Senior Security Operations Engineer (m/f/x) - full-time


About us

Do you love stories? If so, please keep reading, because we certainly do. We believe the ability to tell stories is what makes us human. Joyn is your streaming app with over 50 live TV channels, exclusive previews, originals and collections. We understand Joyn as a partnership – an invitation to content-providers and users alike to make entertainment more meaningful and fun. Our app aggregates global and especially local content in a relevant way for Germany, both live TV and on-demand content. All kinds of stories and more to come, everyday.

We hire the best, because we need people that are as customer-focused as we are. We are looking for champions to help us further connect with our audience. It’s not a small or easy task, but it’s a fun and rewarding one. Do you think you’re up for it? Great. Then send us your application!

About the Job

We are looking for a Security Operations Engineer to help build and operate the next generation video streaming platform for the German-speaking market. Together with your team you design, implement and verify security and compliance standards for all of Joyn’s engineering teams working with Node.js/Scala containerized microservices that communicate via Kafka and run in AWS. SecOps works closely together with the Site Reliability Engineering team, who constantly work on improving infrastructure, automating away manual work and enabling the software engineering teams to quickly and easily build innovative and reliable software with high quality and observability.

What you tell people at parties"My services run in a large-scale cloud environment, making sure you can enjoy live streaming and video-on-demand in the Joyn app on any device, anywhere"

What you do

  • Work in a team of passionate and talented engineers that self-organise and continuously deliver value by embracing a lean and agile mindset.
  • Build, maintain and improve security, compliance, governance standard for our cloud infrastructure and services.
  • Engineering is craftsmanship and you enjoy applying good engineering practices - implement processes, systems and tools to aid you and your team in the day-to-day work.
  • Participate in technical design and architectural discussions within your team and with other teams to solve and prevent customer issues.
  • Learn and succeed in areas you haven’t touched before.
  • Follow trends in software and streaming tech and turn your learnings into features and improvements that delight our customers and keep the service available
  • How you do it

  • You enjoy solving difficult technical problems in the team - because 1+1=3.
  • We value autonomy in the teams and at the same time we like you to take ownership for the products you are building.
  • You get a chance to work with Node.js, Kafka, AWS, Docker, and other cutting-edge technologies.
  • You develop code for solving complex business problems, and you find solutions that are simple, beautiful, and sustainable.
  • We really care about the product and you should keep the consumer in mind when designing your solution together with the product management team.
  • Learn from both success and failure, actively coach and get coached by the team
  • What we are asking

  • A fast-paced environment is something you feel really comfortable in.
  • University degree in computer science, information technology or equivalent experience
  • Professional working experience in security operations and engineering
  • Experience with Microservices, APIs and Web App pen-testing 
  • Knowledge in common pen-test tools like Burp Suite, OWASP ZAP etc
  • Broad knowledge of microservice technologies.
  • Experience with AWS services, especially security and compliance measures (config, KMS, ...)
  • Working experience with CI/CD, test- and deployment automation, and containers.
  • Knowledge of security standards and frameworks; ISO 27001/2, NIST, PCI DSS, SOC 2.0, etc.
  • Good understanding of security programs to address risks including patching, secure build, vulnerability scanning and remediation, logging and monitoring, threat management and user awareness.
  • Experience in security tooling & technologies (eg IDS, AWS security configurations/setup, Linux security configurations/setups, etc.)
  • Ability to create robust, scalable and secure multi-region solution designs.
  • English is our team language