Cybersecurity Engineer - Cloud, Ops (human)
Aktuelle Original-Stellenanzeige
Quelle: StudySmarter Stellenbestand · Status: aktiv · Bewerbung über das zentrale StudySmarter-Formular.
Die ganze Ausschreibung von NEURA Robotics
Automatisch strukturiert · Originaltext unformatiert geliefert
Das ist der Job
Interfaces effectively with embedded security, certification, and external auditors.
Darum lohnt es sich
Bridge to Embedded Security: Align cloud threat models and security controls with the embedded cybersecurity team to maintain end-to-end integrity from robot controller to cloud backend.
Our Systems Engineering Department turns market demands into safe, certifiable, and competitive robot systems — spanning software, hardware, safety, and certification. Join us to shape the next generation of human-robot systems and find extraordinary opportunities at the intersection of security, compliance, and cutting-edge robotics.
Your Mission & Challenges Secure Cloud-Native Platforms: Secure cloud-native platforms (AWS EKS, Lambda, API Gateway, IoT Core, S3) via least-privilege IAM, network segmentation, secrets management, and policy-as-code (Terraform/AWS Organizations).
Own the AppSec Toolchain: Operate SAST (Semgrep/SonarQube), DAST (ZAP/Burp), SCA, and container/IaC scanning in GitLab CI/CD; extend coverage to Kubernetes manifests and supply chain.
Drive Vulnerability Management: Run risk-based vulnerability management: CVSS + exploitability rating, SLA-driven remediation tracking, and structured closure evidence for internal KPIs and regulatory reporting.
Perform Threat Modeling: Conduct STRIDE threat modeling across microservices, edge, and AI/ML inference pipelines; translate findings into architecture decisions. Support NIS2 Compliance: Own NIS2 Art. 21 measure documentation, incident notification workflows (24h/72h), and supply-chain security assessments for cloud dependencies.
Define Secure Coding Standards: Define and enforce secure coding and API standards (Python, TypeScript, C++; OAuth2/OIDC, JWT) and deliver developer-oriented remediation guidance embedded in engineering workflows.
Lead Secure Architecture Reviews: Lead secure architecture reviews for cloud-native and AI-adjacent systems; assess AI/ML pipeline security controls (SageMaker, Triton, ONNX) and model supply chain risks.
What We Can Look Forward To Education & Certification: Degree in Computer Science, Cybersecurity, or Software Engineering; OSCP or AWS Security Specialty is a differentiator. Track Record: 3–5 years in application or cloud security with demonstrated ownership of AppSec tooling and vuln management in a product environment — not advisory only.
Security Fundamentals: Hands-on command of OWASP Top 10/ASVS, cloud security posture (AWS preferred), and DevSecOps tooling (SAST, DAST, SCA) — not just theoretical. Vulnerability Management Process: Proven vuln management lifecycle: CVSS + exploitability triage, SLA-driven closure, and audit-ready documentation.
Regulatory Familiarity: Working knowledge of NIS2, EU CRA, ISO 27001, or IEC 62443; able to translate findings into compliance documentation for internal governance and external audit. Technical Skills: Python/Bash proficiency; hands-on with container and Kubernetes security, IaC scanning, and AWS governance tooling (Config, SCPs, GuardDuty).
AI/ML Pipeline Exposure: Exposure to AI/ML pipeline security (SageMaker, Triton, ONNX) and model supply chain risks is a significant differentiator. Collaboration & Communication: Communicates security risk clearly to engineering and management; written outputs audit-ready.
Bereit?
Bewerbung wird direkt an NEURA Robotics uebergeben - kein Konto noetig.
NEURA Robotics hat 10 weitere offene Stellen:
Wenn dir dieser Job gefällt, schau dir auch an:
Andere Stellen auf der Karte
7 weitere bei NEURA Robotics · 6 ähnliche im Umkreis von ~50 km — Klick auf einen Marker für die Details.