Staff Security Engineer (m,f,x)
The role
We are looking for a Staff Security Engineer to join the Security Tribe and help shape the next generation of security capabilities at HelloFresh.
This is a senior individual contributor role for someone who is deeply technical, pragmatic, and builder-minded. You will work across Cloud Security, Application & Product Security, Offensive Security, and GenAI Security , with a strong focus on creating scalable internal security products, paved roads, guardrails, and self-service capabilities for HelloFresh teams.
You will not only identify risks, but also build the systems, automation, and platforms that help engineering teams move faster and safer.
Above all, we are looking for people who will make HelloFresh better. We believe there are many different ways of developing skills and we love diverse experiences! So even if you don’t “tick all the boxes” but think you’d thrive in this role, we would really like to learn more about you.
What you’ll do
- Own and elevate secure design and architecture at scale across HelloFresh — championing a security-by-design culture by defining, driving, and embedding robust architectural patterns, reference designs, and guardrails that enable teams to build secure systems by default across the organization.
- Define and drive security architecture across our cloud environments, with a strong focus on AWS, Kubernetes, IAM, network security, workload protection, secrets management, and secure-by-default infrastructure.
- Build and scale cloud security guardrails using automation, policy-as-code, Infrastructure as Code, and platform-native controls.
- Partner with engineering and product teams to embed security into the SDLC through threat modeling, secure design reviews, security testing, and developer-friendly remediation workflows.
- Build internal security products and capabilities that make security self-serviceable for HelloFresh employees and engineering teams.
- Lead initiatives across SAST, DAST, SCA, IaC scanning, secret detection, vulnerability management, and software supply chain security.
- Drive offensive security activities including penetration testing, adversary simulation, purple teaming, and validation of detection and response capabilities.
- Establish security patterns and controls for GenAI and AI/ML systems, including LLM applications, AI agents, RAG systems, model integrations, prompt injection risks, data leakage, and AI governance.
- Coordinate with external security partners, auditors and consultants to properly scope, conduct and review external security engagements.
- Use GenAI as a force multiplier to reduce operational toil, improve security workflows, automate analysis, and accelerate internal capability building.
- Mentor senior engineers, influence technical direction, and act as a trusted security advisor across engineering, product, platform, data, and leadership teams.
What you’ll bring
- 8+ years of experience in security engineering, software engineering, cloud security, application security, or offensive security.
- Deep hands-on experience securing cloud-native environments, preferably AWS, with strong knowledge of IAM, Kubernetes, networking, logging, detection, and infrastructure security.
- Strong application and product security experience, including threat modeling, secure architecture reviews, OWASP risks, API security, and SDLC security.
- Practical offensive security experience, including penetration testing, vulnerability research, exploitability analysis, or red/purple team exercises.
- Strong engineering skills in one or more programming languages (e.g., Python, Go, Java, TypeScript), with the ability to build production-grade systems and security tooling.
- Experience building automation, internal tools, developer platforms, security guardrails, or self-service security capabilities.
- Experience securing GenAI, LLM, AI agent, RAG, or ML systems.
- Familiarity with OWASP Top 10 for LLMs, MITRE ATLAS, NIST AI RMF, AI gateways, LLM guardrails, prompt evaluation, or AI red teaming.
- Familiarity with modern security tooling such as CNAPP/CSPM, SAST, DAST, SCA, IaC scanning, secret scanning, WAF, SIEM, EDR, or vulnerability management platforms.
- Ability to influence without authority, communicate complex risks clearly, and translate security problems into scalable engineering solutions.
What we offer
Elevate your lifestyle! Join one of Europe's fastest-growing tech powerhouses in a dynamic phase of expansion.
- Immerse yourself in a diverse global community of 90+ nationalities.
- Enjoy a competitive compensation package that goes beyond the norm, with perks like a HelloFresh- subsidized Pension Scheme, Berlin relocation support, and a Hybrid working model.
- Elevate your lifestyle with exclusive discounts on your weekly HelloFresh box and office meals.
- Invest in your growth with a German language learning budget, and access to the HelloFresh Academy.
- Plus, we've got your well-being covered with mental health support, transportation perks, and working-parent-friendly benefits. From our 24/7 gym access,wellbeing platforms like Headspace and Spill, to sabbatical leave options, HelloFresh is not just a workplace; it's a lifestyle of perks and possibilities!
Empfohlene Jobs
Maschinenbediener in Metallverarbeitung (m/w/d)
Wir suchen Maschinenbediener in Metallverarbeitung (m/w/d) Berlin - Vollzeit ab sofort Maschinenbediener in Metallverarbeitung (m/w/d) in Berlin Starten Sie in einem modernen Unternehme…
Teamassistent (m/w/d) zum nächstmöglichen Zeitpunkt
+++ DIREKTVERMITTLUNG in Festanstellung (keine Zeitarbeit) / Vermittlungsgutscheine (AVGS) werden akzeptiert +++ Bei Fragen einfach unverbindlich anrufen: 03048479484 oder einen Rückruf vereinbaren…
Hausbauberater (m/w/d)
Sie haben bereits erste Berufserfahrung im Immobiliensektor und wollen entspannt und unabhängig beraten? Sie sind der Traumerfüller für junge Familien und erfahrene Investoren? Erleben Sie mit un…
(Senior) SEA Consultant (all genders)
Deine Aufgaben Du bist für die Konzeption, Umsetzung und Optimierung der SEA-Kampagnen unserer Kunden zuständig Die Planung und das Management der SEA-Budgets unserer Kunden liegt in deiner V…
Maschinenbediener - Pharmaindustrie- m/w/d
Aktuell (sind) wir auf der Suche für einen unserer Kunden nach mehreren Maschinen- und Anlagenführern (m/w/d) für die Pharmaindustrie. Sie werden im Bereich der Geräteherstellung eingesetzt. Sie habe…
CUSTOMER SERVICE SPECIALIST (M/W/D)
Du liebst es, Dinge möglich zu machen, Probleme zu lösen und für andere da zu sein? Dann starte bei uns als Customer Service Specialist:in und werde das Herz unserer Kundenbetreuung. Aufgaben D…
Consultant - Automotive Architecture (f/m/x)
As a strategy and management consultancy, we work together with industry leaders in the Automotive & Transport, Energy & Environment, and Public & Infrastructure sectors to shape the mobility and ene…
Chef de Partie (m/w/d) - Koch | Küche
Berlin – Pamela, Charlottenstraße 59, 10117 Berlin Vollzeit | 2 feste freie Tage ✨ Why this role is a great opportunity Looking for more than just your next Chef de Partie position? Pamel…
Sous Chef (m/w/d)
Sous Chef (m/w/d)12.07.2026 AIDA Cruises - German Branch of Costa Crociere S.p.A. an Bord unserer Schiffe Weitere passende Anzeigen: Jobmailer Ihre Merkliste / Mit Klick auf einen Stern in…
Berufskraftfahrer / Auslieferungsfahrer m/w/d
Für den Transport von Backwaren an Verkaufsstände innerhalb Berlins sucht perZukunft -Ihre private Arbeitsvermittlung, ab sofort einen Kraftfahrer (m/w/d) in Vollzeit. Sie nahmen die fertigen Backerz…