
JTL-Software · Mobil
DEINE AUFGABE Dein Team, das JTL Security Team, ist ein technisches, entwicklernahes Team im Herzen der Firma. Wir sorgen für die Absicherung der JTL Gruppe ge...
Dein Team, das JTL Security Team, ist ein technisches, entwicklernahes Team im Herzen der Firma. Wir sorgen für die Absicherung
der JTL Gruppe gegen eine große Bandbreite an IT-Sicherheitsbedrohungen. Gemeinsam mit unseren Entwicklerteams gestalten wir
sichere Produkte und Services – sowohl für den On-Premise- als auch den wachsenden Cloud-Bereich. Dabei erwartet dich ein breit
gefächertes und anspruchsvolles Themenfeld, das sowohl technische Exzellenz als auch strategisches Denken erfordert.
Abwechslung suchst, kannst Du jederzeit eines unserer Offices nutzen. Für Workshops, Schulungen oder Messen freuen wir uns,
Dich auch mal vor Ort zu sehen!
Ob Frühaufsteher oder Langschläfer – wichtig ist, dass Du Deine Aufgaben zuverlässig erledigst und Dich mit Deinem Team gut
abstimmst.
wenigen länderspezifischen Ausnahmen.
leckere Mittagspause im mobilen Arbeiten.
Homeoffice nach Deinen Wünschen gestalten kannst.
der gesamten JTL-Group und organisieren regelmäßige Teamevents – für echtes Wir-Gefühl.
bleibst Du fit!
Wunsch und individuell angepasst.
Wenn du Bock auf den nächsten Schritt in deiner Karriere hast, freuen wir uns auf Deine Bewerbung! Bewirb dich entweder hier
direkt oder über unsere Homepage https://www.jtl-software.de/jobs.
DEINE AUFGABEN * Du entwickelst sichere Software- und Infrastrukturlösungen und integrierst Security-by-Design-Prinzipien von Anfang an in den Entwicklungs- und Bereitstellungsprozess. * Du unterstützt unsere Kund:innen bei der Konzeption, Entwicklung und Absicherung moderner Anwendungen und Infrastrukturen, beispielsweise in den Bereichen KI, Web, APIs und Cloud. * Du identifizierst Sicherheitsrisiken in bestehenden Anwendungen, Cloud-Umgebungen und Infrastrukturkonfigurationen und leitest konkrete Maßnahmen zur Behebung ab. * Du führst Code-Reviews mit Fokus auf Security durch und etablierst Best Practices für sichere Softwareentwicklung * Du arbeitest eng mit Entwicklerteams, Architekt:innen, Infrastrukturteams und Security-Verantwortlichen zusammen, um ganzheitlich sichere Systeme zu gestalten. * Du implementierst Security-Mechanismen wie Authentifizierung, Autorisierung, Verschlüsselung und Secrets Management in Softwarelösungen und Cloud-Konfigurationen. * Du integrierst Security-Checks in CI/CD-Pipelines und unterstützt beim Aufbau von DevSecOps-Strukturen. * Du entwickelst und pflegst Infrastructure-as-Code-Lösungen, um Cloud- und Plattforminfrastrukturen sicher, nachvollziehbar und wiederholbar bereitzustellen. * Du analysierst neue Technologien und Tools im Bereich Application Security und bringst Deine Ideen aktiv in Kundenprojekte ein. * Du begleitest unsere Kund:innen bei der Transformation hin zu sicherer Softwareentwicklung, modernen Architekturen und automatisierten Infrastrukturprozessen. * Du übernimmst Verantwortung für eigene Arbeitspakete und bringst Dich aktiv in die Weiterentwicklung unserer Themen und Services ein. DEIN PROFIL * Du hast ein gut bis sehr gut abgeschlossenes Studium im Bereich Informatik, Wirtschaftsinformatik, IT-Sicherheit oder eine vergleichbare Qualifikation * Du bringst für die Rolle Engineer 1–2 Jahre und für die Rolle Senior Engineer 2-5 Jahre Berufserfahrung mit * Du bringst fundierte Kenntnisse in der Softwareentwicklung (z. B. Java, Python, Typescript, Go) mit und hast ein starkes Interesse daran, Security von Anfang an mitzudenken * Du kennst dich mit Cloud-Infrastrukturen, Automatisierung und Deployment-Prozessen aus * Du hast Erfahrung mit Clean Code, Design Patterns und Softwarequalität und kannst diese Prinzipien auch auf Automatisierungs- und Infrastrukturcode übertragen. * Du kennst dich mit Versionskontrolle (Git) und Code Reviews aus * Du kennst gängige Secure Coding Practices und hast ein gutes Verständnis für typische Schwachstellen (z. B. OWASP Top 10) * Du bringst Kenntnisse in Container-Technologien (Docker, Kubernetes) und deren Absicherung mit * Du hast praktische Erfahrung mit Infrastructure as Code oder möchtest Deine vorhandenen Kenntnisse in diesem Bereich vertiefen. Idealerweise hast Du bereits mit Werkzeugen wie Terraform, OpenTofu oder Pulumi gearbeitet * Du hast Erfahrung mit automatisierten Tests, beispielsweise Unit-, Integrations- und Security-Tests, und kennst auch Ansätze zur automatisierten Prüfung von Infrastrukturkonfigurationen * Du hast idealerweise bereits mit DevSecOps-Ansätzen gearbeitet und Security in Entwicklungs- und Deployment-Prozesse integriert (AWS, Azure, GCP) * Du hast im besten Fall Verständnis moderner Sicherheitsarchitekturen (z. B. Zero Trust, Least Privilege, Defense in Depth) * Du hast optimalerweise schon Zertifizierungen im Bereich Security * Du denkst nicht nur technisch, sondern auch analytisch und kannst Sicherheitsrisiken strukturiert bewerten und priorisieren * Du hast Spaß daran, Dich in neue Technologien und Security-Themen einzuarbeiten und Dein Wissen kontinuierlich weiterzuentwickeln * Du arbeitest gerne im Team, übernimmst Verantwortung für Deine Themen und treibst diese eigenständig voran * Du kommunizierst sicher auf Deutsch und Englisch und kannst komplexe Sachverhalte verständlich vermitteln, auch im Austausch mit Kund:innen * Du willst nicht nur umsetzen, sondern aktiv mitgestalten und echte Erfolge in Projekten und beim Aufbau neuer Themen leisten * Du hast schon Erfahrung im Consulting-Umfeld oder in der Zusammenarbeit mit Kund:innen * Du verfügst über sehr gute Deutsch- und Englischkenntnisse (mind. C1 in beiden Sprachen) DEINE BENEFITS * Unterstützende Teamkultur: Teamzusammenhalt ist uns wichtig - wir unterstützen uns gegenseitig und pflegen eine gesunde Officekultur. Unser Eventteam plant regelmäßige Afterworks und sorgt für einen Austausch außerhalb des Arbeitsplatzes. * Schnelle Verantwortungsübernahme: Du übernimmst ab Tag 1 spannende Aufgaben mit eigener Verantwortung - egal ob auf deinem Projekt oder bei der Einbringung in interne Aufgabe - du gestaltest mit! * Klare Karrieremöglichkeiten: Bei uns findest du ein Umfeld, das dich fördert, fordert und weiterbringt. Wir haben klar definierte Karrieremöglichkeiten und ein transparentes Anforderungsmanagement and jedes Level. * Kreativer Arbeitsplatz: Wir geben dir die Freiheit und Zeit, kreative Lösungen zu entwickeln und bieten dir dafür die beste und modernste Hardware an (Apple oder Windows). * Mitarbeiterbenefits: Flexible Arbeitsmodelle, BahnCard, JobRad, Spendit-Card, Wellpass und betriebliche Altersvorsorge sorgen für dein Wohlbefinden. Außerdem gibt es bei uns im Office den Besten Kaffee aus unserer neuen Siebträgermaschine und einen immer gefüllten Soft-Getränkekühlschrank. * Attraktive Urlaubsregelung: Du genießt 30 Tage Urlaub im Jahr und kannst flexibel von daheim arbeiten.
