Job Drop BerlinYOUR WAY INTO BERLIN TECH
NewsletterLinkedIn
AboutTermsImpressumPrivacy

Staff Security Engineer (m,f,x)

HHelloFresh
Seniority
Senior
Model
Hybrid
Sector
Consumer
Salary
Undisclosed
Contract
Full-Time

About the role

Staff Security Engineer to join the Security Tribe and help shape the next generation of security capabilities at HelloFresh. This is a senior individual contributor role for someone who is deeply technical, pragmatic, and builder-minded, working across Cloud Security, Application & Product Security, Offensive Security, and GenAI Security with a strong focus on creating scalable internal security products, paved roads, guardrails, and self-service capabilities.

What you'll do

  • Own and elevate secure design and architecture at scale across HelloFresh — championing a security-by-design culture by defining, driving, and embedding robust architectural patterns, reference designs, and guardrails that enable teams to build secure systems by default across the organization.
  • Define and drive security architecture across cloud environments, with a strong focus on AWS, Kubernetes, IAM, network security, workload protection, secrets management, and secure-by-default infrastructure.
  • Build and scale cloud security guardrails using automation, policy-as-code, Infrastructure as Code, and platform-native controls.
  • Partner with engineering and product teams to embed security into the SDLC through threat modeling, secure design reviews, security testing, and developer-friendly remediation workflows.
  • Build internal security products and capabilities that make security self-serviceable for HelloFresh employees and engineering teams.
  • Drive offensive security activities including penetration testing, adversary simulation, purple teaming, and validation of detection and response capabilities.
  • Establish security patterns and controls for GenAI and AI/ML systems, including LLM applications, AI agents, RAG systems, model integrations, prompt injection risks, data leakage, and AI governance.
  • Mentor senior engineers, influence technical direction, and act as a trusted security advisor across engineering, product, platform, data, and leadership teams.

What you'll need

  • 8+ years of experience in security engineering, software engineering, cloud security, application security, or offensive security.
  • Deep hands-on experience securing cloud-native environments, preferably AWS, with strong knowledge of IAM, Kubernetes, networking, logging, detection, and infrastructure security.
  • Strong application and product security experience, including threat modeling, secure architecture reviews, OWASP risks, API security, and SDLC security.
  • Practical offensive security experience, including penetration testing, vulnerability research, exploitability analysis, or red/purple team exercises.
  • Strong engineering skills in one or more programming languages (e.g., Python, Go, Java, TypeScript), with the ability to build production-grade systems and security tooling.
  • Experience building automation, internal tools, developer platforms, security guardrails, or self-service security capabilities.
  • Ability to influence without authority, communicate complex risks clearly, and translate security problems into scalable engineering solutions.

Nice to have

  • Experience securing GenAI, LLM, AI agent, RAG, or ML systems.
  • Familiarity with OWASP Top 10 for LLMs, MITRE ATLAS, NIST AI RMF, AI gateways, LLM guardrails, prompt evaluation, or AI red teaming.
  • Familiarity with modern security tooling such as CNAPP/CSPM, SAST, DAST, SCA, IaC scanning, secret scanning, WAF, SIEM, EDR, or vulnerability management platforms.

What they offer

  • Competitive compensation package with HelloFresh-subsidized Pension Scheme and Berlin relocation support.
  • Hybrid working model.
  • Exclusive discounts on HelloFresh boxes and office meals.
  • German language learning budget and access to HelloFresh Academy.
  • Mental health support, transportation perks, 24/7 gym access, and wellbeing platforms like Headspace and Spill.
  • Sabbatical leave and working-parent-friendly benefits.
APPLY →