Security and Compliance Engineer (m/f/d) - Developer Platform

Your Mission We're building a modern Internal Developer Platform (IDP) to enable secure, scalable, and efficient software delivery — and security & compliance is a first-class concern from day one.As Security and Compliance Engineer in our Platform team, you'll be responsible for designing, implementing, and evolving the security architecture of our IDP. Your focus will be on embedding security into the entire Software Development Lifecycle (SSDLC), enabling secure-by-default development practices, and advancing our Zero Trust approach across infrastructure, tooling, and pipelines.You’ll collaborate closely with platform, infrastructure, compliance and application teams to ensure that security and regulatory is not a bottleneck — but an enabler for safe, fast, and autonomous development.Our Stack & Environment We’re building a secure, reproducible, and developer-friendly platform based on:Nix / NixOS – declarative, reproducible system configurationRust – used for backend toolingTerraform – Infrastructure as CodeGitLab – CI/CD and code lifecycle managementOpenStack + Kubernetes + GitOps – our runtime and delivery foundationOpenTelemetry + Grafana Stack (LGTM) – observabilityPolicy-as-code, Secrets Automation, and Security-as-Code everywhereWhat You'll DoDesign and implement security architecture for our Internal Developer PlatformDrive adoption of Zero Trust principles across platform components, networks, identities, and servicesEmbed security and compliance into the SSDLC: from code scanning, SBOM generation, and policy-as-code, to runtime and product hardeningDevelop and enforce security automation, compliance checks, and guardrails as part of CI/CD pipelines and infrastructure-as-codeSupport the implementation of fine-grained IAM, secrets management, and secure service-to-service communicationCollaborate with developers and platform engineers to design secure golden paths and self-service toolingDefine, track, and report on key security metrics, risk levels, and compliance postureStay on top of emerging threats, vulnerabilities, and security best practices — and translate them into actionable improvementsWhat You BringSeveral years of experience in Security Engineering, Platform Security & Compliance, or DevSecOpsStrong understanding of cloud-native architectures, container security, and security automation as well as regulatory requirementsHands-on experience with CI/CD pipelines, infrastructure-as-code, and Kubernetes securityFamiliarity with Zero Trust Architecture, including identity-based access, service mesh, and network segmentationHands-on experience with tools such as Policy-as-code engines (e.g. OPA/Gatekeeper, Conftest)Knowledge of modern software supply chain security — e.g., SBOMs, SLSA, Sigstore, SAST/DASTExperience with secrets management (Vault, Sealed Secrets, External Secrets), policy engines (OPA/Gatekeeper), and observability toolingCoding/scripting ability in Python, Go, or Rust is a plusClear communication skills and a collaborative mindset — you can work across teams and disciplinesWhat We OfferA unique opportunity to shape platform security from the ground upFull ownership and real impact in a technically ambitious environmentA strong focus on automation, reproducibility, and secure-by-default engineeringCollaboration with experienced platform and product engineersRemote work options, flexible hours, and modern toolsGet in touch with us secunet Security Networks AG Frau Nicole Schulz Kurfürstenstraße 58 45138 Essen Phone: +49 201 5454-0If you are keen to work for a leading company of cyber security in a fair and trusting environment you should immediately get in touch with us. We're looking forward to your application containing your notice period, your salary expectations as well as the job ID 3328/F.#J-18808-Ljbffr