WHY WE NEED YOU Maltego is an Open Source Intelligence (OSINT) and investigative analysis platform used by security professionals, law enforcement, cyber threat intelligence teams, and investigative journalists worldwide. The platform enables users to collect, correlate, and visually analyse data from many disparate sources, turning large and complex datasets into meaningful, actionable intelligence. As a Senior Platform Engineer at Maltego, you can expect to work on a production‑grade, security‑focused SaaS platform with global users and high availability requirements. Opportunities for professional development, including training, certification, and career advancement. The role is deeply hands‑on and infrastructure‑centric, with a strong focus on automation, scalability, and operational resilience. This role treats the platform as a product, with developers as customers, focusing on usability, standardization, and productivity gains. WHAT TO EXPECT Key responsibilities include: * Operate and support cloud infrastructure (primarily Azure) for a production-grade SaaS platform. * Manage Kubernetes clusters, including event-driven autoscaling and reliability best practices. * Maintain Infrastructure as Code (IaC) and configuration management to ensure repeatable, auditable environments. * Design, operate, and troubleshoot CI/CD—especially Azure Pipelines—to enable continuous delivery. * Optimize build and release pipelines for scalability, efficiency, and cost-effectiveness. * Operate and troubleshoot enterprise platform components (e.g., API gateways, message queues) in line with existing standards. * Build internal platform tools, automations, and self-service capabilities to reduce operational overhead and improve developer experience. * Participate in on-call rotations and collaborate with product/engineering teams on provisioning, automation, lifecycle management, and safe adoption of AI/ML-enabled tooling. YOUR PROFILE IN SHORT * Degree in Computer Science, Software Engineering, or equivalent work experience. * 3+ years as a Site Reliability Engineer, DevOps Engineer, or Infrastructure Engineer. * Hands-on experience with at least one major cloud provider (Azure/AWS/GCP). * Experience in operating applications on Kubernetes and integrating tools like Argo CD, Helm, etc. * Practical experience working with applications written in Java, Python, Go, Node, etc. * Coding ability in with one or a similar one of the following: Java, Python, Rust, or Go. * Proficiency in Python and Bash scripting * Understanding Unix/Linux, and optionally Windows operating systems. * Experience working with Infrastructure as Code / Automation tools (Ansible, Terraform). * Experience in managing CI/CD (Azure DevOps, Jenkins, etc.) * Experience with monitoring platforms such as Azure Monitor, Prometheus, and Grafana to comprehend service health and create dashboards; * Understanding of Azure and Hybrid Networking across Kubernetes and Virtualization technology. * Familiarity with data engineering practices and tools. YOUR TECH SKILLS * Certified Kubernetes Administrator (CKA) or willing to do it soon * AWS or Azure Certification ABOUT THIS OPENING IMPORTANT: Willingness to undergo security clearance, if required. WHY YOU WILL LOVE MALTEGO Here are some of the reasons why you will love Maltego: * Insights into the daily operations of a fast-growing tech scale-up. * Competitive compensation with a bonus/commission structure based on pipeline creation. * Inclusive, diverse culture, where your voice and contributions matter. * Supported language courses * Mental health support via .nilo (psychologists & digital tools) At Maltego, we are committed to supporting diversity and inclusion in our organization. We are an equal opportunity employer. We welcome applications from all individuals regardless of race, religion, color, nationality, gender, sexual orientation, age, or disability. LOCATION Our Munich office REQUIRED DOCUMENTS / INFORMATION Please submit a resume and a cover letter detailing your experience and motivation to be part of Maltego!
About the AI Platform Team The AI Platform Team enables Awin teams to build, ship, and operate AI-powered products safely, consistently, and efficiently. We focus on the shared platform and enablement layer for AI development across the company. That includes reusable services, internal APIs and SDKs, platform patterns, observability, evaluation support, guardrails, cost visibility, and practical guidance that helps teams move from experimentation to production with confidence. This is a team for engineers who enjoy building internal platforms, creating paved roads for others, and raising the engineering quality bar for AI development across the organization. About the role We are looking for a Senior AI Platform Engineer - Security & Governance to join the AI Platform Team and help define and implement the guardrails, privacy patterns, governance mechanisms, and safe defaults that allow AI adoption to scale responsibly across Awin. In this role, you will work on the safety and control layer of AI development: AI security patterns, privacy and PII handling guidance, provider and model governance, reusable guardrails, and lightweight readiness mechanisms that improve safety without creating unnecessary process. This role is best suited to someone who combines strong engineering judgment with real practical experience in security, governance, privacy, or compliance for AI-powered systems. We care more about evidence of sound decision-making and pragmatic implementation than about titles or years in a specific niche. What youʼll do * Define and improve practical guardrails and safe defaults for AI-powered systems * Help shape Awinʼs approach to privacy, PII handling, and data-safe patterns for AI workflows * Contribute to approved provider and model guidance, including practical validation and usage expectations * Work with engineers to translate policy, risk, and governance needs into reusable platform patterns and engineering controls * Help define production-ready expectations for AI systems from a safety, governance, and risk perspective * Contribute to readiness checks, automated validations, and scalable governance mechanisms that reduce reliance on manual approval processes * Help improve logging, tracing, and