[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-application-security-engineer-mwd-100-remote-2":3,"similar-application-security-engineer-mwd-100-remote-2":39,"matching-freelancers-application-security-engineer-mwd-100-remote-2":301},{"id":4,"slug":5,"title":6,"description":7,"skills":8,"budget":24,"duration":24,"location":25,"onsitePercent":26,"contractType":27,"foundAt":28,"category":29,"rawText":33,"webTitle":34,"webText":35,"language":36,"projectId":37,"sourceUrl":38},16206,"application-security-engineer-mwd-100-remote-2","Application Security Engineer (m\u002Fw\u002Fd) - 100% remote","Für einen globalen Anbieter von Enterprise-Workflow- und Digital-Transformation-Lösungen suchen wir einen Application Security Engineer für das Global Security Support Center (GSSC) im vollständig Remote-Format. Die Rolle umfasst die Verwaltung des Lebenszyklus von Sicherheitsfunden, Validierung von Schwachstellen, Code-Reviews und Zusammenarbeit mit Engineering-Teams zur Behebung von Sicherheitsproblemen.",[9,10,11,12,13,14,15,16,17,18,19,20,21,22,23],"Application Security","Vulnerability Assessment","Penetration Testing","OWASP Top 10","Code Review","JavaScript","Java","CVSS Scoring","Security Testing","Risk Assessment","SSRF","IDOR","SQL Injection","XSS","GraphQL Security",null,"München",0,"temp_work","2026-06-25T11:46:26+00:00",{"id":30,"slug":31,"label":32},5,"it_infra_security","IT-Infrastruktur & Security","Zurück zur Jobsuche\nApplication Security Engineer (m\u002Fw\u002Fd)- 100% remote\n\nStandort:\nGermany\nTryb pracy:\nArbeitnehmerüberlassung\nJob Ref:\nBBBH121734_1782387607\nBewerben\n\nFor our client, a global leader in enterprise workflow and digital transformation solutions, we are looking for an Application Security Engineer to join the Global Security Support Center (GSSC) - Fully Remote.\n\nRef.: 121734\n\nApplication Security Engineer\n\nIn this hands-on role, you will be responsible for managing the lifecycle of security findings reported by customers and penetration testers. You will validate and assess vulnerabilities, reproduce issues in lab environments, perform code reviews, and work closely with engineering teams to drive remediation efforts. The position requires strong technical expertise, analytical thinking, and the ability to communicate security risks effectively to both technical and business stakeholders.\n\nYour Responsibilities\n\n- Triage and validate security findings submitted by customers and penetration testers.\n- Assess exploitability, scope, business impact, and remediation paths for reported vulnerabilities.\n- Analyze platform-level vulnerabilities across web applications, APIs, and server-side components.\n- Investigate security issues including SSRF, IDOR, SQL Injection, XSS, GraphQL abuse, privilege escalation, server-side injection, and related attack vectors.\n- Reproduce and verify vulnerabilities in lab environments.\n- Perform code reviews and trace attack paths across JavaScript and Java codebases.\n- Prepare customer-facing security assessments and risk evaluations.\n- Collaborate with engineering teams on defect management, remediation planning, patch validation, and fix verification.\n- Apply risk-based decision making and provide recommendations for mitigation strategies.\n\nRequired Qualifications\n\n- 3+ years of experience in Application Security, Product Security, Penetration Testing, Bug Bounty, or a related security discipline.\n- Strong understanding of application security principles and common attack vectors.