Deine Rolle Sorge dafür, dass Security nicht nur beschlossen, sondern technisch wirksam umgesetzt wird Die Glückliche Gäste Unternehmensgruppe entwickelt digitale Lösungen für operative Geschäftsprozesse in den Bereichen Gastronomie, Gesundheit, Digitalisierung und Unternehmenssoftware. Mit Marken wie Personal.manager, FoodGenius Labs und uninu bauen wir Lösungen, die im Alltag funktionieren müssen - technisch, organisatorisch und unter wachsenden Anforderungen an Sicherheit und Datenschutz. Für Personal.manager suchen wir einen Security Engineer, der technische Sicherheitsmaßnahmen in Infrastruktur, Plattform, Anwendung und Betriebsprozessen wirksam macht. Du bist die Brücke zwischen Sicherheitsanforderungen, technischer Umsetzung und echtem Betriebsalltag. Deine Mission Du unterstützt dabei, dass Sicherheitsanforderungen in Infrastruktur, Plattform, Anwendung und Betriebsprozessen tatsächlich umgesetzt, dokumentiert, überprüft und verbessert werden. Du arbeitest dort, wo Security in der Praxis oft scheitert: zwischen guter Absicht, begrenzter Zeit und echter Produktionsrealität. Das wirst Du tun Technische Security-Controls umsetzen und begleiten - Du unterstützt die Einführung und Verbesserung technischer Sicherheitsmaßnahmen in Anwendung, Plattform und Infrastruktur. - Du arbeitest an Themen wie Hardening, Secrets-Handling, Zugriffskontrolle, Logging, Monitoring und Alerting mit. - Du begleitest sicherheitsrelevante technische Änderungen, Integrationen und Features. - Du unterstützt bei Schwachstellenbehandlung und technischen Verbesserungsmaßnahmen. Security-Anforderungen in die Praxis übersetzen - Du überträgst Vorgaben aus Security- und Compliance-Anforderungen in konkrete technische und organisatorische Maßnahmen. - Du dokumentierst Kontrollen, Standards, Maßnahmenstände und technische Nachweise. - Du pflegst Checklisten, Runbooks, Betriebsnachweise und Audit-Artefakte. - Du hilfst dabei, Anforderungen nicht nur zu formulieren, sondern verlässlich im Alltag zu verankern. Incident Readiness und technische Resilience stärken - Du unterstützt beim Aufbau und der Pflege von Security-Incident- und Eskalationsprozessen. - Du arbeitest an Wiederanlauf- und Restore-Readiness mit. - Du begleitest technische Übungen, Tests und Nachbereitungen. Security im Engineering-Alltag verankern - Du arbeitest eng mit DevOps, Entwicklung, QA und Support zusammen. - Du hilfst Teams, Security-Anforderungen sauber in Deployments, Services, Rollenmodelle und Betriebsroutinen zu übersetzen. Audit- und Nachweisfähigkeit technisch unterstützen - Du bereitest technische Inhalte für Audits, Kundenanfragen und Assessments vor. - Du lieferst belastbare Evidenzen für definierte Controls. - Du unterstützt bei Gap-Analysen, Review-Prozessen und Maßnahmenverfolgung. - Du arbeitest eng mit dem Security / Privacy Lead zusammen und fungierst als zweite tragende Sicherheitsfunktion. Das bringst Du mit Must-haves - Mehrjährige Erfahrung in