Security Engineer

O projekcie: Join a team that's building the core digital infrastructure for a leading German health-tech platform. Our client pioneered the country's first digital sick note and has since become a trusted provider of digital care services. We’re looking for a hands-on Security Specialist who doesn’t just “advise”, but actually helps shape how security is built into the architecture, code, and infrastructure. You should be comfortable working test-first, doing careful, low-risk refactors, and using patterns only when they genuinely help (not because “it’s best practice”). We're looking for someone to join ASAP! :) Our perks - work environment with zero micromanagement - we cherish autonomy - 100% remote work, recruitment & onboarding - experienced team from 4 to 15+ years in commercial projects - unique memes& pets channel - private medical insurance and sports card - we want you to join our team. We are neither the agency giving you projects from time to time, nor huge corporation where you are a "dev XYZ". At Idego - you matter! Wymagania: - You’ve actually done app and/or cloud security in real systems (not just read about it). - You’re comfortable with Kubernetes and GCP. - You know API security well – OWASP API & Mobile Top 10 shouldn’t be new to you. - You have experience securing Node.js / TypeScript backends. - You can work independently, spot problems early, and just take ownership without being pushed. Nice to have: - Certifications: CISSP, CKS, CCSP, OSCP Codzienne zadania: - Conducting practical penetration tests (Node.js/TypeScript, API, iOS/Android) using tools such as Burp Suite - Identifying and remediating vulnerabilities (e.g., authorization bypass, injection, deserialization flaws) - Defining and implementing secure API standards (JWT/OAuth, TLS/mTLS, validation, rate limiting, CORS) - Hardening infrastructure (Kubernetes/GCP, Postgres, Redis/BullMQ) and securing mobile applications - Creating and continuously improving Secure SDLC practices (threat modeling, code reviews, SAST/DAST in CI/CD) - Implementing automated monitoring (eBPF, Falco) and supporting incident response - Collaborating on GDPR, ISO 27001, and SOC 2 initiatives - Write clean, testable code that's easy to understand and maintain across our products