About the role
Ready for your next adventure?
What you will do
– Develop emergency plans and exercises for security incidents
– Lead internal penetration testing and triage external bug bounty submissions
– Prioritise vulnerabilities by impact and probability, and mitigate them
– Identify and implement measures for early attack detection
– Continuously harden our CI/CD process and cloud infrastructure
– Plan and implement spam & fraud countermeasures
– Think like an attacker to remain one step ahead at all times
– Confidently communicate security vulnerabilities, and their severity with product owners
Why you will love it
– You’ll work with a truly inspiring product that brings real-life value to our users and empowers them to explore more of the great outdoors.
– We strive for honest security and enable our colleagues to do their best work.
– We strive for a modern tech stack to stay productive and face scaling challenges.
– We are a tech company with little organisational overhead, focusing on ownership and responsibility instead of micro-management and hierarchies.
– This is a remote role – you’re free to work from anywhere that lies between the time zones UTC-1 and UTC+3. Beach? The mountains? Or a co-working space (covered by us)?
– You’ll become part of a diverse, international team and you’ll travel with us (when safe) for team gatherings in amazing locations several times a year. Check out this playlist (https://bit.ly/39xtIrn) to find out more about how we stay close while being remote.
You will be successful in this position if you
– Are highly self-driven, responsible and keen to learn and improve.
– Have 3+ years of professional experience in security engineering, penetration testing and/or red/blue teaming.
– Have experience with offensive security.
– Have experience with the security offerings of AWS. Google Cloud is a plus.
– See yourself and security in general as an enabler and not as a blocker.
– Have been responsible for security of a B2C product (web or mobile).
– Are a great communicator in a diverse team.
Sound like you?
We would love to hear from you! Please send us the following:
– Your CV in English highlighting your most relevant experience
– A write-up explaining who you are and why you are interested in working at komoot
– Feel free to send us something that shows us a little more about what you’re interested in, be it your account on GitHub, Twitter, Instagram, Medium or your blog.
Curious to find out more about our recruitment process?
– Find out more info here: https://www.komoot.com/jobs-process
– At komoot we want to make great adventures accessible to everyone. We support diversity and inclusivity within the outdoors and welcome all prospective applicants.
– We have a rolling recruitment process. If this role is online it means it’s still open. We’re accepting applications and actively looking for the perfect candidate. Is it you?
– 38 days of vacation (incl. public holidays)
– Dedicated time and budget to spend on your professional development: classes, conferences, books – you decide!
– Discounts from leading outdoor and cycling brands
– Flexible working hours and ability to work from anywhere in Europe
– Three whole-company gatherings per year in beautiful locations
– Optional “togetherness” trips with your team
– Costs covered for your co-working space membership or your work from home office
– The latest devices and equipment to do your best work