Security Engineering, Cloud Security, technischer Compliance-Umsetzung oder vergleichbarer Sicherheitsarbeit - Erfahrung mit Security-Maßnahmen in SaaS-, Cloud- oder Kubernetes-nahen Umgebungen - Gutes Verständnis von Zugriffskontrolle, Logging, Monitoring, Hardening, Backup/Restore und Incident-Prozessen - Fähigkeit, technische Anforderungen strukturiert zu dokumentieren und nachvollziehbar umzusetzen - Pragmatische Arbeitsweise und gute Zusammenarbeit mit Engineering- und Betriebsteams - Ausgeprägtes Verantwortungsbewusstsein und Umsetzungsstärke Nice-to-haves - Erfahrung mit ISO-nahen Maßnahmen oder Auditvorbereitung - Erfahrung mit IAM, SSO, Rollen- und Berechtigungskonzepten - Erfahrung mit Schwachstellenmanagement oder Security Monitoring - Erfahrung in regulierten Kundenumfeldern - Grundverständnis für Datenschutzanforderungen in digitalen Produkt- und Betriebsprozessen Das bieten wir Dir - Direkte Zusammenarbeit mit dem Security Lead - Du arbeitest in einer Unternehmensgruppe mit kurzen Wegen, echtem Gestaltungsspielraum und direkter Anbindung an Produkt und Entscheidungsebene. - Du findest bei uns keine starre Konzernlogik, sondern die Möglichkeit, Dinge wirksam zu gestalten und sichtbar voranzubringen. - Und du arbeitest an Lösungen, die einen echten Unterschied machen – für Unternehmen, für Prozesse und am Ende für Menschen. - Maximale Flexibilität beim Arbeitsort: 100 % Remote, Hybrid oder 100 % vor Ort in St. Wendel – so, wie es zu Deinem Leben passt - Regelmäßige Schulungen und Weiterbildungen, damit Du fachlich und technologisch am Ball bleibst - Ein kollegiales, pragmatisches Team mit echtem Gestaltungswillen und kurzen Entscheidungswegen - Ein faires Gehalt, das Deiner Erfahrung, Verantwortung und Rolle entspricht - 30 Tage Urlaub - Für nicht remote arbeitende Menschen: Modernes Büro mit Dusche, Waschmaschine und einer hochwertigen Siebträgermaschine Unsere Ansprüche und Ziele So arbeitest du bei uns erfolgreich - Du erkennst Lücken und machst daraus Aufgaben, nicht Ausreden. - Du kannst sauber dokumentieren, ohne zum Formular-Orakel zu werden. - Du bist technisch sattelfest, aber nicht dogmatisch. - Du bringst Struktur in operative Sicherheit. - Du sorgst dafür, dass Standards im echten Betrieb leben. Das kannst du bei uns bewegen - Du baust technische Sicherheit in einer produktnahen Organisation aktiv mit auf. - Du schaffst belastbare Grundlagen für Audits, Kundenfähigkeit und Skalierung. - Du arbeitest eng mit Technik und Produkt an wirksamen Verbesserungen. - Du bist nicht der Mensch, der PDFs hübsch macht, während die Systeme rauchen — sondern der Mensch, der dafür sorgt, dass sie weniger rauchen. Bewerbung Du willst Security nicht nur kommentieren, sondern umsetzen? Dann freuen wir uns auf deine Bewerbung mit Lebenslauf und ein paar konkreten Hinweisen auf technische Sicherheitsmaßnahmen, Betriebsverantwortung oder Compliance-nahe Themen, an denen du in den letzten Jahren gearbeitet hast.

