Role Description Die APT-ONE GmbH mit Sitz in Berlin ist ein auf Cyber Security spezialisiertes Beratungshaus, das Unternehmen dabei unterstützt, ihre IT-, OT- und KI-Systeme wirksam vor digitalen Bedrohungen zu schützen und sicher für die Zukunft aufzustellen. Bei uns bist du richtig, wenn: - du ein attraktives Fixgehalt kombiniert mit einer leistungsorientierten und überdurchschnittlichen Gewinnbeteiligung erhalten möchtest. - du flexibel und ortsunabhängig arbeiten willst und gleichzeitig an hochrelevanten Projekten in den Bereichen Cyber Security, IT Security und KI-Sicherheit mitwirken möchtest. - du durch anspruchsvolle Projekte tiefgehende Expertise in modernen Sicherheitsarchitekturen, Security Operations, Risikomanagement und technologischen Zusammenhängen aufbauen und dich kontinuierlich weiterentwickeln möchtest. Aufgaben: - Du verbindest Cloud-Security-Expertise mit Beratung, steuerst Projekte eigenständig, bereitest Risiken und Ergebnisse adressatengerecht auf und entwickelst die Kundenbeziehung sowie weiteren Absicherungsbedarf proaktiv weiter. - Durchführung von Cloud Security Assessments und Architektur-Reviews (AWS, Azure, GCP) - Konzeption und Implementierung von Cloud Security Posture Management (CSPM/CNAPP) - Entwurf und Umsetzung von Identity & Access Management (IAM) Strategien inkl. Zero-Trust-Ansätzen in Cloud-Umgebungen - Sicherheitsbewertung und Härtung von Container- und Kubernetes-Umgebungen - Prüfung und Absicherung von Infrastructure-as-Code (Terraform, CloudFormation, Pulumi) - Beratung zur sicheren Multi-Cloud-Architektur und Cloud-Migration - Integration von Security in CI/CD-Pipelines (DevSecOps): SAST, DAST, SCA, Secret Scanning und Policy-as-Code - Aufbau und Optimierung von DevSecOps-Prozessen in Zusammenarbeit mit Entwicklungs- und Platform-Teams - Erstellung von Security-Konzepten, Risikoanalysen und technischen Dokumentationen - Unterstützung bei Cloud-bezogenen Sicherheitsvorfällen und Forensik Qualifications - Mindestens 6 Jahre Berufserfahrung im Bereich Cloud Security oder Cloud Engineering mit Sicherheitsfokus - Tiefgehende Kenntnisse in mindestens zwei der drei großen Cloud-Plattformen (AWS, Azure, GCP) – Azure bevorzugt - Nachweisbare Erfahrung mit IAM-Architekturen, Conditional Access, Entra ID (Azure AD) und Federation - Fundierte Kenntnisse in Container-Sicherheit (Docker, Kubernetes, Service Mesh) - Erfahrung mit CSPM-Tools (Prisma Cloud, Defender for Cloud, Wiz oder vergleichbar) - Praktische Erfahrung mit Infrastructure-as-Code Security Scanning (tfsec, Checkov, KICS) - Erfahrung mit DevSecOps-Toolchains und deren Integration in CI/CD-Pipelines (z. B. GitLab CI, GitHub Actions, Azure DevOps) - Relevante Zertifizierungen erwünscht: CCSP, AWS Security Specialty, AZ-500, CCSK, CKS - Verhandlungssichere Deutsch- und Englischkenntnisse Benefits - Fixgehalt ab 80.000 € mit Gewinnbeteiligung bis zu 70.000 € - Flexible Arbeitszeiten und Remote-Arbeit - 30 Tage Urlaub - IT-Equipment wie Apple MacBook - Regelmäßige Teamevents - Corporate Benefits wie betriebliche Altersvorsorge, betriebliche Krankenversicherung, Shopping- und Mitarbeiterrabatte

• Join our team at Prominent Edge • Support the DoD and the intelligence community • Leverage best-of-breed open source technologies to provide innovative user-centric solutions • Contribute to a positive company culture

Job Description Are You Ready to Make It Happen at Mondelēz International? Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours. You provide software and applications expertise, and be responsible for implementation of the solutions. How you will contribute You will oversee the planning and execution of software and applications. To do so, you will manage an internal team and partner with external suppliers and use your deep technical and market knowledge and thorough understanding of our business goals find and deploy the right software and application solutions for the future. You will support programs to implement regional and global software and application strategies, offer input to financial planning and controls for software and applications on a regional and global level, collaborate with management and follow-up on requisitions, purchase orders, invoices, and payments, explores opportunities to leverage scale and drive savings, and ensure that support service level objectives and key performance indicators are accomplished. What you will bring A desire to drive your future and accelerate your career. You will bring experience and knowledge in : - Managing staff and line responsibilities - Managing large-scale software and application services - Service delivery, support and excellence - Program/Project management with experience managing multiple projects for budgets, resources, schedules and quality - General technical background - Understanding of integration and how different applications talk to each other - Process and service orientation - Business processes Are You Ready to Make It Happen at Mondelēz International? Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours. Serve as the subject matter expert (SME) for Active Directory and Microsoft Entra ID, providing deep technical leadership across design, operations, and continuous improvement of enterprise identity platforms. This role focuses on the long-term health, resilience, and security posture of AD and Entra ID by applying product- and platform-principles-treating identity as a scalable, reliable service that delivers consistent value to the business. You will design, optimize, and sustain global AD/Entra ID platforms, lead response to complex identity incidents, and drive modernization through automation, standardization, and Zero Trust alignment-while ensuring operational stability. How you will contribute You will collaborate with internal engineers, architects, and strategic partners to deliver secure, reliable IAM capabilities at enterprise scale. Operating within a product & platform model, you will help define technical standards, roadmaps, and reusable capabilities that improve service quality, reduce operational risk, and enable downstream applications and business teams. You will continuously identify opportunities to enhance the AD/Entra ID platforms through automation, design optimization, and process improvement, while supporting global deployments, changes, and incident response in alignment with security best practices and compliance requirements. What you will bring Job Description - Design, implement, and sustain enterprise-grade Active Directory and Microsoft Entra ID platforms using product and platform engineering principles. - Lead the evolution of AD forests, domains, trusts, and domain controller configurations with a focus on stability, scalability, and resilience rather than large-scale migrations. - Act as the technical authority during major incidents, providing Level 3 escalation support, deep root-cause analysis, and durable preventive controls. - Drive platform reliability and service quality, including SLA/OLA adherence across internal support tiers and external vendors. - Forecast platform capacity and infrastructure needs, supporting global expansions, consolidations, and targeted modernization initiatives when required. - Design, implement, and govern Conditional Access, Privileged Identity Management (PIM/PAM), Zero Trust controls, and high-risk identity protection policies. - Design, operate, and continuously optimize Entra Connect / Azure AD Connect topology, synchronization rules, upgrades, and identity lifecycle flows. - Build and maintain PowerShell and Microsoft Graph API automation to enforce standards, reduce manual effort, and improve operational efficiency. - Apply product mindset to platform capabilities-defining reusable patterns, technical guardrails, and reference architectures consumed by application and infrastructure teams. - Mentor and guide L2 engineers through design reviews, troubleshooting techniques, and operational best practices. - Partner with audit, risk, and compliance teams to produce actionable reporting and remediate AD/Entra ID-related findings. - Lead Problem Management activities to eliminate recurring production issues and strengthen platform maturity. - Prioritize work based on risk, impact, urgency, and cost, balancing operational demands with long-term platform improvements. - Present identity platform health, security posture, and architectural recommendations to technical and business stakeholders. - Make risk-based decisions when deviations from standards are required, including defining appropriate compensating controls. More about this role What you need to know about this position: Skills and Qualifications - 7+ years of experience designing, implementing, and operating Active Directory and Microsoft Entra ID at enterprise scale. - Expert knowledge of multi-domain and multi-forest environments, trusts, FSMO roles, schema management, and advanced AD operations. - Deep expertise in AD, Entra ID, PKI, Conditional Access, PIM/PAM, B2B/B2C, and integrations with platforms such as CyberArk, Ping, and Venafi. - Strong understanding of Zero Trust security principles and their practical application within identity and access management. - Solid background in systems architecture, networking, and virtualization across Microsoft and mixed-technology environments. - Experience operating within product, platform, or service-oriented models, emphasizing reliability, scalability, and consumer outcomes. - Proven ability to collaborate across engineering, security, infrastructure, and vendor teams in time-critical environments. - Strong analytical, organizational, and documentation skills. - Excellent written and verbal communication skills, with the ability to influence stakeholders through clear, data-driven recommendations. - Customer-centric mindset with the ability to communicate complex technical concepts with clarity and impact. - Experience with IAM governance and compliance frameworks (CIS, and NIST). - Working knowledge of Agile, and DevSecOps methodologies, as well as ITIL practices (Incident, Change, and Problem Management). - Demonstrated commitment to continuous learning and professional development. Bonus Points - CISSP - Microsoft Certifications - ITIL 4 Foundations Certification (Incident, Change, and Problem Management) No Relocation support available Business Unit Summary At Mondelēz International, our purpose is to empower people to snack right by offering the right snack, for the right moment, made the right way. That means delivering a broad range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about. We have a rich portfolio of strong brands globally and locally including many household names such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. We are proud to hold the top position globally in biscuits, chocolate and candy and the second top position in gum. Our 80,000 makers and bakers are located in more than 80 countries and we sell our products in over 150 countries around the world. Our people are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen-and happen fast. Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. Job Type Regular Software & Applications Technology & Digital