\n- Hands-on experience with vulnerability validation, security testing, and risk assessment.\n- Solid knowledge of OWASP Top 10 and modern application security threats.\n- Experienceanalyzing vulnerabilities such as:\n- SSRF\n- IDOR\n- SQL Injection\n- XSS\n- Privilege Escalation\n- GraphQL Security Issues\n- Prototype Pollution\n- Server-Side Injection\n- Ability to read and analyze JavaScript and Java code.\n- Experience writing technical security reports for both engineering and executive audiences.\n- Strong understanding of CVSS scoring and vulnerability risk assessment.\n- Excellent communication and stakeholder management skills.\n\nNice to Have\n\n- Advanced ServiceNow platform experience (e.g., custom app development or deep familiarity with the ACL model and scoping boundaries)\n- Background in customer-facing security roles or managed security services.\n- Experience working with bug bounty programs and vulnerability disclosure processes.\n- Security certifications such as GWEB, GWAPT, OSCP, or equivalent.\n- Experience with secure software development practices and application architecture reviews.\n\nWhat We Offer\n\n- Opportunity to work on complex and high-impact security challenges.\n- Exposure to large-scale enterprise applications and modern cloud environments.\n- Collaboration with experienced security and engineering teams.\n- International and dynamic work environment.\n- Professional growth and continuous learning opportunities.\n\nFor over 30 years, Nash direct has been helping remarkable people to win exciting roles at world-leading technology companies in Germany. Our Mission is to give our employees the best possible experience in working with us.\n\nInterested? Then we would love to receive your application.\n\nFor more information on the role please get in touch with Marlena Marzano Monterosso.\n\nMarlena Marzano Monterosso\n\nSenior Recruiter\n\nNash direct GmbH\n\nLeonrodstraße 52\n\n80636 München\n\nMobile: +49 89 839306241\n\nEmail: marlena.marzano@nashdirect.de\n\nAlways use these settings\nBewerbenStellenanzeige teilen\n\nE-Mail: marlena.marzano@nashdirect.de\n\nHi! Ich bin Marlena\n\nIch bin für diesen Job verantwortlich.\nZu meinem Profil\nMehr Jobs von Marlena\n\nMünchen (81249), Bayern\nSoftware Engineer (m\u002Ff\u002Fd) - Frontend Analysis & AI Insights - Munich\nMünchen (81249), Bayern\nTest Automation Engineer (m\u002Ff\u002Fd) -20h\u002Fweek\nMünchen (81249), Bayern\nQuality Engineer Print Process (m\u002Fw\u002Fd)","Application Security Engineer (m\u002Fw\u002Fd)","Wir suchen einen erfahrenen Application Security Engineer für ein globales Unternehmen im Bereich Enterprise Workflow und Digital Transformation. Diese vollständig remote Position bietet die Gelegenheit, in einem spezialisierten Security Support Center an der Vorderfront der Anwendungssicherheit zu arbeiten.\n\nIn dieser praktischen Rolle verwalten Sie den gesamten Lebenszyklus von Sicherheitsfunden, die von Kunden und Penetrationstestern gemeldet werden. Sie validieren und bewerten Schwachstellen, reproduzieren Probleme in Laborumgebungen, führen Code-Reviews durch und arbeiten eng mit Engineering-Teams zusammen, um Behebungsmaßnahmen voranzutreiben.\n\nIhre Aufgaben umfassen die Triage und Validierung von Sicherheitsfunden, die Bewertung von Ausnutzbarkeit und geschäftlichen Auswirkungen, die Analyse von Plattform-Schwachstellen in Web-Anwendungen und APIs sowie die Untersuchung von Sicherheitsproblemen wie SSRF, IDOR, SQL-Injection, XSS und Privilege Escalation. Sie führen Code-Reviews durch, erstellen kundenorientierte Sicherheitsbewertungen und arbeiten mit Engineering-Teams bei Defekt-Management und Patch-Validierung zusammen.