Product Security Engineer (m / f / d)

Scan this QR code to discuss career opportunities and advice!

Chat with us

Check out more about Redcare

Play Video

About Redcare Pharmacy :

As Europe’s No.1 e-pharmacy, Redcare Pharmacy is powered by passionate teams and cutting-edge innovation. We strive to create a healthy, collaborative work environment where every employee feels valued and inspired to contribute to our vision “Until every human has their health”. If you’re seeking a career that offers purpose and aligns with your values, join us and begin your #Redcareer today.

About the role :

• Strategic Security Integration: Collaborate with Engineering to embed secure design principles across online shops, native apps, AdTech / MarTech platforms, and other custom-built software. Implement security testing tools (SAST, DAST, IAST, SCA).
• Security Audits: Perform security architecture reviews, threat modelling, and code analysis to identify vulnerabilities early. Lead security audits in collaboration with IT Governance, ensuring alignment with the product roadmap for quick mitigation.
• Vulnerability Management & Threat Detection: Lead proactive vulnerability identification and management, using tools like Nessus or Qualys for continuous scanning. Design and execute incident response protocols, coordinating during security incidents.
• Data Protection & Compliance: Work with Product Analytics and IT Compliance teams to ensure adherence to GDPR, PCI-DSS, and other regulations. Oversee customer data security and privacy across various features.
• Collaboration & Security Awareness: Partner with Engineering Managers, QA Leads, IT Operations, and SRE teams to integrate security testing into development pipelines. Educate developers on secure coding, OWASP Top 10, secure APIs, and compliance topics.
• Metrics & Continuous Improvement: Define and track security metrics, promoting their adoption across the engineering organization.

About you :

• Proven experience in product security, cybersecurity, and securing APIs. Skilled in vulnerability management tools, secure code review, and automation frameworks.
• Deep understanding of the secure SDLC, application security, DevSecOps, CI/CD pipelines, and cloud-native security. Ability to collaborate with DevOps, engineering, and security teams.
• Familiarity with data protection regulations like GDPR and their application in software development.
• Strong coding/scripting skills in Python, Bash, PowerShell, Java, Node.js, Terraform HCL, or Ansible YAML.
• Knowledge of secure coding practices and OWASP Top 10.
• Excellent problem-solving and communication skills, with the ability to educate and influence teams.

About your benefits :

We offer a wide range of benefits to support our employees’ needs, including:

• Sports: Membership at Urban Sports Club for various sports activities.
• Mental Health: Access to psychologists from Likeminded, anonymously and free of charge.
• Work from Home: Flexibility to work remotely up to 20 days a year within the EU.
• Mobility: Fully paid Deutschland Ticket for transportation.
• Personal Development: Support for training and growth opportunities.
• And many more :)

Our offices are open, but you can work from anywhere in Germany. We value team relationships and organize regular in-office days for team bonding.