• Ensure security is not only decided but implemented effectively and technically • Support the implementation, documentation, verification and continuous improvement of security requirements across infrastructure, platform, application and operational processes • Implement and oversee technical security controls • Translate security requirements into practical solutions • Strengthen incident readiness and technical resilience • Embed security into day-to-day engineering activities • Provide technical support for auditability and evidence requirements

About AlphaSense: The world’s most sophisticated companies rely on AlphaSense to remove uncertainty from decision-making. With market intelligence and search built on proven AI, AlphaSense delivers insights that matter from content you can trust. Our universe of public and private content includes equity research, company filings, event transcripts, expert calls, news, trade journals, and clients’ own research content. The acquisition of Tegus by AlphaSense in 2024 advances our shared mission to empower professionals to make smarter decisions through AI-driven market intelligence. Together, AlphaSense and Tegus will accelerate growth, innovation, and content expansion, with complementary product and content capabilities that enable users to unearth even more comprehensive insights from thousands of content sets. Our platform is trusted by over 6,000 enterprise customers, including a majority of the S&P 500. Founded in 2011, AlphaSense is headquartered in New York City with more than 2,000 employees across the globe and offices in the U.S., U.K., Finland, India, Singapore, Canada, and Ireland. Come join us! About the Role: We are seeking an experienced Senior Business Applications Security Engineer to join our growing Corporate Technology team. This is not a maintenance role—this is an opportunity to build something from the ground up. You will take ownership of the security posture for our entire business application ecosystem, from Salesforce and Workday to niche departmental tools, transforming a fragmented, reactive approach into a centralized, proactive, and hardened security program. Your focus will be on bridging business needs with cloud-based software solutions through implementation, optimization, and vendor management. Transform business application security from an afterthought to a core competency. You will: - Build from scratch: Design and implement a comprehensive business application security program where none exists - Own the ecosystem: Take full ownership of security posture across 200+ business applications (SaaS, cloud, and on-premise) - Establish the standard: Define what "secure" means for business applications and ensure every tool meets that bar - Shift left: Embed security into procurement, integration, and lifecycle management processes - Drive change: Partner with stakeholders across IT, Engineering, Finance, HR, Sales, and Marketing to fundamentally change how the organization thinks about application security Responsibilities - System Administration: Design and scale user access with role-based access controls (RBAC), where possible - Technical Support & Troubleshooting: Provide escalation support in debugging app access/role issues - Application Onboarding: Conduct requirements discovery and analysis with key stakeholders for new applications, particularly pertaining to login and role access protocols - Identity Lifecycle Management: Designing and implementing automations ensuring automatically granted or revoked access - Integration Management: Manage API connections and integrations between business applications in our tech stack - Process Improvements: Identify and implement automation opportunities to streamline workflows - Data & Compliance: Ensure data accuracy, integrity and compliance with security standards - Mentorship to guide junior teammates on best practices within the role Qualifications - 8+ years of experience in Application Security or related role - Professional Certifications: CISSP are a plus - Expertise in Okta, Google Workspace, Microsoft 365 - Experience with SAML and OAuth protocols, as well as SCIM - Proficiency with Okta Workflow or similar automation platforms - Excellent ability to bridge conversations between technical teams and non-technical business stakeholders - Soft skills: Change management, process improvement, stakeholder management, collaborative mindset with excellent written and verbal communication. What We Offer: - Competitive compensation package - Equity opportunities - Comprehensive health, dental, and vision coverage - Flexible PTO and remote work options - Learning & development resources - A high-impact role in a fast-growing, mission-driven company. AlphaSense is an equal-opportunity employer. We are committed to a work environment that supports, inspires, and respects all individuals. All employees share in the responsibility for fulfilling AlphaSense’s commitment to equal employment opportunity. AlphaSense does not discriminate against any employee or applicant on the basis of race, color, sex (including pregnancy), national origin, age, religion, marital status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any other non-merit factor. This policy applies to every aspect of employment at AlphaSense, including recruitment, hiring, training, advancement, and termination. In addition, it is the policy of AlphaSense to provide reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations, and ordinances where a particular employee works. Recruiting Scams and Fraud We at AlphaSense have been made aware of fraudulent job postings and individuals impersonating AlphaSense recruiters. These scams may involve fake job offers, requests for sensitive personal information, or demands for payment. Please note: - AlphaSense never asks candidates to pay for job applications, equipment, or training. - All official communications will come from an @alpha-sense.com email address. - If you’re unsure about a job posting or recruiter, verify it on our Careers page. If you believe you’ve been targeted by a scam or have any doubts regarding the authenticity of any job listing purportedly from or on behalf of AlphaSense please contact us. Your security and trust matter to us.

