Security Application Engineer (m/f/d) 80-100%

About the job

Security Application Engineer (m/f/d) 80-100%

Metrohm AG is a leading company in instrumental chemical analysis. Our more than 3,000 employees worldwide develop, produce, sell and maintain highly precise measuring instruments for chemical analyses in laboratories and industrial manufacturing processes. We are present in over 100 countries with our own subsidiaries or exclusive representatives.

For more than 15 years, we have consistently relied on agile methods in software development. To strengthen the development of our OMNIS software in an international environment, we are looking for a Security Application Engineer (m/f/d) 80-100% at our headquarters in Herisau/CH.

Your tasks

• As part of our SecDevOps team, you enable the delivery of security-high-quality software
• You are responsible for the integration and fine-tuning of security measures in CI/CD pipelines (e.g. by integrating SAST, DAST and SCA tools) and the implementation of security-relevant core mechanisms in our OMNIS software
• You regularly conduct security assessments, including architecture and code reviews as well as threat modelling
• You plan and carry out comprehensive penetration tests as well as vulnerability and fuzzing scans
• You support the triage and prioritisation of vulnerabilities
• You contribute to the development of security policies and guidelines (e.g. secure coding principles, security control blueprints)
• As a security expert, you pass on your knowledge to the development teams

Your profile

• You have a higher education or further training in computer science and are familiar with agile methods and tools
• You have a solid understanding of common vulnerabilities (e.g. OWASP Top 10)
• You possess a very good understanding of current security best practices in the software development lifecycle to integrate security at every phase
• Your good knowledge of .NET enables you to read, understand and identify security gaps in code
• You have practical experience with security testing tools (e.g. Burp Suite, ZAP)
• Security certifications such as CISSP, CSSLP, CASE, CEH, GPEN, GWPT, BSCP, OSCP, GPEN, GPWT, OSWE or comparable are advantageous
• You enjoy working in a team, exchanging know-how and bring a high quality awareness
• You can communicate fluently in German and English

We offer

• An exciting working environment in a modern, well-structured agile organisation with more than 10 Scrum teams at 3 locations in Europe
• New premises designed for agile teams, state-of-the-art work equipment and motivated, well-coordinated Scrum teams
• A good working atmosphere, the possibility of home office and above-average social benefits

Note

Applications from personnel service providers cannot be considered for this position.

Are you interested? We look forward to your application.

If you have any questions about this position, Ms Christine Manser, HR Business Partner, Tel. +41 71 353 85 36, will be happy to assist you.