observability practices so AI systems are auditable and safer to operate * Partner closely with Security, Legal, Architecture, and product engineering teams to ensure standards are practical and proportionate * Support teams in understanding AI-specific risks such as unsafe outputs, provider misuse, privacy exposure, and poor trace hygiene * Write clear documentation, patterns, and guidance that help teams apply standards consistently * Contribute to strong engineering practices across the team through clean code, testing, and collaboration * Mentor others and help raise the teamʼs overall maturity in AI safety, governance, and privacy-aware engineering Requirements * Strong software engineering fundamentals and experience working on production systems * Practical experience in security, governance, privacy, compliance, or risk-related engineering work * Clear hands-on experience applying those controls to AI- or LLM-powered systems * Strong understanding of AI-specific risks, including privacy exposure, PII handling, unsafe outputs, provider/model risk, and misuse or abuse patterns * Experience translating policy or risk requirements into practical engineering controls, patterns, or defaults * Good understanding of how to make AI systems observable, auditable, and safer to operate in production * Ability to work effectively with engineers, architects, and non-engineering stakeholders such as Security or Legal * Good practical experience with Python and/or JavaScript / TypeScript * Comfortable working across the lifecycle of a platform capability, from design and implementation to rollout and iteration * Good understanding of information security and how to design solutions with security in mind * Comfortable applying unit testing, continuous integration, and continuous deploymentStrong communication skills, both synchronous and asynchronous * Comfortable working through ambiguity and helping shape standards where the right balance between safety and speed is still evolving * Strong judgment and pragmatism, with an ability to improve safety without introducing excessive bureaucracy Nice to have * Experience designing or implementing guardrails for AI or LLM-powered systems * Experience with AI governance automation, readiness gates, policy checks, or preflight validation patterns * Familiarity with tracing, auditability, and logging standards for AI systems * Familiarity with evaluation workflows, regression checks, and production readiness practices for AI * Experience assessing third-party AI providers or model usage from a risk or governance perspective * Experience with privacy-by-design patterns in data-sensitive systems * Experience working in regulated or higher-risk environments * Experience writing clear developer guidance and turning repeated risk questions into reusable standards Tools and technologies you may work with: * Python * JavaScript / TypeScript * Azure / AWS * LLM APIs * CI/CD tooling * Observability and tracing tools * Policy and validation patterns * Internal platform services, standards, and governance tooling Working style We are looking for someone who enjoys building in a space that is evolving quickly, but who stays grounded in pragmatic engineering and long-term platform value. A strong fit for this role is someone who: * Thinks clearly about real-world AI risk, not just theoretical concerns * Can balance safety, speed, and developer experience * Communicates clearly and helps others understand trade-offs * Prefers reusable controls and automation over manual gatekeeping * Is comfortable collaborating across engineering, security, architecture, and legal boundaries * Writes clear, actionable guidance rather than vague policy language * Is proactive about identifying risk patterns early and turning them into scalable solutions * Enjoys helping other engineers build safer systems without slowing them down unnecessarily Our Offer * Flexi-Week: We prioritise your mental health and wellbeing by offering you a four-day Flexi-Week (with one lighter or completely disconnected day per week) at full pay, with no reduction to your annual holiday allowance. * Flexi-office: We offer an international culture and flexibility through our hybrid/remote working scheme which is designed to foster a culture of mutual trust and working flexibility. * Work Expense Contribution & Remote Working Furniture: You will receive a monthly allowance to cover part of your running costs, as well as a furniture package to support you in setting up a comfortable workspace when working from home. * Health and Wellbeing: With our support and access to various initiatives and sports offers, you can focus on your mental and physical wellbeing. * Development: We’ve built our extensive training suite, Awin Academy, to cover a wide range of skills that support your professional and personal growth, with trainings conveniently packaged to help your overall development. * Appreciation: Thank and reward colleagues by sending them a voucher through our peer-to-peer recognition programme. We are hiring in multiple countries for this role. Additional benefits, including health and wellbeing offerings, will be discussed during the initial interview. Established in 2000, Awin is proud of our dynamic, social and inclusive culture. Like all businesses, we’ve had to adapt and nurture our culture in a virtual environment. Our virtual ‘Life @ Awin’ hub brings our colleagues from across the globe together for various social activities. Diversity & Inclusion are paramount to us, and we proudly pursue and hire diverse team members. We champion uniqueness and authenticity; this is who we are at our core. Our network of affiliate partnerships are diverse and transparent, as are the employees powering our vision to build the world’s leading open partner ecosystem. We welcome all backgrounds, identities, and experiences. If you need support at any point in the application or interview process, please let us know. Awin is part of the Axel Springer group. Learn more at axelspringer.com/en/, and explore the Axel Springer Essentials here: axelspringer.com/en/inside/the-essentials-what-we-have-adapted-and-why Apply now to begin the next stage of your career at a progressive company that supports both your professional and personal development. #LI-RS1