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm values information security as a critical part of the company’s continued success. Our mission is to make information security programmatic and cultural in Affirm, enabling the company to succeed in building honest financial products. The Security team posture increases security and reduces risk while securely enabling access to information for those who need it! The Staff Product Security Engineer candidate will have experience building and architecting software as part of a larger team. The ideal candidate will work effectively with product and engineering teams to evaluate and influence product requirements, design, and implementation to improve the security of Affirm’s products. What You'll Do - Partner with Affirm product teams to ensure that security is included in every phase of the product development lifecycle. - Conduct threat modeling and architecture reviews to ensure threats are understood, documented, and mitigated. - Review and analyze product source code to identify security vulnerabilities and provide recommendations for secure implementation. - Seek out opportunities to automate processes when appropriate. - Identify emerging classes of vulnerabilities and developing solutions for them before they’re a problem. - Assist product teams in the development of security focused test cases to enforce security requirements. - Advise product teams on business security requirements early in the product development lifecycle. - Decompose large, cross-team projects into individual tasks. Manage scope across teams and drive toward project closure. What We Look For - Deep understanding of web application architecture and design principles - Experience using modern software development and delivery techniques to develop cloud-based services. Python, Kotlin, Java, AWS, and Azure experience preferred. - Knowledge of common security flaws and resolution as published by OWASP, SANS, etc. - Experience with PCI or other regulated environments. - Experience conducting threat models for complex, distributed products using standard threat modeling techniques and methodologies. - Experience with standard authentication mechanisms, including SAML and OAuth2. - Understanding of continuous integration / continuous deployment processes and tools. - BS degree in related field or equivalent experience. MS degree in a related field or equivalent experience is a plus. Location - Remote U.S. Pay Grade - P Equity Grade - 13 Employees new to Affirm typically come in at the start of the pay range. Affirm focuses on providing a simple and transparent pay structure which is based on a variety of factors, including location, experience and job-related skills. Base pay is part of a total compensation package that may include equity rewards, monthly stipends for health, wellness and tech spending, and benefits (including 100% subsidized medical coverage, dental and vision for you and your dependents.) USA base pay range (CA, WA, NY, NJ, CT) per year: $225,000 - 275,000 USD USA base pay range (all other U.S. states) per year: $200,000 - 250,000 USD #LI-Remote Affirm is proud to be a remote-first company! The majority of our roles are remote and you can work almost anywhere within the country of employment. Affirmers in proximal roles have the flexibility to work remotely, but will occasionally be required to work out of their assigned Affirm office. A limited number of roles remain office-based due to the nature of their job responsibilities. We’re extremely proud to offer competitive benefits that are anchored to our core value of people come first. Some key highlights of our benefits package include: - Health care coverage - Affirm covers all premiums for all levels of coverage for you and your dependents - Flexible Spending Wallets - generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses - Time off - competitive vacation and holiday schedules allowing you to take time off to rest and recharge - ESPP - An employee stock purchase plan enabling you to buy shares of Affirm at a discount We believe It’s On Us to provide an inclusive interview experience for all, including people with disabilities. We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process. [For U.S. positions that could be performed in Los Angeles or San Francisco] Pursuant to the San Francisco Fair Chance Ordinance and Los Angeles Fair Chance Initiative for Hiring Ordinance, Affirm will consider for employment qualified applicants with arrest and conviction records. By clicking "Submit Application," you acknowledge that you have read Affirm's Global Candidate Privacy Notice and hereby freely and unambiguously give informed consent to the collection, processing, use, and storage of your personal information as described therein.