GEA Group
Application Security Expert (DevSecOps)
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About GEA Group
GEA Group is a leading systems supplier for the food, beverage, and pharmaceutical sectors, generating over five billion euros in revenue across more than 150 countries. With a workforce of over 18,000 employees, GEA operates through five business divisions, focusing on enhancing sustainability and efficiency in production processes. Founded in 1920 in Bochum, Germany, GEA has a rich history that includes significant expansions and acquisitions, positioning it as a major player in food and process engineering technology. The company offers a diverse portfolio that includes food processing equipment, process engineering and automation systems, air cooling and thermal management solutions, and advanced separation and purification technology. GEA serves a wide range of industries, with approximately 70% of its business coming from food and beverages, and is recognized as a market leader in many of its sectors.
Security at GEA Group
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
- Stated AppSec Mission: The role 'defines the global security requirements for development, operation and maintenance of applications' – Job ID: JR-0038728, Job Post.
- Developer Enablement: The team acts as the 'first contact for Application Development Teams on all secure development related topics' – Job ID: JR-0038728, Job Post, and 'drives the adoption of secure ‑ by ‑ design practices' – Job ID: JR-0038728, Job Post.
- Risk Philosophy: The team 'Implements a risk‑based approach for assessing application security' – Job ID: JR-0038728, Job Post.
- Stated Pain Points or Goals: 'Establish and enforce secure software development practices when AI tools are used' – Job ID: JR-0038728, Job Post.
Security Team
- Org Structure & Reporting Line: The AppSec function is 'part of the Product and Operational Technology Security Team within the CISO organization' – Job ID: JR-0038728, Job Post.
- The department is 'headed by the Chief Information Security Officer' – GEA ISMS Page (gea.com), Corporate Site.
- Key Public-Facing Leaders: Iskro Mollov, Chief Information Security Officer.
- Active AppSec Job Postings (as_of:): Count: 1 (JR-0038728).
- Common Skill/Tool Patterns: 'Experience with application security tooling such as SAST, DAST, SBOM Tools, SCA' – Job ID: JR-0038728, Job Post.
Key Initiatives
- Security Champions Program: No Evidence Found. 'Shift Left' in Practice: The team 'Leads the global implementation of security tools and platforms across the secure development lifecycle (SDLC)' – Job ID: JR-0038728, Job Post.
- Vulnerability Management Process: The team 'Defines and oversees key security KPIs' – Job ID: JR-0038728, Job Post.
- Secure SDLC Artifacts: GEA operates a global ISMS 'based on the ISO/IEC 27001 standard' – GEA ISMS Page (gea.com), Corporate Site.
- Recent Initiatives: 'Establish and enforce secure software development practices when AI tools are used' – Job ID: JR-0038728, Job Post.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.