\n\nWir erwarten mindestens 3 Jahre Erfahrung in Application Security, Product Security oder Penetration Testing. Sie sollten ein tiefes Verständnis von OWASP Top 10, modernen Anwendungssicherheitsbedrohungen und Schwachstellenbewertung mitbringen. Fähigkeiten in der Analyse von JavaScript- und Java-Code sowie die Erstellung technischer Sicherheitsberichte sind erforderlich. Starke Kommunikationsfähigkeiten und Stakeholder-Management sind essentiell.\n\nVorteilhaft sind Erfahrungen mit ServiceNow-Plattformen, kundenorientierte Sicherheitsrollen oder Bug-Bounty-Programme.","en","BBBH121734_1782387607","https:\u002F\u002Fwww.harveynash.de\u002Fjobs\u002F298113-Application-Security-Engineer-mwd--100-remote",{"items":40},[41,60,67,86,109,126,133,149,170,184,204,230,246,264,286],{"id":42,"slug":43,"title":44,"description":45,"skills":46,"budget":24,"duration":55,"location":25,"onsitePercent":56,"contractType":57,"foundAt":58,"category":59},16213,"spezialist-service-desk-passivgeschaeft-anlageberatung-mwd","Spezialist Service Desk Passivgeschäft \u002F Anlageberatung (m\u002Fw\u002Fd)","Erfahrener Spezialist (m\u002Fw\u002Fd) im Service Desk mit Fokus auf Passivgeschäft und Anlageberatung für Privatkunden gesucht. Die Rolle vereint fachlichen Support, Kundenkommunikation sowie Mitwirkung an der Weiterentwicklung von Lösungen und Prozessen. Vollzeit-Position mit Hybrid-Arbeitsform (Remote und München, ca. 1–2 Mal pro Monat vor Ort).",[47,48,49,50,51,52,53,54],"Service Desk","Passivgeschäft","Anlageberatung","Kundenservice","Bankensektor","Technischer Support","Kundenkommunikation","Deutsch C1","4-6 Monate",20,"contracting","2026-06-25T11:57:37+00:00",{"id":30,"slug":31,"label":32},{"id":61,"slug":62,"title":6,"description":63,"skills":64,"budget":24,"duration":24,"location":25,"onsitePercent":26,"contractType":27,"foundAt":65,"category":66},16207,"application-security-engineer-mwd-100-remote-3","Für einen globalen Leader in Enterprise Workflow und Digital Transformation Solutions wird ein Application Security Engineer für das Global Security Support Center gesucht. Die Rolle umfasst die Verwaltung des Lebenszyklus von Sicherheitsfunden, Validierung von Schwachstellen, Code Reviews und Zusammenarbeit mit Engineering Teams zur Behebung von Sicherheitsproblemen.",[9,10,11,12,13,14,15,16,17,18,19,20,21,22,23],"2026-06-25T11:46:34+00:00",{"id":30,"slug":31,"label":32},{"id":68,"slug":69,"title":70,"description":71,"skills":72,"budget":24,"duration":81,"location":82,"onsitePercent":83,"contractType":57,"foundAt":84,"category":85},16197,"it-stabilisierung-und-skalierung-in-wachstumsunternehmen","IT-Stabilisierung und Skalierung in Wachstumsunternehmen","Stabilisierung und Skalierung der IT-Infrastruktur in einem Wachstumsunternehmen mit Fokus auf Microsoft 365 und Google Workspace Migration. Führung des IT-Teams, operative Ticketbearbeitung und strategische Ausrichtung der IT-Landschaft.",[73,74,75,76,77,78,79,80],"IT-Leitung","Microsoft 365","IT-Infrastrukturverwaltung","Google Workspace","Team-Management","IT-Migrationen","Firefighting","Kommunikation","6 Monate, Start 01.07.2026","Stuttgart, Baden-Württemberg",50,"2026-06-25T11:26:12+00:00",{"id":30,"slug":31,"label":32},{"id":87,"slug":88,"title":89,"description":90,"skills":91,"budget":24,"duration":105,"location":106,"onsitePercent":56,"contractType":27,"foundAt":107,"category":108},16175,"senior-application-security-engineer-mwd","Senior