
CYQUEO · CYQUEO GmbH
ÜBER CYQUEO Bei CYQUEO arbeiten wir eng mit den weltweit führenden Herstellern von IT-Security-Lösungen zusammen und setzen vielseitige, kundenspezifische Proj...
Bei CYQUEO arbeiten wir eng mit den weltweit führenden Herstellern von IT-Security-Lösungen zusammen und setzen vielseitige,
kundenspezifische Projekte mit dem Schwerpunkt Cybersecurity um. Unsere innovativen Lösungen zeichnen sich dadurch aus, dass sie
ohne Bewegung auf der Hardware-Ebene entwickelt werden – flexibel, modern und zukunftsweisend.
Als Teil unseres Teams profitierst Du von 20 Jahren technischem Know-how und einer echten Teamkultur, in der Zusammenarbeit und
Austausch großgeschrieben werden.
Fühlst Du Dich angesprochen?
Mit großem Erfolg, Engagement und Anerkennung unterstützen wir weltweit namhafte Unternehmen bei der Entwicklung und
Implementierung von Cloud-, Internet- und Endpoint-Sicherheitslösungen. Gemeinsam sorgen wir dafür, dass Menschen und Unternehmen
sich sicher fühlen – privat und beruflich.
Möchtest Du mit uns die digitale Welt sicherer machen? Dann werde Teil von CYQUEO!
Webanwendungen mithilfe von effektivsten Testmethoden (White Box, Grey Box und Black Box) durch, um Sicherheitslücken
umfassend zu identifizieren und zu dokumentieren
Lösungen bei unseren namhaften Kunden
Experten
übliche Testverfahren
sowie sichere Anwendung entsprechender Sicherheitstools und Plattformen wie Endpoint Protection, EDR, SIEM und Firewalls
Arbeit von SOC-Teams
Authentication Bypass) sowie der sichere Umgang mit Tools wie Burp Suite, OWASP ZAP oder manuellen Techniken
Leidenschaft für ethisches Hacking
Vorgesetzten
PROSEC Wir bei ProSec wissen genau, was wir für #CyberSecurity erreichen wollen und was wir dafür tun müssen. Unsere Vision ist es, IT-Security viral gehen zu lassen, um Menschen und Werte nachhaltig vor Cyber-Bedrohungen zu schützen. Hierfür etablieren wir neue Standards im Penetration Testing, im IT-Security-Consulting sowie in der Ausbildung und Förderung von Nachwuchstalenten in diesen Fachbereichen. Wir bieten den Besten unserer Branche ein berufliches Zuhause, das von echtem Zusammenhalt und Rückhalt geprägt ist. Unsere Expertise und Leidenschaft teilen wir mit einer aktiven Community, um den digitalen Raum für uns alle dauerhaft sicher zu gestalten. DEINE POSITION * Du arbeitest in einem abwechslungsreiches Kundenumfeld mit spannenden Projekten in unterschiedlichen Branchen und Unternehmensgrößen von Mittelstand bis hin zu höchsten behördlichen / politische Institutionen (Bundesregierung) * Zusammenarbeit sowie Erfahrungsaustausch mit Gleichgesinnten, sowohl intern in einem sehr erfahrenen Pentest- und Red-Team als auch extern durch Veranstaltungen wie Defcon, CCC und Blackhat Convention * Du übernimmst eine tragende Rolle im BLUE-Team bei der Entwicklung von Lösungs- und Reaktionsmaßnahmen auf Basis der identifizierten Schwachstellen des RED-Teams im Rahmen unseres Dienstleistungsportfolios DEIN PROFIL * Du hast ein abgeschlossenes Informatikstudium mit Schwerpunkt IT-Security oder eine vergleichbare Ausbildung * Du verfügst über mehrjährige Berufserfahrung im Penetration Testing im Bereich Infrastrukturen, Web-Applikationen und oder mobiler Applikationen * Du konntest bereits folgende Zertifizierungen erfolgreich abschließen: OSCP- und OSCE-Zertifizierung sowie OSWE-Zertifizierung * Du bringst ein außerordentliches Maß an intrinsischer Motivation im Fachbereich der IT-Security mit * Planungs-, Kommunikations- und Organisationsfähigkeit sowie eine methodische und zielorientierte Arbeitsweise gehören ebenfalls zu deinem Repertroire * Affinität in der Entwicklung und Erarbeitung von technischen Lösungsansätzen sowie Beratungs- und Vermittlungskompetenz * Du bist teamfähig, flexibel und hast ein sicheres Auftreten * Du hast Erfahrungen in der Etablierung von BLUE-Team Strategien sowie der Leitung von Projekten und oder Teams * Du verfügst über verhandlungssichere Deutsch- und Englischkenntnisse in Wort und Schrift
