Back to search
Rakuten Symphony Linkedin · Posted 7d ago

DevSecOps Engineer (m/f/d)

Germany

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

About the Company -


Rakuten empowers through technology.


Rakuten Symphony Germany is building a nationwide mobile network based on the industry-leading Symphony platform developed from Singapore and successfully deployed in Japan. Symphony is a fully virtualized, cloud-native telco platform at the cutting edge of technology: Rakuten partners with research organizations, start-ups, and SMEs through its Network Innovation Lab on the future of OpenRAN and autonomous networks of the future. We are in the process of deploying a nation-wide mobile network in Germany.


Your Role:


As a Security Engineer within our Lab environment, you will be responsible for ensuring the security integrity of our development and deployment processes. You will drive security practices across CI/CD pipelines, DevOps tooling, and infrastructure while proactively identifying and mitigating vulnerabilities. Working closely with development teams, DevOps, and platform owners, you will play a key role in strengthening our overall security posture through testing, automation, and hands-on security assessments.


Your Responsibilities:


  • Own and oversee security testing within CI/CD pipelines, including scanning, validation, and approval of container images
  • Manage and enforce quarantine processes for high-risk artifacts pending security review
  • Perform manual validation of vulnerabilities to reduce false positives and ensure secure deployments
  • Collaborate with DevOps teams, Artifactory owners, and project managers to integrate security best practices
  • Conduct vulnerability assessments across infrastructure, applications, and network environments
  • Develop and maintain automation scripts (e.g., Python) to enhance security testing and operations
  • Validate exploitability of identified vulnerabilities and assess associated risks
  • Drive remediation efforts by defining mitigation strategies and supporting patching and fixes with development teams
  • Help Security Assurance team to plan and execute penetration tests (web, internal, external, cloud, and product-focused environments such as object storage systems)
  • Provide actionable recommendations to improve security posture based on findings
  • Help Security Assurance team to execute red team exercises to simulate real-world attack scenarios
  • Help Defensive Security team to evaluate detection and response capabilities and recommend improvements
  • Help Security Architecture team to improve security practices


Requirements:


  • Proven ability to integrate security controls into the software development lifecycle, with a solid understanding of Shift-Left Security principles
  • Proven experience in security engineering, DevSecOps, penetration testing or a similar role
  • Strong hands-on experience with CI/CD pipelines, particularly using Jenkins as well as CI/CD security tools and practices (e.g., SAST, DAST, container scanning)
  • Hands-on experience with containerization and orchestration technologies (e.g., Docker, Kubernetes), including securing container images and runtime environments
  • Experience with vulnerability assessment and penetration testing tools and methodologies
  • Experience performing web, infrastructure, and cloud penetration testing
  • Familiarity with artifact repository security (e.g., Artifactory or similar platforms)
  • Experience in scripting/automation, preferably with Python
  • Ability to assess and prioritize vulnerabilities based on risk and business impact
  • Experience conducting or participating in red team exercises
  • Solid understanding of network security, application security, and cloud security concepts
  • Strong collaboration and communication skills when working with cross-functional teams
  • Experience with secrets management solutions such as HashiCorp Vault
  • Understanding of PKI concepts, including certificate management and secure communications (considered a strong plus)
  • Experience in telecom environments is a plus

Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent