Camunda - Senior Information Security Engineer
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• Ability and/or willingness to use our product. • Strong Java engineering and secure coding background, with substantial hands-on experience building and reviewing Java services, working in CI/CD environments, and shipping SaaS or other cloud-based applications securely. • Strong Java engineering and secure coding background • Secure SDLC, architecture & risk assessment experience, including secure design reviews, threat modeling for distributed/API/microservices systems, and performing risk assessments on product changes or new features. • Secure SDLC, architecture & risk assessment experience • Vulnerability management & security tooling expertise, with a proven track record of implementing and tuning SAST/DAST/SCA and container/image scanning, evaluating and triaging findings (including false positives), and driving fix/mitigate/accept decisions with engineering teams. • Vulnerability management & security tooling expertise • Cross-team collaboration & communication skills, enabling you to work effectively with Engineering, Support, Sales, and other stakeholders while explaining complex security issues and trade-offs in a clear, pragmatic way to both technical and non-technical audiences. • Cross-team collaboration & communication skills • Developer-centric, incident-savvy mindset, meaning you are comfortable managing and supporting security incidents and escalations, you see yourself as an enabler (not a gatekeeper), and you influence teams toward risk-based, practical security improvements. • Developer-centric, incident-savvy mindset • Nice-to-haves: • Experience developing in Python, JavaScript, or TypeScript in addition to Java. • Python, JavaScript, or TypeScript • Hands-on experience securing Kubernetes- or container-based workloads and modern cloud environments. • Kubernetes- or container-based • Prior work in a B2B software company, especially in high-availability or multi-tenant contexts. • Experience running security training, talks, or workshops for engineering teams • security training, talks, or workshops • This role is an existing vacancy • #LI-SG1 #LI-Remote C1 • What We Have to Offer: • location • United States: $143,800.00 to $231,900.00 • United Kingdom: £90,300.00 to £148,500.00 • Singapore: S$178,600.00 to S$267,900.00 • If you’re based elsewhere, you’ll be hired via Remote.com (our global employer partner), and your Talent Acquisition Partner will provide a personalized Total Rewards Calculator after your first interview. • Remote.com
Responsibilities
• Partner with engineering teams throughout the SDLC – from early design and architecture discussions, through implementation and testing, to deployment – to embed security by design in our products. • Partner with engineering teams throughout the SDLC • Lead and evolve our AppSec tooling and workflows by implementing, tuning, and integrating SAST, DAST, SCA, and container/image scanning into CI/CD pipelines, and making sure findings are actionable for developers. • Lead and evolve our AppSec tooling and workflows • Drive vulnerability management for our applications and supply chain, including triaging and prioritizing issues, coordinating with teams on fix/mitigate/accept decisions, and ensuring we continuously improve our security posture. • Drive vulnerability management for our applications and supply chain • Perform secure design and architecture reviews and threat modeling for distributed, API- and microservices-based systems, helping teams understand security trade-offs and make sound, risk-based decisions. • Perform secure design and architecture reviews and threat modeling • Support and help coordinate application-layer security incidents and escalations, working closely with Engineering, Support, and other stakeholders to investigate, contain, and learn from issues. • Support and help coordinate application-layer security incidents and escalations • Together with the rest of InfoSec team, help with security audits, customer assurance, and other processes
Benefits
• We offer competitive, fair, and transparent compensation. Salary ranges are location-based, with Standard and Major markets (global tech hubs) reflecting local competition. • The Annual Total Target Cash (base salary + 100% variable target, where applicable) shown below spans from the minimum in a Standard market to the maximum in a Major market. Final offers depend on skills, experience, and location, and we typically hire in the first half of the range to allow room for growth: • The Annual Total Target Cash • Equity: We also offer equity (where applicable) through our Virtual Stock Option Plan (VSOP). • Equity: • Virtual Stock Option Plan (VSOP) • We invest in your wellbeing, growth, and ability to connect, along with perks that support you no matter where you’re based. Our benefits are globally designed and locally delivered where applicable. • Remote & Flexible: Work from anywhere with the setup that suits you, home office budget, co-working space support, and flexible time off to recharge when you need it. • Remote & Flexible: • In Person Connection: We invest in meaningful face time through our Annual Kickoff (Vienna in 2025, Madrid in 2026!), team offsites, and Camundi Connection Budgets, including contributing to meetups while travelling,, and local gatherings with fellow Camundi. • In Person Connection: • Annual Kickoff • team offsites, and Camundi Connection Budgets • Health & Wellbeing: Access locally tailored healthcare, Modern Health for global mental wellbeing, and our Live Well Lifestyle Spending Account (LSA), a flexible, global benefit that puts you in control of your whole life, not just work, from: staying active, to caring for family, exploring personal passions, meaningful experiences, and investing in your financial wellbeing. The Live Well program launches in 2026 and scales to €1,000 annually from 2027. • Health & Wellbeing: • Modern Health • Live Well Lifestyle Spending Account (LSA), • staying active, to caring for family, exploring personal passions, meaningful experiences, and investing in your financial wellbeing. • €1,000 annually from 2027 • Financial Security: Retirement and pension plans (often with company contributions), plus life and disability insurance where relevant. • Financial Security: • Professional Growth: Up to $/€/£1,000 per year for self-driven learning: courses, certifications, books, you decide! • Professional Growth: • More of what we offer globally & in your country can be found here. • More of what we offer globally & in your country can be found
No credit card. Takes 10 seconds.