Heads up: this job position has expired. If you were already in process, no worries; it will still proceed as normal.

Security Engineer

API-first content management platform

Job details

Apply now


Contentful provides content infrastructure for digital teams to power websites, apps, and devices. Unlike a CMS, Contentful was built to integrate with the modern software stack. It offers a central hub for structured content, powerful management and delivery APIs, and a customizable web app that enables developers and content creators to ship their products faster.


    • Develop security tools to improve our infrastructure and development pipeline
    • Improve existing security features in our applications, including improvement of our security monitoring and threat detection tooling in our microservices architecture
    • Support Product and Engineering teams and ensure that all new applications and features have security built in from the beginning on
    • Work with skilled engineers to identify risks, put measures in place to avoid them and ensure that our security standards are met
    • Continually refine and improve our security standards, and train our employees on all security measures
    • Help manage our bug bounty program and coordinate verification and fixing of the reported findings
    • Support the Sales team to answer any security related questions from customers, consequently helping to build trust

Main requirements

  • You have already worked with a modern cloud infrastructure and are looking for a challenge within a company that considers security as a combined and ongoing effort based on a data-driven culture
    • You have at least 3 years of experience in the field of application and system security
    • You are proficient with at least one interpreted language (e.g. Ruby, JavaScript, Python).
    • You have a background in Linux
    • Professional experience with web services, REST, microservice architectures and container infrastructure
    • Good understanding of the OWASP Top 10
    • Excellent English communication skills, both verbal and written (German is not required but is considered a plus). *

Nice to have

  • Experience running a responsible vulnerability disclosure program or reporting vulnerabilities to companies.
  • Experience in ensuring security and privacy on the Internet
  • Familiar with AWS and the security mechanisms provided


  • Join an innovative tech company as we help drive the evolution of digital experiences to become ever-more ubiquitous and interactive. Be a part of helping companies build modern architectures for mission-critical applications
  • Shape the future of Contentful: help us establish, scale, and improve our team's processes
  • We offer free German classes
  • Generous education budget complete with extra days off to be spent on your professional and self-development
  • Be set up for success, equipped with the latest and greatest hardware
  • Hang-out in one of our many shared spaces, playing games with colleagues or enjoying a full range of events, including workshops, on-site meetups, guest speakers, and fun events for the company and each team. Did we mention an annual off-site?
  • As much artisan coffee as you can handle
  • Take a break and pat a pup, we are a dog-friendly office

Apply now