Application Security Engineer (m\u002Fw\u002Fd)","Suche nach Senior Application Security Engineer für Kundenunternehmen in Köln. Aufgaben umfassen Integration von IT-Security in Softwareentwicklung, Security Assessments, DevSecOps-Unterstützung und Enablement von Entwicklungsteams. Erforderlich sind Expertise in Web Application Security, Cloud\u002FNetzwerk-Security und Softwareentwicklung.",[9,92,93,94,95,96,97,98,99,15,100,101,102,103,104],"Web Application Security Testing","Cloud Security","Netzwerk-Security","DevSecOps","CI\u002FCD","SDLC","SAST","DAST","Go","Kotlin","Scala","Deutsch","Englisch","18 Monate, Start August 2026","Köln","2026-06-25T10:06:06+00:00",{"id":30,"slug":31,"label":32},{"id":110,"slug":111,"title":112,"description":113,"skills":114,"budget":24,"duration":24,"location":123,"onsitePercent":26,"contractType":57,"foundAt":124,"category":125},16165,"splunk-architekt-mwd","Splunk Architekt (m\u002Fw\u002Fd)","Freiberufliches Projekt als Splunk-Consultant für Architektur-Redesign und Umsetzung. Aufgaben umfassen Regeln-Anpassung, System-Parameter-Ermittlung, Workflow-Definition und Dokumentation. Gesucht wird ein erfahrener Splunk-Admin\u002FArchitect mit Projekterfahrung in komplexen Server-Umgebungen.",[115,116,117,118,119,120,121,122],"Splunk","Splunk-Admin","Splunk-Architect","Infrastruktur-Design","MS Windows Server","UNIX","System-Analyse","Problemlösung","Deutschland","2026-06-25T09:31:20+00:00",{"id":30,"slug":31,"label":32},{"id":127,"slug":128,"title":6,"description":129,"skills":130,"budget":24,"duration":24,"location":25,"onsitePercent":26,"contractType":27,"foundAt":131,"category":132},16164,"application-security-engineer-mwd-100-remote","Erfahrener Application Security Engineer für Global Security Support Center eines führenden Technologieunternehmens. Verantwortung für Triage, Validierung und Behebung von Sicherheitsfunden von Kunden und Penetrationstestern. Hands-on Rolle mit Code-Reviews, Vulnerability-Analyse und Zusammenarbeit mit Engineering-Teams.",[9,10,11,12,13,14,15,16,17,18,19,20,21,22,23],"2026-06-25T09:28:37+00:00",{"id":30,"slug":31,"label":32},{"id":134,"slug":135,"title":136,"description":137,"skills":138,"budget":24,"duration":144,"location":145,"onsitePercent":146,"contractType":57,"foundAt":147,"category":148},16131,"onsite-supporter-mwd-2","Onsite Supporter (m\u002Fw\u002Fd)","Für einen Kunden in Düsseldorf werden mehrere Onsite Supporter gesucht. Aufgaben umfassen Ticketbearbeitung und Datenpflege in IT-Systemen, Auslieferung und Unterstützung bei der Inbetriebnahme verschiedener Gerätetypen sowie Urlaubs- und Krankheitsvertretungen. Erforderlich sind Kenntnisse in Windows-Betriebssystemen, MS Office, Netzwerkumfeld und sichere Kommunikation mit Kunden.",[139,140,141,142,143,103,104],"Windows Betriebssysteme","MS Office","Netzwerkumfeld (Switching, Layer 1-3)","Ticketbearbeitung","Datenpflege","ab sofort bis 31.12.2026 + Option","Düsseldorf",100,"2026-06-25T08:27:59+00:00",{"id":30,"slug":31,"label":32},{"id":150,"slug":151,"title":152,"description":153,"skills":154,"budget":24,"duration":24,"location":166,"onsitePercent":146,"contractType":167,"foundAt":168,"category":169},16120,"information-security-officer-eindhoven","Information Security Officer (Eindhoven)","Verantwortung für den Schutz der Informationsversorgung und digitalen Dienste durch Implementierung von Sicherheitsrichtlinien, Risikomanagement und Compliance mit Informationssicherheits- und Datenschutzgesetzen. Implementierung