Skip to main content

Senior Security and Compliance Engineer (m/f/d)

Job Description

About Codesphere

Codesphere is a Virtual Cloud Provider from Germany building the future of sovereign cloud infrastructure. Our platform gives enterprises and governments full sovereignty without giving up modern cloud capability – a vision recently validated by a series of multi-million European government tenders.

Since our founding in Karlsruhe in 2020, we’ve expanded into an international team of 60+ experts. Based in Karlsruhe and Munich and backed by top-tier investors, we are chasing a bold vision.

We’re scaling fast and would love for you to join us and grow alongside us 🚀


About the role

Codesphere runs cloud infrastructure that enterprises and governments depend on – security is not an afterthought, it's a foundation. As a Senior Security & Compliance Engineer (m/f/d), you own the security posture of our platform: from vulnerability management and incident response to compliance frameworks and developer enablement.


What you'll drive

  • You conduct security assessments, penetration testing, and vulnerability scanning – and drive remediation with development teams

  • You manage security scanning tooling (DAST/SAST) and perform security code reviews

  • You design and implement security controls across our full technology stack, defining and enforcing standards for development, infrastructure, and data

  • You integrate security into our CI/CD pipelines and development processes – Shift Left and DevSecOps in practice, not just on paper

  • You develop and maintain our Security Incident Response Plan, monitor security logs via SIEM, and lead forensic analysis when needed

  • You ensure compliance with relevant standards and regulations – including GDPR and ISO 27001

  • You manage IAM systems with a least privilege approach

  • You develop and deliver security awareness training for the whole company – and specialised secure coding training for engineering teams


What makes you a great fit

  • 5+ years in a security engineering or similar role, ideally in a cloud or SaaS environment

  • Hands-on experience with penetration testing, vulnerability management, and DAST/SAST tooling

  • Solid understanding of DevSecOps principles and CI/CD security integration

  • Familiarity with SIEM tools, incident response, and forensic analysis

  • Knowledge of relevant compliance frameworks – GDPR, ISO 27001, and ideally BSI IT-Grundschutz

  • Strong communicator – able to translate security risks into clear guidance for both technical and non-technical audiences

  • Fluent in English; German is a strong plus given the nature of our compliance landscape

     

What's in it for you

  • 30+ vacation days – including Christmas Eve and New Year's Eve, adding up to 32 days per year

  • Meal allowance – up to 15 digital meal vouchers per month, worth up to €7.67 each

  • Flexibility – hybrid work setup with mobile work options and flexibility around core hours

  • Steep learning curve – fast-moving environment, real ownership, and a front-row seat to scaling a company

  • Job-Rad – lease a bike through us, tax-free

  • Gym access – stay active on site (Karlsruhe office only)

  • Employee events – from team offsites to regular get-togethers

  • Company pension scheme – company-supported pension to set you up for later

  • Great public transport links – both offices are within walking distance of tram and metro stops

Optimize Your Resume for This Job

Get a match score and see exactly which keywords you're missing

Optimize Resume

Job Details

Department
Security
Category
Security
Employment Type
Full Time
Location
Munich, Germany (Hybrid)
Posted

About Codesphere

Codesphere transforms deployment into a developer-centric self-service experience, reducing time-to-market and costs. It eliminates the wall by enabling developers to manage their own infrastructure needs end2end. On Codesphere you can deploy anything from simple frontends to multi service production landscapes and LLMs. Includes zero config autoscaling, replicas and managed services.

Found this role interesting?

Senior Security and Compliance Engineer (m/f/d)
Codesphere
Apply