Applications can only be submitted online via our portal. Please understand that we cannot consider applications that reach us by e-mail.
Job description
The Team – your impact
Our recently established Application Security Team is part of E.ON’s Cyber Security Unit. We provide oversight of application security practices, we work closely with other entities and units to enhance harmonization and standardization. Our main aim is to ensure application security is integrated into every step of the software development lifecycle (SDLC) and agile processes.

Your Role – meaningful & rewarding

• Support the development and roll out of the application security roadmap
• Work closely with development and operations teams to support and enforce security practices
• Provide guidance on initial threat modelling and identify threats early in the development lifecycle
• Closely collaborate with Technology Platform teams to integrate security tooling and processes in CI/CD pipelines
• Guide developers on secure coding practices and help fix identified vulnerabilities
• Execute application security training and awareness programs for developers

Your Profile – authentic & open-minded

• Track record in application security or software development
• Good experience with scripting languages
• Knowledge of common application security risks (e.g. OWASP Top 10) and how to mitigate them
• Understanding of application security activites e.g. secure coding, threat modeling, vunerability management
• Initial experience with application security tools like SCA, SAST, or DAST
• Fluency in German and English is mandatory

Our Benefits – smart & useful

• Enjoy flexibility: You can combine coming to the office and working from home flexibly. It’s even possible to go on workation for up to 20 days per year within Europe.
• Advance your development: We grow and we want you to grow with us. Learning on the job, exchanging with others, or taking part in an individual training – our learning culture enables you to bring your personal and professional development to the next level.
• Get connected: Take the opportunity to engage in our Digital Empowerment Communities for collaboration, learning, and network building.
• Recharge your battery: You have 30 days of paid vacation per year plus Christmas and New Year’s Eve off. Your battery still needs charging? You can exchange parts of your salary for more paid vacation or you can take a sabbatical.
• Elevate your mobility: From car and bike leasing offers to a subsidised Deutschland-Ticket – your way is our way.
• Think ahead: With our company pension scheme and a great insurance package we take care of your future.
• This is by far not all… We are looking forward to speaking with you about further benefits during the hiring process.

INCLUSION

It is important to us that people with disabilities have access to a fair application process, providing them with an opportunity to shine. Therefore, our representative body for severely disabled people will be included in the process from an early stage. Please let us know via the application form if you require technical or organisational adjustments during the application process. We will strive to make the required aids available.
Should you not be able to apply online and want to speak someone in person, please contact your local recruiter.
Type of contract:
Permanent contract
Employment type:
Full or part time
Work Model:
Hybrid
Company:
E.ON Digital Technology GmbH
Job number:
237780
Any questions?
The Talent Acquisition Team will be happy to answer any Questions you may have by E-Mail. We cannot consider applications by E-Mail. Thank you for your understanding.
As long as the position is advertised on our careers page, we are looking for suitable candidates (f/m/d). We look forward to receiving your application!
EDTTalentAcquisition@eon.com

• Support the development and roll out of the application security roadmap
• Work closely with development and operations teams to support and enforce security practices
• Provide guidance on initial threat modelling and identify threats early in the development lifecycle
• Closely collaborate with Technology Platform teams to integrate security tooling and processes in CI/CD pipelines
• Guide developers on secure coding practices and help fix identified vulnerabilities
• Execute application security training and awareness programs for developer