und Wartung von ISMS und ISO 27001-Framework, Durchführung von Sicherheitsrisikoanalysen und Incident Management. Zusammenarbeit mit Stakeholdern zur Weiterentwicklung der Sicherheitsreife der Organisation.",[155,156,157,158,159,93,160,161,162,163,164,165],"Information Security","ISO 27001","Cyber Security","Risk Management","Governance","Data Governance","ISMS","Incident Management","Business Continuity Planning","GDPR\u002FAVG","Stakeholder Management","Eindhoven","permanent","2026-06-25T08:21:20+00:00",{"id":30,"slug":31,"label":32},{"id":171,"slug":172,"title":173,"description":174,"skills":175,"budget":24,"duration":179,"location":180,"onsitePercent":181,"contractType":57,"foundAt":182,"category":183},16119,"security-incident-berater-mwd-schwachstellen-soc-incident-management","Security Incident Berater (m\u002Fw\u002Fd) Schwachstellen, SOC & Incident Management","Suche nach Security Incident Berater für Schwachstellenmanagement, SOC und Incident Management. Einsatz in Vollzeit mit 3 Tagen pro Woche vor Ort in Wiesbaden bis 07\u002F2027. Aufgaben umfassen Bearbeitung von Incidents und Schwachstellenmeldungen.",[176,177,178,162],"IT-Security","Schwachstellenmanagement","Security Operations Center","ab sofort bis 07\u002F2027 + Option","Wiesbaden",60,"2026-06-25T08:16:32+00:00",{"id":30,"slug":31,"label":32},{"id":185,"slug":186,"title":187,"description":188,"skills":189,"budget":200,"duration":24,"location":201,"onsitePercent":83,"contractType":167,"foundAt":202,"category":203},16099,"it-systemadministrator-mwd-it-system-engineer","IT-Systemadministrator (m\u002Fw\u002Fd) – IT System Engineer","Administration und Weiterentwicklung einer hybriden IT-Infrastruktur mit Fokus auf Windows-Server, Hyper-V und Netzwerksysteme. Sicherstellung stabiler IT-Betriebe durch Monitoring und Patch-Management sowie Mitarbeit in internationalen IT-Projekten. Langfristige Perspektive in einem internationalen Technologiekonzern im Bereich Industrial Automation.",[190,191,192,193,194,74,195,196,197,198,199],"Netzwerkadministration","Firewall-Konfiguration","Windows-Umgebungen","Active Directory","Entra ID","Rechenzentrumsumgebungen","IT-Service-Management (ITIL)","Projektmanagement","Deutsch (B2+)","Englisch (B2+)","bis zu 90.000 EUR","Rheinfelden","2026-06-25T00:01:43+00:00",{"id":30,"slug":31,"label":32},{"id":205,"slug":206,"title":207,"description":208,"skills":209,"budget":224,"duration":225,"location":226,"onsitePercent":227,"contractType":57,"foundAt":228,"category":229},16097,"senior-security-spezialist-forensik-siem-cissp-o-ae-contract","Senior Security Spezialist Forensik SIEM CISSP o. ä. (contract)","Gesucht wird eine erfahrene Fachperson für digitale Forensik mit Schwerpunkt auf rechtlich und regulatorisch relevanten Untersuchungen. Die Person unterstützt interne Untersuchungen im Kontext von Recht und Compliance Vorfällen und liefert technische Grundlagen für mögliche arbeits-, zivil- oder strafrechtliche Schritte. Zusätzlich unterstützt die Rolle die Ursachenanalyse von IT-Sicherheitsvorfällen in enger Zusammenarbeit mit Legal, Datenschutz, Konzernsicherheit und HR.",[210,211,212,213,214,115,215,216,217,218,219,220,221,222,223,103,104],"Digitale Forensik","SIEM","eDiscovery","EDR","Microsoft Purview","Microsoft Defender","Host Forensik","Cloud Forensik (AWS, Azure)","Netzwerkforensik","Evidence Handling","Incident Response","GDPR","Datenschutz","Strafprozessrecht","CHF 115\u002Fh","6 Monate mit Option, Start Juli 