Application Security Engineer - REWE digital GmbH

Key Responsibilities

• Design, implement, and maintain security controls for web and mobile applications.
• Perform threat modeling, code reviews, and penetration testing to identify and remediate vulnerabilities.
• Integrate security into CI/CD pipelines, automating scans and compliance checks.
• Collaborate with development teams to embed secure coding practices and provide actionable guidance.
• Monitor security alerts, conduct incident response, and produce detailed vulnerability reports.

Requirements

• Proven experience in application security, with deep knowledge of OWASP Top 10 and secure coding standards.
• Hands‑on expertise in penetration testing tools (Burp Suite, OWASP ZAP) and vulnerability scanners.
• Strong scripting skills in Python and familiarity with AWS security services (Cognito, IAM, KMS).
• Experience with DevSecOps practices, CI/CD tooling (GitHub Actions, Jenkins, GitLab CI).
• Excellent communication skills and ability to translate technical findings into actionable recommendations.