← Zurück zur Liste
Stelle · Principal

Staff Security Engineer (m/f/x)

Security Engineer • Principal • Vor Ort • Vollzeit • 📍 Berlin

HelloFresh is looking for a Staff Security Engineer to join its Security Tribe and help shape the next generation of security capabilities. This is a senior individual-contributor role for a deeply technical, pragmatic, builder-minded engineer working across Cloud Security, Application & Product Security, Offensive Security, and GenAI Security. The focus is on building scalable internal security products, paved roads, guardrails, and self-service capabilities that let engineering teams move faster and safer.

Responsibilities

  • Own and elevate secure design and architecture at scale, embedding architectural patterns, reference designs, and guardrails for security-by-default across the organization.
  • Define and drive security architecture across cloud environments with a strong focus on AWS, Kubernetes, IAM, network security, workload protection, and secrets management.
  • Build and scale cloud security guardrails using automation, policy-as-code, Infrastructure as Code, and platform-native controls.
  • Partner with engineering and product teams to embed security into the SDLC through threat modeling, secure design reviews, security testing, and developer-friendly remediation.
  • Build internal security products that make security self-serviceable for HelloFresh teams.
  • Lead initiatives across SAST, DAST, SCA, IaC scanning, secret detection, vulnerability management, and software supply chain security.
  • Drive offensive security activities including penetration testing, adversary simulation, purple teaming, and detection/response validation.
  • Establish security patterns and controls for GenAI and AI/ML systems, including LLM apps, AI agents, RAG systems, prompt injection risks, data leakage, and AI governance.
  • Coordinate with external security partners, auditors, and consultants to scope, conduct, and review engagements.
  • Use GenAI as a force multiplier to reduce toil, improve workflows, and accelerate internal capability building.
  • Mentor senior engineers and act as a trusted security advisor across engineering, product, platform, data, and leadership.

Requirements

  • 8+ years in security engineering, software engineering, cloud security, application security, or offensive security.
  • Deep hands-on experience securing cloud-native environments, preferably AWS, with strong knowledge of IAM, Kubernetes, networking, logging, detection, and infrastructure security.
  • Strong application and product security experience, including threat modeling, secure architecture reviews, OWASP risks, API security, and SDLC security.
  • Practical offensive security experience, including penetration testing, vulnerability research, exploitability analysis, or red/purple team exercises.
  • Strong engineering skills in one or more languages (e.g., Python, Go, Java, TypeScript), able to build production-grade systems and security tooling.
  • Experience building automation, internal tools, developer platforms, security guardrails, or self-service security capabilities.
  • Ability to influence without authority, communicate complex risks clearly, and translate security problems into scalable engineering solutions.

Nice to have

  • Experience securing GenAI, LLM, AI agent, RAG, or ML systems.
  • Familiarity with OWASP Top 10 for LLMs, MITRE ATLAS, NIST AI RMF, AI gateways, LLM guardrails, prompt evaluation, or AI red teaming.
  • Familiarity with modern security tooling such as CNAPP/CSPM, SAST, DAST, SCA, IaC scanning, secret scanning, WAF, SIEM, EDR, or vulnerability management platforms.

Soft skills

Pragmatism and builder mindsetInfluence without authorityClear communication of complex risksMentorshipCross-team collaboration

What we offer

  • Competitive compensation package with a HelloFresh-subsidized pension scheme.
  • Berlin relocation support.
  • Hybrid working model.
  • Discounts on your weekly HelloFresh box and office meals.
  • German language learning budget and access to the HelloFresh Academy.
  • Mental health support (Headspace, Spill), 24/7 gym access, and wellbeing platforms.
  • Transportation perks and working-parent-friendly benefits.
  • Sabbatical leave options.

About the company

HelloFresh is one of Europe's fastest-growing tech companies and the world's leading meal kit company, with a diverse global community of over 90 nationalities. Its Security Tribe builds the next generation of security capabilities across cloud, application, offensive, and GenAI security.