About Staffbase

We inspire people to achieve great things together. Our mission is to help organizations unlock the power of inspirational communication with the first AI-native Employee Experience Platform. Our industry-leading and award-winning agentic AI communications channels - intranet, employee app and email solutions - create engaging experiences that connect and empower employees.

Headquartered in Chemnitz, Germany and New York City, with offices in Berlin, London, Sydney, Tokyo, Prague, and Minneapolis___St.___Paul, our diverse team of 750+ employees supports 2,000+ customers___reaching over 16.4 million employees___in transforming their employee experience. We are proud to be a Unicorn company___privately valued at over $1 billion___demonstrating strong growth, innovation, and lasting impact in our industry. Together, we’re shaping the future of workplace communication.

At Staffbase, security is at the heart of everything we build. Our Product Security team helps keep our products and customer data secure while enabling engineering teams across the company. We believe the best security work happens when people bring their authentic selves and diverse perspectives to the table and we’re proud of the unique mix of talents and backgrounds in our team.

As an enablement team, we provide tools, guidance, and insights that allow developers to integrate security early in the development process. We see security not as a blocker but as a trusted partner that is the foundation for better products. With us, you’ll get hands-on experience with modern security practices, mentorship from experienced engineers, and the chance to make a visible impact in a global SaaS environment.

We work together with curiosity, humility, and a growth mindset, supporting each other, taking ownership of our contributions, and celebrating progress along the way. Here, your ideas matter, your work will shape how we build secure products, and you’ll have space to grow into new challenges.

What you’ll be doing

  • Take ownership of tasks that improve our security automation and strengthen our product security pipelines

  • Proactively explore the use of AI for vulnerability detection and remediation

  • Continuously learn and share knowledge about how vulnerabilities apply in our specific product context

  • Support the team by enhancing our services with software engineering solutions

  • Collaborate closely with stakeholders across the product department and gain broad exposure to how a growing SaaS company operates

  • Maintain our outbound e-mail security by regularly reviewing the related metrics

  • Maintain our Web Application Firewall ruleset

  • Maintain our central HTML sanitization service written in Typescript

What you need to be successful

  • Programming knowledge, preferably in one of: TypeScript, JavaScript, Kotlin, Java, Go, or Python

  • Practical knowledge of Unix basics and Kubernetes infrastructure

  • Practical knowledge of security topics (e.g. penetration testing, secure software development, vulnerability management, SAST, DAST) and curiosity to deepen this knowledge

  • Experience with infrastructure-as-code, preferably via Terraform and Kustomize

  • A structured and organized way of working with attention to detail

  • Strong communication skills in English (German is a plus)

What you'll get

  • Competitive Compensation - we offer attractive salary packages including LTIP (unit-based Long Term Incentive Plan)

  • Flexibility - we offer flexible working time models and the option of hybrid work, and support this with a yearly flex work allowance of €1560

  • Recharge - with 31 vacation days annually (incl. one floating holiday), plus pro rata fully paid Fridays off during August

  • Support - we’re offering a company pension scheme

  • Volunteers Day - you’ll get one day off per year for supporting a social project