2026","Bern",40,"2026-06-24T22:16:36+00:00",{"id":30,"slug":31,"label":32},{"id":231,"slug":232,"title":233,"description":234,"skills":235,"budget":24,"duration":243,"location":24,"onsitePercent":26,"contractType":57,"foundAt":244,"category":245},16070,"netzwerkspezialisten-fuer-industrielle-cybersecurity-otics","Netzwerkspezialisten für industrielle Cybersecurity (OT\u002FICS)","Gesucht wird ein Netzwerkspezialisten für die Überprüfung und Neugestaltung von Maschinennetzwerk-Architekturen nach IEC 62443. Aufgaben umfassen Security-Level-Definition, Monitoring-Implementierung und Firewall-Konfigurationen. Einsatz zu 75-100% remote mit gelegentlichen vor-Ort-Terminen.",[236,237,238,191,239,240,241,242],"Industrielle Netzwerkarchitekturen (OT\u002FICS)","IEC 62443","Industrial Cyber Security","Monitoring (Syslog)","Fernwartungslösungen","Netzwerk-Segmentierung","Industrielle Kommunikationsprotokolle","6 Monate","2026-06-24T15:30:25+00:00",{"id":30,"slug":31,"label":32},{"id":247,"slug":248,"title":249,"description":250,"skills":251,"budget":24,"duration":260,"location":261,"onsitePercent":146,"contractType":167,"foundAt":262,"category":263},16062,"it-systemadministrator-mwd-11","IT Systemadministrator (m\u002Fw\u002Fd)","Planung, Implementierung und Administration von IT-Infrastrukturen und Netzwerken. Konzeption und Durchsetzung von Sicherheitsrichtlinien sowie Risikomanagement und Security Engineering. Identitäts- und Zugriffsmanagement (IAM) mit Fokus auf Netzwerksicherheit und regulatorische Anforderungen.",[252,253,254,255,256,257,258,259],"IT-Systemadministration","Netzwerksicherheit","Windows","Domänenverwaltung","Gruppenrichtlinien","IAM","Security Engineering","Sicherheitsaudits","Start: 01.07.2026","Beckum","2026-06-24T14:35:26+00:00",{"id":30,"slug":31,"label":32},{"id":265,"slug":266,"title":267,"description":268,"skills":269,"budget":24,"duration":24,"location":283,"onsitePercent":26,"contractType":57,"foundAt":284,"category":285},16060,"service-desk-mitarbeiter-1st-level-support-mwd","Service Desk Mitarbeiter (1st Level Support) (m\u002Fw\u002Fd)","Entgegennahme und Bearbeitung von IT-Support-Anfragen und Incidents in mehreren Sprachen über einen internen IT Service Desk. Unterstützung interner Kunden bei IT-Anliegen, Ticketbearbeitung nach ITIL-Prozessen und Applikationssupport für verschiedene interne Systeme.",[74,270,271,272,273,274,275,276,277,278,279,280,103,281,104,282],"Windows 11","Microsoft Intune","Applikationssupport","ITSM-Tools","ServiceNow","Hardware-Support","Microsoft Entra ID","Microsoft Azure","KI-Technologien","Netzwerk","Zscaler","Französisch","Italienisch","Zürich","2026-06-24T14:31:20+00:00",{"id":30,"slug":31,"label":32},{"id":287,"slug":288,"title":289,"description":290,"skills":291,"budget":24,"duration":24,"location":106,"onsitePercent":83,"contractType":27,"foundAt":299,"category":300},16024,"it-support-mwd","IT-Support (m\u002Fw\u002Fd)","Gesucht wird ein IT-Support-Mitarbeiter (m\u002Fw\u002Fd) in Vollzeit am Standort Köln für Zeitarbeit. Die Aufgaben umfassen technischen Support per Telefon\u002FE-Mail\u002FFernwartung, Problemanalyse, Installation und Konfiguration von Hard- und Software sowie Schulung von Anwendern in Microsoft-Umgebungen. Erforderlich sind IT-Ausbildung oder vergleichbare Erfahrung, Kenntnisse in Windows, M365, Teams und Azure AD sowie sehr gute Deutschkenntnisse.",[292,293,294,295,296,297,298,50,103],"IT-Support","Helpdesk","Microsoft Windows","M365","Microsoft Teams","Azure AD","Systemintegration","2026-06-24T12:51:03+00:00",{"id":30,"slug":31,"label":32},{"items":302},[]]