Security Engineer


Millions of people use MyTherapy to help ensure they take their medication safely and manage their treatment. We adopt the latest technology and solutions to ensure our iOS and Android apps meet our users’ needs and that our backend can handle >100 million interactions each month. Our commitment to agility, flat hierarchies, and a company culture that values the contribution of every individual allows us to meet the needs of our ever-growing userbase, our partners, and team members.

As a security engineer, you will help us build both our cloud-based and on-site infrastructure to handle a growing userbase and ensure enterprise-level compliance. You will work with an experienced team of developers that creates all of our app components in-house – from database management and UI/UX design to the mobile frontends. We believe in agile principles and a strong Scrum approach, with flexibility and communication rather than strict processes and supervision.


  • Ensure secure operation of the MyTherapy platform through technical measures and policies
  • Continuously strive to further improve our security level and coordinate and implement new measures


  • Manage and resolve security incidents and implement improvements
  • Lead the implementation of security standards & necessary controls to protect our platform
  • Work closely with application development, product, and software QA teams to implement software security
  • Align security policies with SysOps team at the intersection of our platform and office IT infrastructure

Your profile

  • 3+ years of commercial experience in a technical role such as Application Security Engineer, Architect or Application Developer
  • Strong hands-on experience in configuring and managing security-related systems like Intrusion Detection Systems (IDS), Web Application Firewalls (WAF), Security Information and Event Management (SIEM)
  • Experience in securing / hardening cloud systems and infrastructure managed in Amazon Web Service (AWS), e.g. configuring Network ACLs / Security Groups, role-based IAM management,
  • Experience in security practices for mobile applications, and secure communication with a backend system through modern API design for scalable architectures
  • Experience with planning, researching, and developing security policies, standards, and procedures
  • A good understanding of the principles of secure software development and how security fits in an agile Software Development Lifecycle (S-SDLC)
  • Experience working within information security management systems e.g. ISO 27001, including vulnerability and patch management
  • Proficient in at least one programming language
  • Good verbal and written communication skills in English.
  • You value the company of your colleagues and teammates and are willing to meet with them in our office 3 times per quarter

We are looking forward to receiving your CV. If you have a Stack Overflow or GitHub profile (or similar), we encourage you to forward them along with other points of reference such as published apps on the Play Store or contributions to open-source projects.

The best way to share your application with us is via our application form. It doesn't take long, we promise – just tap on the button below to get started.

If you're unable to use the application form, you can always email us your application.

Do you have questions? Write us through or call us at +49 89 1222493-00. We are looking forward to hearing from you!