About AlphaSense: The world’s most sophisticated companies rely on AlphaSense to remove uncertainty from decision-making. With market intelligence and search built on proven AI, AlphaSense delivers insights that matter from content you can trust. Our universe of public and private content includes equity research, company filings, event transcripts, expert calls, news, trade journals, and clients’ own research content. The acquisition of Tegus by AlphaSense in 2024 advances our shared mission to empower professionals to make smarter decisions through AI-driven market intelligence. Together, AlphaSense and Tegus will accelerate growth, innovation, and content expansion, with complementary product and content capabilities that enable users to unearth even more comprehensive insights from thousands of content sets. Our platform is trusted by over 6,000 enterprise customers, including a majority of the S&P 500. Founded in 2011, AlphaSense is headquartered in New York City with more than 2,000 employees across the globe and offices in the U.S., U.K., Finland, India, Singapore, Canada, and Ireland. Come join us! About the Role: We are seeking an experienced Senior Business Applications Security Engineer to join our growing Corporate Technology team. This is not a maintenance role—this is an opportunity to build something from the ground up. You will take ownership of the security posture for our entire business application ecosystem, from Salesforce and Workday to niche departmental tools, transforming a fragmented, reactive approach into a centralized, proactive, and hardened security program. Your focus will be on bridging business needs with cloud-based software solutions through implementation, optimization, and vendor management. Transform business application security from an afterthought to a core competency. You will: - Build from scratch: Design and implement a comprehensive business application security program where none exists - Own the ecosystem: Take full ownership of security posture across 200+ business applications (SaaS, cloud, and on-premise) - Establish the standard: Define what "secure" means for business applications and ensure every tool meets that bar - Shift left: Embed security into procurement, integration, and lifecycle management processes - Drive change: Partner with stakeholders across IT, Engineering, Finance, HR, Sales, and Marketing to fundamentally change how the organization thinks about application security Responsibilities - System Administration: Design and scale user access with role-based access controls (RBAC), where possible - Technical Support & Troubleshooting: Provide escalation support in debugging app access/role issues - Application Onboarding: Conduct requirements discovery and analysis with key stakeholders for new applications, particularly pertaining to login and role access protocols - Identity Lifecycle Management: Designing and implementing automations ensuring automatically granted or revoked access - Integration Management: Manage API connections and integrations between business applications in our tech stack - Process Improvements: Identify and implement automation opportunities to streamline workflows - Data & Compliance: Ensure data accuracy, integrity and compliance with security standards - Mentorship to guide junior teammates on best practices within the role Qualifications - 8+ years of experience in Application Security or related role - Professional Certifications: CISSP are a plus - Expertise in Okta, Google Workspace, Microsoft 365 - Experience with SAML and OAuth protocols, as well as SCIM - Proficiency with Okta Workflow or similar automation platforms - Excellent ability to bridge conversations between technical teams and non-technical business stakeholders - Soft skills: Change management, process improvement, stakeholder management, collaborative mindset with excellent written and verbal communication. What We Offer: - Competitive compensation package - Equity opportunities - Comprehensive health, dental, and vision coverage - Flexible PTO and remote work options - Learning & development resources - A high-impact role in a fast-growing, mission-driven company. AlphaSense is an equal-opportunity employer. We are committed to a work environment that supports, inspires, and respects all individuals. All employees share in the responsibility for fulfilling AlphaSense’s commitment to equal employment opportunity. AlphaSense does not discriminate against any employee or applicant on the basis of race, color, sex (including pregnancy), national origin, age, religion, marital status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any other non-merit factor. This policy applies to every aspect of employment at AlphaSense, including recruitment, hiring, training, advancement, and termination. In addition, it is the policy of AlphaSense to provide reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations, and ordinances where a particular employee works. Recruiting Scams and Fraud We at AlphaSense have been made aware of fraudulent job postings and individuals impersonating AlphaSense recruiters. These scams may involve fake job offers, requests for sensitive personal information, or demands for payment. Please note: - AlphaSense never asks candidates to pay for job applications, equipment, or training. - All official communications will come from an @alpha-sense.com email address. - If you’re unsure about a job posting or recruiter, verify it on our Careers page. If you believe you’ve been targeted by a scam or have any doubts regarding the authenticity of any job listing purportedly from or on behalf of AlphaSense please contact us. Your security and trust matter to us.