.

What you'll drive

  • You conduct security assessments, penetration testing, and vulnerability scanning – and drive remediation with development teams

  • You manage security scanning tooling (DAST/SAST) and perform security code reviews

  • You design and implement security controls across our full technology stack, defining and enforcing standards for development, infrastructure, and data

  • You integrate security into our CI/CD pipelines and development processes – Shift Left and DevSecOps in practice, not just on paper

  • You develop and maintain our Security Incident Response Plan, monitor security logs via SIEM, and lead forensic analysis when needed

  • You ensure compliance with relevant standards and regulations – including GDPR and ISO 27001

  • You manage IAM systems with a least privilege approach

  • You develop and deliver security awareness training for the whole company – and specialised secure coding training for engineering teams

What makes you a great fit

  • 5+ years in a security engineering or similar role, ideally in a cloud or SaaS environment

  • Hands-on experience with penetration testing, vulnerability management, and DAST/SAST tooling

  • Solid understanding of DevSecOps principles and CI/CD security integration

  • Familiarity with SIEM tools, incident response, and forensic analysis

  • Knowledge of relevant compliance frameworks – GDPR, ISO 27001, and ideally BSI IT-Grundschutz

  • Strong communicator – able to translate security risks into clear guidance for both technical and non-technical audiences

  • Fluent in English; German is a strong plus given the nature of our compliance landscape

    Β 

What's in it for you

  • 30+ vacation days – including Christmas Eve and New Year's Eve, adding up to 32 days per year

  • Meal allowance – up to 15 digital meal vouchers per month, worth up to €7.67 each

  • Flexibility – hybrid work setup with mobile work options and flexibility around core hours

  • Steep learning curve – fast-moving environment, real ownership, and a front-row seat to scaling a company

  • Job-Rad – lease a bike through us, tax-free

  • Gym access – stay active on site (Karlsruhe office only)

  • Employee events – from team offsites to regular get-togethers

  • Company pension scheme – company-supported pension to set you up for later

  • Great public transport links – both offices are within walking distance of tram and metro stops

Job details
Workplace
Remote
Location
Munich
Experience
SE

Full Infrastructure Autonomy & Patented Deploy Tech for Enterprises

Key team members

Michael Zips

Michael Zips

Auke van Urk

Auke van Urk

Christophe Attias

Christophe Attias

Carl Fritjofsson

Carl Fritjofsson

Apply smarter with Jobr

Jobr aggregates jobs directly from company career portals β€” no middlemen. Our team applies on your behalf with AI-tailored resumes, reviewed by a human before submission.

Direct from company career pages
AI-personalised cover letters
Human review before every submit
Application tracking & follow-ups