Staff Security Engineer

About the company

foodpanda is part of Delivery Hero Group, a global local delivery platform operating in 70+ countries. The company connects customers, restaurants, shops, and riders through technology, with its headquarters in Berlin and a public listing on the Frankfurt Stock Exchange since 2017. Delivery Hero also operates quick commerce and, as of July 2024, brought together foodpanda, foodora, and Yemeksepeti as part of its second-largest business unit across 18 markets.

Role overview

This position sits within the Security Engineering team inside the broader Security function and supports the foodpanda, foodora, and Yemeksepeti brands. The team’s purpose is to design and scale practical security controls, make security part of everyday engineering and operations, lower risk through partnership and enablement, and help the business meet audit and compliance needs through well-structured controls.

Primary focus areas

• Building and improving product security safeguards
• Enabling DevSecOps practices across engineering workflows
• Strengthening IAM and data protection controls
• Supporting AI security initiatives
• Delivering security engineering projects end to end

You will collaborate with teams across the organisation to define, implement, test, and continuously refine security controls across local, regional, and platform-level environments.

Qualifications

The role calls for a bachelor’s degree in Computer Science, Information Security, Engineering, or a closely related field, along with 7 or more years of experience in Security Engineering, Application Security, Cloud Security, DevSecOps, or a similar cybersecurity discipline.

• Strong grasp of security engineering practices across product, infrastructure, cloud, and platform contexts
• Hands-on experience with AWS or GCP, CI/CD pipelines, APIs, containers, and security tools
• Familiarity with tools and platforms such as SAST, DAST, CSPM, IAM, SIEM, vulnerability management, and secrets management
• Solid knowledge of OWASP, secure architecture, cloud-native security, IAM, and DevSecOps principles
• Ability to convert technical risk into clear, actionable security requirements
• Excellent communication, stakeholder management, and collaboration abilities
• Comfort working in a fast-moving, engineering-led, highly collaborative setting

Preferred experience

• Security certifications such as CISSP, CCSP, Security+, AWS Security Specialty, GCP Security Engineer, or similar
• Background in e-commerce, marketplaces, delivery platforms, fintech, or high-scale consumer technology
• Exposure to Kubernetes, microservices, API security, software supply chain security, or platform engineering
• Understanding of AI/LLM security, AI governance, or AI-supported engineering workflows
• Experience using Python, Bash, Terraform, or similar tools for scripting and automation
• Experience supporting regional or global cloud-native engineering setups

Why join

• Opportunity to influence security engineering practices across globally recognised digital products
• Exposure to modern engineering, cloud, platform, and AI-driven environments
• Experience with large-scale, cloud-native, high-availability systems
• Collaborative, fast-paced, and impact-focused culture
• The chance to embed security into engineering, platform delivery, and emerging AI capabilities at scale

Benefits and workplace culture

• Dynamic and challenging work setting
• Support for personal and professional development
• Regular company and team events
• International team with a strong focus on diversity and inclusion
• Responsibility from day one in a fast-growing global company
• Free food, health insurance, dental insurance, and learning and development opportunities
• Inclusive, flexible, and competitive benefits package for full-time employees

Company context

Delivery Hero Group operates across Asia, Europe, Latin America, the Middle East, and Africa, with more than 40,000 employees worldwide. The group started as a food delivery business in 2011 and has grown into a major quick commerce and delivery platform. The organisation is headquartered in Berlin, Germany, and has been listed on the Frankfurt Stock Exchange since 2017.