We are the creators of checkmk, a leading open source monitoring software. We are a strong team of software developers, technicians, open source enthusiasts and nerds who are passionate about helping small and large companies run their complex IT infrastructures reliably. We are growing quickly both in our German home market and internationally.
As we want to secure our product and code, we are looking for a
Software Developer Security (m/f/d) / DevSecOps (m/f/d)
As a Software Developer Security (m/f/d) / DevSecOps (m/f/d) you support the team in all security aspects of Checkmk’s development. You are key to building our security operations functions and are responsible for a secure product.
- Make our product even more secure, e.g. coordinate our PEN tests, implement solutions based on potential findings in our software (i.e. code yourself), develop coding guidelines or standard development approaches to avoid repeat problems
- Make customer deployments more secure, e.g. by enhancing security by default, customer guidelines for secure set-ups, etc.
- Make our CI/CD pipeline and our software delivery process more secure
- Improve security in our development processes, e.g. through secure development guidelines/frameworks, secure development tooling, secure development awareness / training,
- Improve security-related processes, such as software component analysis, incidence response etc.
- You want and you can do more? Don’t worry, there are lots of other exciting tasks!
- You have a university degree in computer science, cyber security or another technical discipline or a professional education, for example as a system administrator
- You see security as your responsibility and have a passion for it
- You have at least 4 years of practical experience in the areas of IT security (including application security) or DevSecOps
- You have experience with offensive security testing (‘Red teaming’)
- You have experience in software development with Python (must), ideally you can also read C++
- You have experience in automation with GIT and Jenkins as well as handling the following tools: Web server apache2, nginx, Debian, Ubuntu.
- You have deep experience in security concepts (e.g. code analysis, binary formats, encryption)
- Having experience with security analysis tools is a plus (e.g. IDA, gdb)
- Beyond software coding and tooling you also have experience in establishing security related processes
- You are up-to-date with current threats in IT-security
- You have experience with agile methods, such as Scrum or Kanban
- You are pragmatic and results oriented
- Knowledge in IT infrastructure and application monitoring with open source or commercial software products is a plus
- Applicable Certifications i.e. Certified Ethical Hacker (CEH) and/or Certified Information Systems Security Professional (CISSP) are welcome
We are a dynamic, fast growing and easy-going company where positive collaboration is very important. We are more than just colleagues; we have a strong team and a great customer community. For us, high autonomy and flat hierarchies are not just words on paper, but everyday life. With us you don’t work as one of hundreds or on purely theoretical questions but have an immediate positive influence.
With our product, we make the lives of thousands of administrators easier and help them in coping with the increasing complexity of IT. Our customers love our product and your work helps to keep it that way!
- The chance to make a decisive impact and shape the future of a dynamic, fast growing tech company while growing with your tasks and responsibilities
- A agile team that embodies autonomy and fast decision making within flat hierarchies
- A product and company customers love
- A wide range of education and training opportunities
- Flexible and family-friendly working conditions
- An office in one of the most beautiful, central districts of Munich
- Regular events of all sorts in a familiar atmosphere
Interested? Then contact us now!
You can get insights about working@tribe29 at: www.kununu.com/de/tribe29 !
+49 (0)89 9982 097 64
We ask you to refrain from contacting (by mail, telephone and/or social media) by recruiting agencies, personnel service providers, consultants or other external service providers! Likewise, please refrain from unsolicited profile presentations!