Security Engineer

About Staffbase

We inspire people to achieve great things together. Our mission is to help organizations unlock the power of inspirational communication with the first AI-native Employee Experience Platform. Our industry-leading and award-winning agentic AI communications channels - intranet, employee app and email solutions - create engaging experiences that connect and empower employees.

Headquartered in Chemnitz, Germany and New York City, with offices in Berlin, London, Sydney, Tokyo, Prague, and Minneapolis–St. Paul, our diverse team of 750+ employees supports 2,000+ customers—reaching over 16.4 million employees—in transforming their employee experience.

We are proud to be a Unicorn company—privately valued at over $1 billion—demonstrating strong growth, innovation, and lasting impact in our industry. Together, we're shaping the future of workplace communication.

At Staffbase, security is at the heart of everything we build. Our Product Security team helps keep our products and customer data secure while enabling engineering teams across the company. We believe the best security work happens when people bring their authentic selves and diverse perspectives to the table and we're proud of the unique mix of talents and backgrounds in our team.

As an enablement team, we provide tools, guidance, and insights that allow developers to integrate security early in the development process. We see security not as a blocker but as a trusted partner that is the foundation for better products. With us, you'll get hands-on experience with modern security practices, mentorship from experienced engineers, and the chance to make a visible impact in a global SaaS environment.

We work together with curiosity, humility, and a growth mindset, supporting each other, taking ownership of our contributions, and celebrating progress along the way. Here, your ideas matter, your work will shape how we build secure products, and you'll have space to grow into new challenges.

What you'll be doing

Take ownership of tasks that improve our security automation and strengthen our product security pipelines

Proactively explore the use of AI for vulnerability detection and remediation

Continuously learn and share knowledge about how vulnerabilities apply in our specific product context

Support the team by enhancing our services with software engineering solutions

Collaborate closely with stakeholders across the product department and gain broad exposure to how a growing SaaS company operates

Maintain our outbound e-mail security by regularly reviewing the related metrics

Maintain our Web Application Firewall ruleset

Maintain our central HTML sanitization service written in Typescript

What you need to be successful

Programming knowledge, preferably in one of: TypeScript, JavaScript, Kotlin, Java, Go, or Python

Practical knowledge of Unix basics and Kubernetes infrastructure

Practical knowledge of security topics (e.g. penetration testing, secure software development, vulnerability management, SAST, DAST) and curiosity to deepen this knowledge

Experience with infrastructure-as-code, preferably via Terraform and Kustomize

A structured and organized way of working with attention to detail

Strong communication skills in English (German is a plus)

What you'll get

Competitive Compensation - we offer attractive salary packages including LTIP (unit-based Long Term Incentive Plan)

Flexibility - we offer flexible working time models and the option of hybrid work, and support this with a yearly flex work allowance of €1560

Recharge - with 31 vacation days annually (incl. one floating holiday), plus pro rata fully paid Fridays off during August

Support - we're offering a company pension scheme

Volunteers Day - you'll get one day off per year for supporting a social project