Platform Security Lead at Base Cyber Security
Hamburg, , Germany -
Full Time


Start Date

Immediate

Expiry Date

30 Sep, 25

Salary

0.0

Posted On

01 Jul, 25

Experience

4 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

No

Skills

Information Systems, Information Security, Iso, Mitigation, Application Testing, It, Computer Science, Owasp, Risk Modeling, Secure Coding, Communication Skills

Industry

Information Technology/IT

Description

We are on the lookout for a seasoned professional to step into a key leadership role in platform security. This position is central to strengthening the security foundations of our digital ecosystem, working closely with cross-functional teams to embed security at every stage of the development lifecycle. You will be the primary advocate for security-focused practices and play a strategic role in shaping how security is approached across our platforms and services.
As the lead for platform security initiatives, your focus will be on anticipating potential threats, reducing risks through design, and promoting secure development principles. This role bridges the technical and the organizational, demanding both hands-on expertise and the ability to influence teams and stakeholders at various levels.

Key Requirements

  • A degree in a relevant technical discipline (e.g., computer science, cybersecurity, information systems) or comparable experience from a technical role
  • At least four years of direct involvement in information security or IT with a proven track record in a leadership or autonomous role
  • Hands-on experience with modern security practices across multiple domains such as cloud infrastructure, application development, and enterprise environments
  • Familiarity with risk modeling and threat analysis techniques like STRIDE, MITRE ATT&CK, or equivalent
  • Solid understanding of security standards and controls (e.g., NIST, OWASP, ISO, CIS)
  • Working knowledge of secure coding, application testing, and mitigation of common software vulnerabilities
  • Experience with securing containerized and microservice-based architectures
  • An understanding of relevant compliance obligations and data protection standards
  • Fluent communication skills and the ability to explain complex security matters to a non-technical audience
  • Willingness to work in a flexible, hybrid setup with regular presence on-site in northern Germany

Core Competencies

  • Security Leadership: Confidence and clarity in leading discussions, setting expectations, and guiding others toward secure outcomes
  • Strategic Thinking: Ability to evaluate the broader impact of technical decisions and anticipate long-term security implications
  • Collaboration: Skilled in working across departments—especially with developers, system architects, and operational teams—to implement practical security solutions
  • Problem Solving: Comfortable navigating complex technical environments and providing tailored security recommendations
  • Communication: Adept at translating technical findings into actionable business terms for decision-makers
  • Initiative: Proactive mindset with a focus on continuous improvement, research, and keeping up with emerging threats and technologies

Preferred Attributes

  • Certifications such as CISSP, CISM, or equivalent are considered an asset
  • Familiarity with DevSecOps practices and integrating security into CI/CD pipelines
  • Previous experience working in large-scale digital environments or organizations with complex technical stacks
  • Passion for mentoring or sharing knowledge with peers in the security or engineering communities
  • Exposure to international regulations and security considerations in global organizations

Relevant terms: platform security, cybersecurity, information security, DevSecOps, threat modeling, MITRE ATT&CK, STRIDE, PASTA, risk assessment, vulnerability management, secure software development, application security, cloud security, microservices security, OWASP, ISO 27001, ISO 27017, NIST framework, CIS benchmarks, CVSS scoring, security architecture, penetration testing, code review, security compliance, data protection, hybrid work model, secure coding practices, security awareness, risk management, security policies, enterprise security, web application security, mobile security, security standards, secure infrastructure.
Base Cyber Security assists organizations in building knowledge and capabilities in the field of information security. Supporting organizations in forming robust infosec teams or finding the right cybersecurity experts to meet the organization’s needs is a significant part of our mission.
We collaborate with security professionals on a global scale for information and cybersecurity positions and projects throughout Europe. Whether you’re at the beginning of your career in information security, seeking advice for your career path, or looking for guidance on continuous self-development and decision-making, we are here to help and would love to connect with you!
If you haven’t registered yet, make sure to do so now! Send us your details at professionals@basecybersecurity.com and follow us on X/Twitter @BaseCyberSec to stay updated on our activities and relevant information. By registering yourself in our security community and expressing interest in a specific role, project, or team, you expressly grant us permission to use your data, collected and processed by Base Cyber Security in an ethical and discreet manner, and where necessary, in compliance with the General Data Protection Regulation (GDPR)

Responsibilities

Please refer the Job description for details

Loading...