Staff Security Engineer

HungerStation is part of the Delivery Hero Group, the world’s pioneering local delivery platform, dedicated to delivering an amazing experience—fast, easy, and to your door. We operate in over 70 countries worldwide, and our headquarters is located in Berlin, Germany.

We are looking for a highly talented Staff Security Engineer to join our team in Riyadh. This role offers an opportunity to gain hands-on experience and make a direct impact within the organization.

As a Staff Security Engineer, you will work on several key areas:

• Application Security:

  • Ensure the implementation of defined secure coding standards.
  • Perform manual code and architecture reviews.
  • Implement and embed security modules/engines in CI/CD pipelines.
  • Collaborate with engineers to resolve identified security vulnerabilities.

• Penetration Testing and Red Teaming:

  • Conduct white/black box vulnerability assessments for web and mobile applications, as well as on-prem/cloud infrastructure.
  • Perform advanced red teaming exercises.
  • Submit detailed security assessment reports and follow up on mitigation action plans.

• Cloud Security:

  • Implement and maintain necessary security tools.
  • Enhance cloud infrastructure security against external and internal threats.
  • Improve security monitoring for cloud infrastructure.

• Governance and Resilience:

  • Follow relevant policies and procedures for daily operations in a consistent manner.
  • Contribute to the identification of opportunities for continuous improvement.
  • Promote adherence to policies and procedures among employees.

• Daily Operations:

  • Ensure continuity of work by following daily operations.
  • Contribute to preparing timely and accurate reports relevant to the line of work.
  • Address the needs of internal and external customers promptly and courteously.

Qualifications:

• 8+ years of relevant professional experience in security engineering.
• Bachelor's degree in a related field is required; a Master's degree is highly preferred.
• Certification in OSCP or CDP is mandatory; additional certifications such as OSCE and CDE are considered a plus.
• Proven expertise in penetration testing for web and mobile applications.
• Strong proficiency in application security and integrating security practices into the CI/CD pipeline.
• Comprehensive knowledge of cloud information security, including the ability to generate and monitor security alerts effectively.
• Familiarity with security infrastructure and operations tools, such as Web Application Firewalls (WAF).
• Experience with cloud penetration testing is advantageous.

Additional Information:
What We Offer:

• Global relocation support for permanent employees.
• Opportunities to exchange ideas and collaborate with 2000+ colleagues across various teams within Delivery Hero.
• Personal educational budget for conferences and external training.
• Access to our e-learning platform and participation in various in-house training programs.

Language Requirements:
Proficiency in English is expected; additional languages may be an asset.