IT Security Engineer (f/m/d) in the Tech and Data Team
Here's the deal
We are the Tech & Data team, consisting of system operators and software engineers, working in an agile environment. We are supported by coaches, product owners and project managers.
Thomann.de, the world’s biggest retailer of musical instruments and equipment is growing and evolving. And to put this growth on a solid foundation we need you, an IT Security Engineer (f/m/d).
Who we are
For the current opening, you'll be embarking on an exciting journey as the pioneer in building our Security Unit. While you won't have an existing team, you'll have the full support of our Director Technology, Daniel, and our entire Tech Leadership Team. Together, we'll work to shape the future of our security initiatives, ensuring the safety and integrity of our systems and data.
Join us in this incredible endeavor to enhance security and safeguard our digital realm. Your role will be pivotal in fortifying our digital landscape, and we can't wait to welcome you aboard.
Let's build a secure future together!💪
Who will you work with?
- Operations
- Engineering
- Product Owners
- Leadership
- Compliance / Data Protection Office
- System Architects
- ...
Here’s what you’ll be doing
Spearhead the development and implementation of security standards at Thomann(.io).
Your role includes aligning our security strategy with the broader technology strategy.
Provide unwavering support and guidance to our teams, offering expert insights on security matters as they navigate their projects.
You're vigilant in analyzing and monitoring potential security threats, ensuring that our digital realm remains protected and resilient.
Your commitment to security is unwavering. You diligently oversee adherence to best security practices.
Your goal is to heighten threat awareness across all departments, fostering shared vigilance.
Orchestrate and conduct security audits, meticulously organizing assessments to safeguard our digital infrastructure.
What you should bring to the table
Minimum of 5 years in Information Technology experience, with at least 2 years in a cybersecurity role.
Knowledge of internet security issues and threat landscape.
Solid problem-solving skills with the capacity to identify and analyze security vulnerabilities.
Good knowledge of running automated security tests and the toolchain to do so.
Basic knowledge of Kubernetes, GCP, and a language like PHP, Python, or Go are a plus.
Relevant professional certifications (like CISSP, GSEC, etc.) are a plus.
You are fluent in German (B2) and English (C1).
Our Tech Stack
Shop-Backend: We have migrated to PHP 7.4 and are already looking forward to PHP 8. We take full responsibility for our framework and adhere to established standards (e.g. PSR) during development.
Frontend: We use React on the client side and Twig on the server side. We use "LESS" as a CSS preprocessor.
We build and transpile everything our frontend needs using Webpack and Babel.
With Docker and Openshift, we are on our way to a container future, making the port of Hamburg look weak.
We are currently working on moving our infrastructure to space, or at least to the cloud (GCP)
MySQL, Memcached & Solr provide our customers with reliable and fast data.
What we have to offer
Flexible working hours and location, with the option to go into the office (fully-remote possible)
13th salary in November
Further training opportunities with clear development paths for your career
Thomann.de employee discount
Personal work equipment according to your wishes and regarding your role
Regular team events
English or German language courses
1:1 sessions with an external coach, for professional development
Urban Sports Club discount
and more! Check out our Handbook
We value inclusion and diversity
We pride ourselves on being an inclusive employer that creates a welcoming atmosphere, and value diversity in our teams. We do not make judgements based on ethnicity, nationality, age, marital status, gender identity, sexual orientation, disability status, or religion.
Want to start immediately
Our application process
1. Getting to know you
The first interview with one of our talent acquisition managers helps both of us to see if our ideas and values match.
2. Technical interview
You'll get to know a part of our team and get a chance to score with technical knowledge. In addition, you can ask anything you want to know.
3. Tryout task & debriefing
You'll receive a task that would fit your new role. You'll be asked to prepare the task either at home or live with some of our team members. Afterwards, there will be a debriefing with team members from your future department.
4. Leadership interview
Last, you'll get to know some team members of our leadership community. If this is a fit, too, you'll receive an offer from us.
Got any of dem benefits?
