Senior DevSecOps Engineer / Security Compliance Engineer

Proven experience in product security, DevSecOps, security compliance, or secure software engineering., Hands-on experience maintaining and operating a vulnerability register., Practical experience implementing security gates before merge or release., Strong experience configuring and running SAST tools for C/C++ projects., Experience working with Veracode., Ability to prepare C/C++ projects for static analysis, including preprocessed source, compiler requirements, and debug symbols., Experience interpreting SAST findings, including triage, prioritization, and false-positive handling., Practical experience configuring SCA tools and monitoring CVEs in dependencies., Experience generating and maintaining SBOMs., Working knowledge of CycloneDX and SPDX formats., Experience integrating security tools into CI/CD pipelines, including GitHub Actions., Strong hands-on experience with GitHub as the main VCS platform., Experience designing and maintaining GitHub Actions workflows, including reusable workflows and composite actions., Experience migrating repositories from SVN, Bitbucket, GitLab, or similar systems into GitHub., Good knowledge of C/C++ in the context of embedded systems., Experience with build systems such as CMake, Make, and vendor-specific environments., Practical Python skills for automation and tooling., Experience with embedded Linux environments such as Yocto, Buildroot, or custom distributions., Experience with RTOS-based projects such as FreeRTOS, Zephyr, or similar., Experience with bare-metal development environments, including vendor HALs and toolchains such as GCC ARM and IAR., Good working knowledge of Linux on PC, including console and bash., Ability to work across mixed, complex, and legacy engineering environments., Strong communication skills and collaborative mindset., High autonomy and ownership., Senior level or above.

sharing the costs of sports activities, private medical care, sharing the costs of professional training & courses, life insurance, remote work opportunities, flexible working time, integration events, no dress code, coffee / tea, parking space for employees