Application Security Engineer (m/f/d) in Berlin, Konstanz or Zurich

at  Knime Ag

DESCRIPTION

KNIME is growing rapidly and we’re seeking smart, motivated, and creative people up for the challenge of helping us achieve ambitious scaling goals while continuing to empower the active community. Right now, we are looking for an Application Security Engineer to join our team, based in Berlin, Konstanz, or Zurich.*

THAT’S THE JOB

We are looking for a software security specialist to set a high standard of security within all KNIME software products. This includes tasks such as:

• Raising awareness of software security within KNIME and specifically within the software development organization.
• Organizing internal training and workshops on software security topics. For example, leading a workshop on the OWASP Top Ten.
• Coordinating the usage and update of external libraries within KNIME software. This includes tracking CVEs and coordinating with product owners to push updates to affected libraries.
• Work closely with software architects to ensure software security best practices are followed.
• Periodically perform internal penetration testing of the KNIME Hub software and infrastructure.
• Coordinate external penetration testing including follow-up with product owners to ensure all discovered issues are tracked and fixed.
• Coordinate tracking KNIME-based CVEs and communicating CVE status to the customer care organization.
• Collaborate with corporate IT on issues of security, compliance, and certification.

ABOUT US

KNIME is a fast-growing international Enterprise Software company. At KNIME, we build innovative software to help individuals and organizations make sense of their data through an intuitive, visual approach to data analytics and through integrations to the most advanced data science and AI/ML techniques on the market. KNIME Software comprises two products: the free and open KNIME Analytics Platform which has an intuitive low-code, no-code interface that allows anyone from spreadsheet users to seasoned data scientists to analyze their data; and KNIME Business Hub, its commercial complement that allows for large-scale collaboration and dissemination of insights across an enterprise.

At the core, we are an open-source company, which requires KNIMErs often to challenge and rethink conventional commercial strategies and ensure that the user – whether free or commercial – is at the center of every decision being made. At KNIME, you’ll gain experience working with industry leaders in their field – KNIME is used by many Fortune 500 enterprise customers, across 50 countries.

• Though we are happy to have applicants from further away, we’re not offering relocation benefits for this position.

• Raising awareness of software security within KNIME and specifically within the software development organization.
• Organizing internal training and workshops on software security topics. For example, leading a workshop on the OWASP Top Ten.
• Coordinating the usage and update of external libraries within KNIME software. This includes tracking CVEs and coordinating with product owners to push updates to affected libraries.
• Work closely with software architects to ensure software security best practices are followed.
• Periodically perform internal penetration testing of the KNIME Hub software and infrastructure.
• Coordinate external penetration testing including follow-up with product owners to ensure all discovered issues are tracked and fixed.
• Coordinate tracking KNIME-based CVEs and communicating CVE status to the customer care organization.
• Collaborate with corporate IT on issues of security, compliance, and certification