Nordnet redefined the financial world as the first digital bank in Europe. Now we are about to do it again and the aim is to create the next generation of bank, in the cloud. We know that this requires great people, great teams, and great technology. Do you want to join us and build the new Nordnet? At Nordnet we want to democratize savings and investments by giving our customers access to the best tools and information whether you are a professional investor or a small saver. With modern technologies and speed of delivery, we are building the next generation investment platform. This is part of the role Nordnet is a company with tech as the primary focus. In our agile and autonomous teams, you will be working with engaged colleagues that love to share their knowledge. As a cloud security engineer, you will drive automation and integrate DevSecOps into our cloud-based platform by embedding security in Continuous Integration/Continuous Delivery (CI/CD) pipelines, enhancing infrastructure security and ensuring secure software development practices. As a Cloud Security Engineer acting autonomously and with a clear mandate, you will: Develop and enforce cloud and Infrastructure As Code (IaC) security policies. Improve cloud security monitoring by building and managing detections. Collaborate with engineering teams to ensure security best practices and Secure Software Development Life Cycle SSDLC (Shift-Left). Facilitate threat modelling sessions, secure code review and vulnerability assessments. Coordinate penetration testing efforts and track remediations. Enable developers to ship fast by automating security Balance security rigor with business agility; we don't just secure, we enable. This is you To succeed in this role, we believe that you take great pride in your work, are curious and continuously want to learn and grow. Believing in collaboration and discussing ideas and concepts with your colleague, you will serve as the first point of contact for our Platform teams as a Cloud Security Subject Matter Expert to enable the delivery of great products. As a Cloud Security Engineer, you have: Offensive security mindset ideally with former red teamer or penetration tester experience Knowledge of Google Cloud Platform (or equivalent experience with other Cloud providers) Google Security Command Centre (SCC) Google Kubernetes Engine (GKE) Identity and Access Management (IAM) Infrastructure As Code (Terraform) Github Ability to work independently and as part of a team Strong stakeholder management skills, ability to work with both technical and non-technical stakeholders Ability define and implement security requirements in cloud environments Experience with security best practices and vulnerability management process. Familiarity with programming and major frameworks (Java, Spring, React) What we offer Your expertise and contribution will be appreciated from day one Access to the latest AI tools with cutting edge models to support your daily work. Plenty of opportunities to grow as a security professional Competitive salary and compensation Opportunity to shape the architecture, influencing the security design of Europe’s next-generation digital bank from the ground up. Access to training opportunities such as professional certifications (e.g., GCP Security, OSCP, OSAI+, CISSP), industry conferences, and dedicated time for skills development. You won't just follow a checklist; you’ll have the mandate to build and own your security automation roadmap. We offer you the opportunity to work in a Nordic environment with a strong focus on delivery, product development and technology. Our ambitions are high and you will embark on a fast and challenging journey together with a skillful team of sharp and committed colleagues. Our teams are autonomous and embrace the agile way of working. Culture is built and cared for, each day by everyone. We’re proud of ours. Having a flat organization where anyone can talk to anyone creates a warm and friendly atmosphere worth protecting. We believe in a culture where every effort counts and where everyone is being recognized. A culture embracing our core values – passion, simplicity and transparency on all levels, no matter who you are or what you do. We are over 900 employees located in Stockholm, Oslo, Helsinki, Copenhagen and Frankfurt. Visit us on: career.nordnetab.com/pages/engineering Learn more about Nordnet in our brand movie This is Nordnet, that describes our identity. Questions & Applications Please note that we will start reviewing applications after the summer holidays. To ensure a fair process and that your data is handled securely, we only accept applications through our recruitment system, applications sent via email will not be considered. If you have questions, please contact Hiring Manager Ralph Benton at ralph.benton@nordnet.se We want to inform you that Nordnet conducts mandatory credit and background checks, as well as drug testing as a part of our recruitment process. We look forward to receiving your application!
