• Teil des Kernteams zur Weiterentwicklung der Cybersecurity-Präsenz in Stuttgart • Beratung zu Governance-, Compliance- und regulatorischen Anforderungen • Planung und Durchführung von Penetration Tests • Schwachstellenmanagement und Durchführung von Re-Tests innerhalb der EU • Begleitung von Projekten mit Architektur-Reviews, Secure-Coding-Coachings und Security-Checks • Erstellung von Methoden, Templates und Best Practices für effiziente Arbeitsweise • Unterstützung im PreSales bei Angebotserstellung und Kundenpräsentationen

• Secure the end-to-end platform, from Linux-based edge devices to cloud infrastructure, APIs, and data pipelines. • Identify, assess, and remediate security risks across applications, backend services, and deployed devices. • Conduct threat modeling across edge-to-cloud data flows, including video, sensor data, and metadata pipelines. • Harden edge devices, including OS security, SSH access, credential management, and patching practices, especially in physically accessible environments. • Secure cloud environments (AWS preferred), including IAM, network security, encryption, secrets management, and logging. • Support secure design and architecture reviews for new features and deployments. • Implement and improve **CI/CD security**, vulnerability scanning, and monitoring practices. • Monitor and respond to security incidents, including compromised devices or unauthorized access, and lead post-incident reviews. • Define and improve security policies, standards, and controls aligned with practical engineering needs. • Support compliance efforts such as ISO 27001, SOC 2, and customer security reviews. • Work closely with Engineering and Product to embed security into development without slowing delivery. • Contribute to internal security awareness, documentation, and best practices.

• Analyze antivirus and EDR detections affecting our applications • Investigate false positives across: - Microsoft Defender - CrowdStrike - SentinelOne - Sophos - Bitdefender - ESET - Kaspersky • Work with engineering teams to identify behaviors triggering detections • Improve software trust and reputation mechanisms • Manage AV vendor submissions and whitelisting processes • Review: - installers - auto-update systems - drivers/services - network behavior - persistence mechanisms • Recommend improvements for: - code signing - EV certificates - Windows SmartScreen reputation - binary integrity - release pipelines • Perform static and dynamic analysis of binaries when needed • Communicate directly with antivirus vendors and security teams

• Collaborate with multiple teams to build and enhance complex software and security tooling that interacts with multiple systems, processes, and standards • Help improve the availability, performance, scalability, and security of Adobe's security tools. • Provide security analysis before and at build time across Adobe’s security tooling • Keep elevated levels of Security and Compliance with the Adobe Standards, including engaging with Adobe product teams on their cloud deployment practices • Enhance our development workflow to follow industry best practices by assisting in development of standards and leveraging automation • Improve our development pipelines so that we can achieve faster and more reliable deploys • Focus on DevSecOps tooling and strategy