Job Description
The Senior Security Automation Engineer at Celonis is responsible for integrating automated security practices into the software development lifecycle, focusing on building scalable security solutions within CI/CD pipelines, infrastructure as code, and supply chain security to enhance the company's application and platform security posture.
Key Responsibilities
- Design, build, and enhance security components for Celonis applications and platforms.
- Integrate automated security scans (SAST, DAST, SCA, container scanning) into CI/CD pipelines.
- Develop and maintain security tooling and custom integrations using scripting languages like Python or Go.
- Implement automated security checks and fail-fast deployment gates for high-severity vulnerabilities.
- Automate Infrastructure as Code security checks and baseline security assessments.
- Implement and maintain Software Bill of Materials (SBOMs) and build signing processes to secure supply chains.
- Collaborate with cloud security teams to address vulnerabilities and provide secure coding guidance.
- Research emerging threats and DevSecOps tooling to improve security automation and processes.
Requirements
- Five (5) years of experience in security engineering or DevSecOps, emphasizing security automation.
- Proven expertise in integrating SAST, DAST, and SCA security tools into CI/CD pipelines.
- Strong proficiency in scripting languages such as Python, Go, or similar.
- Experience using Git and following version control best practices.
- Experience with container technologies including Docker and Kubernetes, and container security scanning tools such as Trivy and Aqua.
- Proficiency with Infrastructure as Code frameworks such as Terraform and CloudFormation.
- Solid understanding of OWASP Top 10 vulnerabilities and best practices in application security.
- Experience with Infrastructure as Code security, automating baseline security checks using tools like Checkov and adhering to CIS benchmarks for cloud resources.
- Experience implementing and maintaining Software Bill of Materials (SBOMs) using tools such as Syft or CycloneDX.
- Experience establishing build signing and artifact verification processes using tools like Cosign and GPG.
- Ability to collaborate closely with Cloud Security Engineers to address cloud application vulnerabilities and coordinate remediation efforts.
- Ability to provide security best practices and guidance to development teams on secure coding and secure CI/CD processes.
Benefits & Perks
generous PTO
hybrid working options
company equity RSUs
comprehensive benefits
extensive parental leave
dedicated volunteer days
access to resources such as gym subsidies, counseling, and well-being programs
clear career paths
internal mobility
dedicated learning program
mentorship opportunities
Ready to Apply?
Join Celonis and make an impact in renewable energy
Stay Updated on Sustainability Jobs
Get the latest renewable energy jobs and career tips delivered to your inbox.
Job Alerts
Get notified about new sustainability jobs
More jobs at Celonis
Global People Business Partner
Celonis
NEW
Raleigh
Full Time
14h
Global People Business Partner
Celonis
NEW
New York
Full Time
14h
$145k-165k
Senior Management Technology Consultant
Celonis
NEW
Munich
Full Time
14h
More jobs in Madrid, Spain
Account Management Internship
LevelTen Energy
Madrid
Internship
Nov 22
Data Researcher - Madrid
Unison
Madrid
TEMPORARY
Nov 3
Application Engineer
Rondo Energy
Madrid
HYBRID
Nov 4