RaySearch develops innovative software solutions to improve cancer care. About 1000 clinics in more than 40 countries use RaySearch software to improve treatments and quality of life for patients. RaySearch was founded in 2000 and is listed on Nasdaq Stockholm. The headquarters is located in Stockholm, with subsidiaries in the US, Europe and Asia - Pacific. Today we are more than 400 employees with a common vision of improving cancer care with innovative software. Our great staff is crucial for our success and we offer a fantastic working environment in modern offices, flexibility and good opportunities for development. We believe in equal opportunities, value diversity and work actively to prevent discrimination. Are you passionate about ensuring that complex medical software is secure, resilient, and fully compliant with international standards? As Risk Manager, you will take ownership of identifying and mitigating risks within cybersecurity and information security across our products. With a structured mindset and keen attention to detail, you will play a central role in maintaining the integrity, reliability, and compliance of our software solutions. About the job As Risk Manager, you will be responsible for identifying, assessing, and mitigating cybersecurity and information security risks across all RaySearch products. As part of a smaller cybersecurity group, you will work with all aspects of cybersecurity for our product delivery including compliance, threat modelling, developer training, penetration testing, tooling and more. Your responsibilities will span the entire product lifecycle, with a particular focus on cloud-based solutions and secure software development practices. You will collaborate closely with development teams across the organization and work alongside other Risk Managers to ensure comprehensive risk management and compliance with international standards. Main responsibilities Participate in project planning together with the project management team. Support the development team with risk management related tasks, e.g., ensuring that the risk management process is applied, taking part in design and risk analysis of new and changed functionality and ensuring that risks are appropriately mitigated and tested. Own and maintain the project’s risk management documentation. Coordinate cybersecurity management activities within product development and the secure software development life cycle (SSDLC). Own the development and maintenance of cybersecurity documentation for regulated products, including FDA-related cybersecurity requirements and frameworks. Your profile We are looking for someone who understands the importance of risk management in medical software and is motivated by working in this field with all the responsibilities it entails. You are responsible, meticulous and structured, with a strong personal drive and the ability to work independently in a highly organized and efficient manner. You have experience working with or alongside software development teams and possess a strong technical understanding of software development processes, enabling you to navigate complex software environments and collaborate effectively with technical stakeholders. Requirements: BSc or MSc degree in engineering, or equivalent. 3+ years' experience working in a software development environment with complex software products. Excellent written and spoken communication skills (English and Swedish). Meriting: Experience from the medtech industry or other regulated or safety critical industries. Experience of device risk management. Experience with product safety standard requirements for medical devices (IEC/ISO standards, e.g., ISO 14971). Leadership or project management experience. Experience as a system developer. Our Culture Culture at RaySeach is the driving force behind our organization, where everything we do is driven by a shared passion for innovation and the fight against cancer. Our dedication is reflected in our ability to deliver exceptional results, pay close attention to detail, and consistently go the extra mile. Our employees stand out as experts in their field, driven by a relentless focus on solving problems - no matter how complex. At RaySearch, we take pride in leading the way in cancer treatment, leveraging cutting-edge technology to develop innovative solutions that make a real difference in patient care. Our Offer At RaySearch, we offer a diverse and inclusive work environment, fostering openness, sincerity, and collaboration. Located in Hagastaden, Stockholm's Life Science Hub, our modern and creative workspace includes an in-house gym, yoga, and social activities like ping pong, table football, and regular after-work events. Our bistro serves a fantastic lunch buffet, and we offer morning- and afternoon-fika every day. Our rooftop terrace also provides a stunning 360-degree view of Stockholm, enhancing the work experience. All of this comes attached with a competitive compensation and benefits package. Application Please apply to the position through the application form below. Selection and interviews will be ongoing. We do not accept applications by email.