Back to jobs

Senior Product Security Engineer (f/m/d)

www.apaleo.com

Apaleo's API-first property management platform empowers accommodation providers to design a technology stack that creates unique digital guest & staff experiences. The Apaleo Store enables integrations to hundreds of apps to streamline operations, enhance the guest journey and maximize revenue.

Our open platform consists of 35+ microservices that communicate mainly via Kafka. We also use bleeding edge technologies: .NET, Amazon SQS, PostgreSQL, Terraform, DataDog, Docker, and deployment ECS.

At Apaleo, you will work on building a great product and see it in action, helping customers all over the world to have the best digital environment that fits their needs. Are you up for the challenge? We’re looking for a Senior Product Security Engineer (f/m/d) to join our team!

What You’ll Be Up To:

  • Implement security control that prevents misconfigurations of cloud resources, and security observability of best practices about cloud infrastructure;
  • Write efficient, maintainable and testable code;
  • Leverage your knowledge to conduct reviews, threat modelling and code reviews on applications and relevant supporting services and tools;
  • Implement security services, automation, and monitoring tools to protect Apaleo services: ranging from CI pipelines and ending with security checks in production environments to production microservices that enforce security;
  • Create relevant documentation and metrics for your stakeholders and business leaders, and deliver these in a clear, concise manner;
  • Develop innovative and scalable tools, solutions, and processes to detect security threats and threats to data security;
  • Participate in security operations, responding to security incidents and providing security expertise for Apaleo customers and internal stakeholders;
  • Proven track record of experience with AWS and container orchestration. Experience with ECS would be a plus;
  • Experience with any paradigm of Infrastructure-as-Code (IaC), preferably Terraform.

Your Skills:

  • BS in Computer Science, Information Security, or equivalent professional experience;
  • More than 5 years of experience in areas such as application security, offensive security, systems security, and/or incident response;
  • Strong debugging and problem-solving skills;
  • A clear understanding of the balance between security and user friction;
  • Understanding of security vulnerabilities, threat modelling, attacker exploit techniques, and methods for remediation;
  • Understanding of best practices in security engineering, including secure development, cryptography, security operations, systems security, policy, and incident response;
  • Excellent English written and verbal communication skills and the ability to adapt messaging to executive, technical, and non-technical audiences;
  • Communicated to stakeholders, providing advice on vulnerability remediation and risk mitigation;
  • Mentored engineering team members on the application of security best practices during the conceptualization and implementation of new Apaleo features;
  • Knowledge of at least one programming language and scripting skills (C#/.Net);
  • Experience with the implementation of security tools and practices in modern, cloud-native environments for customer-facing web-based applications.

We offer:

  • A key role in one of the most promising international start-ups in the hospitality industry, located in the heart of Munich;
  • A diverse team of motivated and international experts from various disciplines and backgrounds;
  • Fair compensation with a transparent peer review and career progression plan;
  • Flexible and free choice of work location + we support remote work;
  • Team events: team-events, dinners, meet-ups, Oktoberfest;
  • 30 vacation days per year;
  • Free public transportation inside the city of Munich.

What You Will Get From Us:

At Apaleo, you will join a thriving work environment, a start-up in the hotel industry located in Munich, with an international team. You will be a part of an exciting, open, and agile team, where your voice matters and has a company-wide impact. We create a highly attractive product that enables us to see the inspiring materialised end result. We are committed to building a diverse and inclusive environment for everybody: our team is composed of more than 20 nationalities, with different backgrounds and perspectives.

*We are an Equal Opportunity and Affirmative Action Employer, who encourages applications from all qualified individuals without regard to color, race, religion, gender identity, sex, gender expression, national origin, age, marital status, disability, or other non-work-related factors.

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf

Preferred Pronoun *
GDPR Acknowledgement *

This notice is to notify you that personal data about you has been collected by apaleo GmbH (“Controller”), which is located at Dachauerstr. 15 A 80335 Munich, Germany, and can be contacted by emailing careers@apaleo.com because Controller wishes to evaluate your candidacy for employment at Controller. Your personal data was either obtained from publicly available sources (e.g. LinkedIn) or provided to Controller by someone who referred you for potential employment. Controller’s data protection officer is Andrea Ziegelmüller, who can be contacted at privacy@apaleo.com. Your personal data will be processed for the purposes of managing Controller’s recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under Art. 6(1)(f) of Regulation (EU) 2016/679 (General Data Protection Regulation) as necessary for the purposes of the legitimate interests pursued by the Controller, which are the solicitation, evaluation, and selection of applicants for employment.

Your personal data has been shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by Controller to help manage its recruitment and hiring process on Controller’s behalf. Accordingly, if you are located outside of the United States, your personal data has been transferred to the United States. Because the European Union Commission has determined that United States data privacy laws do not ensure an adequate level of protection for personal data collected from EU data subjects, the transfer was subject to appropriate additional safeguards:

Greenhouse Software, Inc. (“Greenhouse”) and Controller have signed a Data Processing Agreement which incorporates the Standard Contractual Clauses as approved by the European Commission pursuant to its decision 2021/914 of 4 June 2021 for the transfer of personal data to processors incorporated outside of the EEA to any country not recognized by the European Commission which do not ensure an adequate level of data protection.

For more information about Greenhouse Software Inc. please check out:

https://www.greenhouse.io/privacy-policy

https://www.greenhouse.io/security

To read more about the GDPR compliance with apaleo please check out: https://apaleo.com/gdpr/

Please contact careers@apaleo.com for any questions you may have.

Your personal data will be retained by Controller as long as Controller determines it is necessary to evaluate your application for employment.  Under the GDPR, you have the right to request access to your personal data, to request that your personal data be rectified or erased, and to request that processing of your personal data be restricted. You also have to right to data portability. In addition, you may lodge a complaint with an EU supervisory authority.