Penetration Tester

Penetration Tester Location: Frankfurt Our client is a large international organisation seeking a Penetration Tester to join their information security team. You will join the information security team, helping to ensure products and projects are delivered securely. Key Responsibilities: Plan, execute and track penetration tests, evaluating findings and proposing mitigation actions. Produce clear test reports and maintain statistics for reporting and tracking purposes. Provide technical support to security functions including SOC, risk management and architecture. Coordinate activities such as bug bounties, SAST, DAST, audits and vulnerability scanning. Contribute to secure coding training and awareness initiatives. Serve as the internal point of contact for all penetration testing queries and follow up on findings. Your Profile: Degree in Computer Science, Business Informatics or equivalent IT experience. At least 3 years of hands-on penetration testing experience. Solid understanding of the cyber threat and vulnerability landscape. Certifications such as CompTIA PenTest+, CEH, GPEN or OSCP are advantageous. Self-driven and results-oriented, with the ability to work independently. Advanced English proficiency; additional languages are a plus.

Security Engineer Team Lead Location: Berlin, Germany Our client is seeking an experienced security engineering leader to build and drive a high-performing, delivery-oriented security team. You will take ownership of security across multiple products, bridging engineering, product, and information security to create measurable impact. Key Responsibilities: Build and lead a cross-functional security engineering team, fostering a modern, delivery-oriented culture among engineers and embedded security champions. Ensure each core product has a defined security owner, with backlogs that are transparently planned, prioritised, and consistently executed. Own end-to-end security backlog management - consolidating findings from audits, tooling, and external reports into well-structured tickets across relevant project boards. Drive a Kanban-based workflow and champion cross-product improvements including reusable patterns, shared templates, and strategic refactoring. Collaborate with Product Owners, Tech Leads, Engineering Management, and the Information Security function, reporting to senior stakeholders and keeping security progress, risks, and capacity visible and measurable. Requirements: 5+ years in software development, application security, or a comparable technical field, with at least 2–3 years in a lead role spanning multiple teams or products. Degree in computer science, IT security, software engineering, or a related STEM discipline. Hands-on experience with Jira or similar ALM tools, and strong familiarity with Kanban, CI/CD, secure SDLC, and common security tooling. Fluent German and English (written and spoken), comfortable engaging technical and non-technical stakeholders at all levels. Structured, pragmatic, and organised, with strong communication skills and the ability to influence and drive change without formal authority. What's on Offer? Hybrid working model. In-house academy and external learning partners to support your growth. On-site canteen with fresh daily meals and a fully equipped fitness centre with weekly classes. Corporate benefits, job bike scheme, company pension, and regular team events.

Cloud Security Expert  Location: Frankfurt A role that inspires you Join a forward-looking organisation as Cloud Security Expert within the Second Line of Defence. In this independent oversight function, you will assess, challenge, and strengthen cloud security frameworks, ensuring that cloud environments are resilient, compliant, and aligned with enterprise-wide risk governance standards. Key Responsibilities: Act as a Second Line of Defence function providing independent oversight of cloud security risks. Define and maintain cloud security policies, standards, and control frameworks. Conduct independent risk assessments of cloud architectures, configurations, and deployments (e.g. AWS, Azure, GCP). Review and challenge First Line cloud implementations and security controls. Assess risks related to identity and access management, data protection, encryption, and network security in cloud environments. Ensure alignment with regulatory and cybersecurity requirements. Establish monitoring, reporting, and escalation mechanisms for cloud-related risks. Support incident oversight and review root-cause analyses from a governance perspective. Provide expert guidance and training on secure cloud adoption practices. Your Profile: Degree in computer science, cyber security, or a related technical discipline. Several years of experience in cloud security, cyber risk, or security governance. Strong knowledge of major cloud platforms (AWS, Azure, or GCP) and cloud security principles. Experience with security frameworks and control standards (e.g. ISO 27001, NIST, CIS). Familiarity with regulatory requirements in regulated environments is advantageous. Analytical mindset with the ability to independently assess and challenge technical implementations. Strong communication and stakeholder management skills. Fluent English skills; German is an advantage. What’s on Offer? A high-impact Second Line role with organisation-wide visibility. Opportunity to shape cloud security governance and risk oversight. Collaboration with technical and risk teams in a modern cloud-driven environment. Long-term development within a strategically important security function.

AI Security Expert Location: Frankfurt A role that inspires you Join a forward-thinking organisation as AI Security Expert within the Second Line of Defence. In this independent oversight role, you will define and challenge the security standards for artificial intelligence solutions, ensuring robust risk governance and regulatory compliance while enabling responsible AI innovation across the organisation. Key Responsibilities: Act as a Second Line of Defence function providing independent oversight of AI security risks. Define and maintain security standards and control frameworks for AI and machine learning systems. Conduct independent risk assessments covering AI models, data pipelines, and algorithmic integrity. Review and challenge First Line implementations regarding AI-related security controls. Assess risks such as model manipulation, data poisoning, adversarial attacks, and misuse scenarios. Ensure alignment with regulatory requirements (e.g. AI Act, GDPR, cybersecurity frameworks). Establish monitoring and reporting mechanisms for AI-related security risks. Provide expert guidance and training on secure and compliant AI development practices. Your Profile: Degree in computer science, cyber security, AI, or a related technical discipline. Several years of experience in cyber security, risk management, or governance, with exposure to AI environments. Strong understanding of AI security risks and regulatory developments. Experience in control frameworks, risk methodologies, or oversight functions is an advantage. Analytical mindset with the ability to assess and challenge complex technical implementations. Strong stakeholder management and communication skills. Fluent English skills; German is an advantage. What’s on Offer? A high-impact Second Line role at the intersection of AI, security, and risk governance. Opportunity to shape AI security standards at organisational level. Collaboration with technical and risk experts in an innovation-driven environment. Long-term development in a rapidly evolving technology domain.