Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead our Product Security Team and drive penetration testing and secure coding practices.
- Company: Join CHAMP Cargosystems, a global leader in air cargo IT solutions.
- Benefits: Competitive salary, flexible working options, and opportunities for professional growth.
- Why this job: Make a real impact on security in innovative SaaS products and collaborate with talented teams.
- Qualifications: 8+ years in software development, strong Java skills, and experience in agile environments.
- Other info: Dynamic work culture with a focus on continuous improvement and career advancement.
The predicted salary is between 36000 - 60000 £ per year.
CHAMP Cargosystems provides the most comprehensive range of integrated IT solutions and distribution services for the air cargo transport chain. Our portfolio spans core management systems, messaging services, and eCargo solutions. These include applications designed to meet customs and security requirements, quality optimization, as well as e‑freight and mobility needs. Our products and services are recognized globally under the Cargospot and Traxon brands. We serve over 200 airlines and GSAs, connecting them with approximately 3,000 forwarders and GHAs worldwide. Our solutions help customers, and their clients, adapt to the critical and ongoing changes in air transport logistics and meet the demands of global trade. Headquartered in Luxembourg, CHAMP Cargosystems operates offices in Reading, Zurich, Frankfurt, Manila, Singapore, and Atlanta.
We are looking for an Offensive Security Engineer to join our Security & GRC team. The role will be reporting to the Security Architect.
Responsibilities
- Establish and guide our Product Security Team.
- Drive our penetration testing capability and secure software development practices.
- Oversee vulnerability remediation and build automated offensive security capabilities integrated into our agile CI/CD environment.
- Ensure that security is embedded into every sprint, release, and product lifecycle stage.
Security governance & development enablement
- Establish secure coding standards, reusable libraries, and best practices for Java web application development.
- Collaborate with product owners and developers to integrate security requirements into user stories.
- Provide guidance on threat modeling and secure design during sprint planning.
- Ensure security tasks are prioritized alongside functional requirements in the agile backlog.
Offensive security & testing
- Build and oversee internal penetration testing capabilities for web applications and APIs.
- Ensure each release in the CI/CD chain undergoes automated and manual security testing.
- Expand testing scope to infrastructure and cloud environments as maturity grows.
- Continuously simulate attacker techniques to validate product resilience.
Tooling & automation
- Drive adoption of SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) solutions, with emphasis on Java and web application frameworks.
- Integrate automated security testing into CI/CD pipelines.
- Oversee development of unit test frameworks with embedded security checks.
Compliance & reporting
- Align product security practices with compliance frameworks (ISO27001, SOC2, NIS2, EU AI Act, etc.).
- Collaborate with Compliance and IT Security teams to maintain certifications and audit readiness.
- Provide leadership with clear reporting on product security posture, vulnerabilities, and remediation progress.
Agile management
- Define backlog items related to security improvements, vulnerability remediation, and testing initiatives.
- Facilitate sprint planning, daily stand‑ups, retrospectives, and ensure delivery of security objectives.
- Mentor and coach team members, fostering a culture of collaboration and continuous improvement.
Knowledge, skills, and abilities
- Strong knowledge of secure development practices, threat modeling, and vulnerability management.
- Hands‑on experience with SAST/DAST tools and CI/CD integration.
- Excellent communication skills to engage developers, auditors, and executives.
- Proven experience leading teams in agile/SCRUM environments.
Education and Experience
- Bachelor's or Master's degree in Software Engineering, Cybersecurity, or related field.
- 8+ years of experience in software development and application security, with hands‑on exposure to Java web applications.
- Certifications such as OSCP or CISSP, CISM.
- Experience in SaaS environments and cloud‑native security.
- Familiarity with compliance frameworks (ISO27001, SOC2, NIS2, EU AI Act).
- Ability to balance strategic vision with hands‑on technical leadership.
The selected candidate may be subject to the provision of an up‑to‑date (not older than 3 months) criminal record certificate.
Offensive Security Engineer employer: CHAMP Cargosystems
Contact Detail:
CHAMP Cargosystems Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Offensive Security Engineer
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the industry. Attend meetups, webinars, or even local tech events. You never know who might have the inside scoop on job openings or can refer you directly to hiring managers.
✨Tip Number 2
Show off your skills! Create a portfolio that highlights your projects, especially those related to offensive security and secure coding practices. This is your chance to demonstrate what you can bring to the table beyond just a CV.
✨Tip Number 3
Prepare for interviews by brushing up on common security scenarios and challenges. Be ready to discuss how you would handle specific vulnerabilities or integrate security into agile processes. Practice makes perfect!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in joining our team at CHAMP Cargosystems.
We think you need these skills to ace Offensive Security Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Offensive Security Engineer role. Highlight your experience with secure coding practices, penetration testing, and any relevant certifications. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about security and how your background makes you a great fit for our team. Don’t forget to mention your experience in agile environments and working with Java web applications.
Showcase Your Projects: If you've worked on any relevant projects, whether personal or professional, make sure to include them. We love seeing practical examples of your skills, especially in penetration testing and secure software development. It gives us a better idea of what you can bring to the table!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands. Plus, it shows us that you're genuinely interested in joining our team at CHAMP Cargosystems!
How to prepare for a job interview at CHAMP Cargosystems
✨Know Your Stuff
Make sure you brush up on your knowledge of secure coding practices, especially in Java. Familiarise yourself with SAST and DAST tools, as well as the CI/CD processes. Being able to discuss these topics confidently will show that you're not just a candidate, but a potential asset to their team.
✨Show Your Problem-Solving Skills
Prepare to discuss specific examples where you've tackled security vulnerabilities or improved secure development practices. Use the STAR method (Situation, Task, Action, Result) to structure your answers. This will help demonstrate your hands-on experience and how you can apply it to their needs.
✨Understand Their Environment
Research CHAMP Cargosystems and their products, especially their SaaS offerings. Knowing how their solutions fit into the air cargo transport chain will allow you to tailor your responses and show genuine interest in their work. Plus, it’ll help you ask insightful questions during the interview.
✨Be Agile-Minded
Since the role involves working within SCRUM methodology, be prepared to discuss your experience in agile environments. Highlight how you've facilitated sprint planning or retrospectives in the past, and how you can contribute to fostering a culture of collaboration and continuous improvement in their team.
