ABOUT US

At BASF Digital Hub Madrid we develop innovative digital solutions for BASF, create new exciting customer experiences and business growth, and drive efficiencies in processes, helping to strengthen BASF´s position as the digital leader in the chemical industry. We believe the right path is through creativity, trial and error and great people working and learning together. Become part of our team and develop the future with us - in a global team that embraces diversity and equal opportunities.

We believe the right path is through creativity, trial and error and great people working and learning together. Become part of our team and develop the future with us - in a global team that embraces diversity and equal opportunities. We are committed to fostering an inclusive workplace and strongly encourage applications from individuals with disabilities. We value diversity and believe that varied perspectives enhance our team's effectiveness. Our hiring practices are designed to ensure equal opportunity for all candidates.

WHAT YOU CAN EXPECT

We are currently seeking a motivated Junior DevSecOps Engineer to join our dynamic and collaborative AP Cyber Security team within BASF’s Agricultural Solutions division. In this role, you will contribute directly to strengthening the security posture of AP’s digital product landscape by supporting key cybersecurity processes and ensuring secure solution delivery. You will assist in reviewing Solution Design Documents (SDDs), guide Product and Application Owners through Project Risk Assessments, and help validate secure architectures aligned with BASF’s standards. Additionally, you will support vulnerability management activities, coordinate penetration testing, and contribute to application security governance to ensure secure development practices are consistently applied across AP.
As part of the global IT, Data and Digital Transformation organization you will play a meaningful role in advancing our cybersecurity capabilities through awareness initiatives, reporting, KPI tracking, and the development of security documentation and knowledge bases. Your contributions will help improve transparency, operational efficiency, and cross‑team alignment, ultimately enabling secure and scalable digital solutions for BASF AP.

RESPONSIBILITIES

• Support the Solution Design Document (SDD) review process, acting as a first line cybersecurity checkpoint for new projects and applications within AP. Helping Product/Application Owners execute Project Risk Assessments and validate secure architectures aligned with BASF requirements.
• Contribute to the vulnerability management process for both cloud and on premises environments by monitoring, documenting, and coordinating remediation of misconfigurations and software/library/OS vulnerabilities.
• Coordinate penetration testing activities for AP applications—from business requested or internal pentests—by managing scheduling, communication, result tracking, and remediation follow up.
• Assist in application security governance, helping ensure all AP applications follow BASF’s secure development requirements, tracking compliance, and communicating progress with stakeholders.
• Participate in awareness campaigns, trainings, and security community activities, including coordination with Cyber Security Culture team, internal execution of educational initiatives, and supporting the development of AP cybersecurity communities.
  
• Contribute to reporting and KPI development, ensuring visibility into vulnerabilities, SDD reviews, incident trends, and other cybersecurity areas. Support the creation and maintenance of dashboards or periodic reports.
  
• Communicate security findings clearly adapting explanations for both technical and non‑technical audiences.
  
• Strong ownership by managing security tasks end‑to‑end—tracking progress, following up on open items, and ensuring everything is properly resolved, documented, and improved through practical feedback.

OUR MAIN REQUIREMENTS

• University degree in computer science, with a minimum of 1 year of experience in the field.
• Ambitious, highly motivated, and enthusiastic about learning
• Advanced level of English

Nice to have:

• Vulnerability management: Qualys, Wiz, interpreting findings and driving remediation with product teams.
• SIEM onboarding fundamentals
• DevSecOps & AppSec: SAST (Fortify), DAST, secrets/SCA (Sonatype); understanding OWASP ASVS or equivalent.
• Cloud platforms & processes: Azure/AWS fundamentals;
• Reporting: PowerBI

WHAT WE OFFER

• Responsibility from day one in a challenging work environment and "on-the-job" training as part of a committed team.
• Adequate compensation according to your qualifications and experience • A secure work environment because your health, safety and wellbeing is always our top priority.
• Flexible work schedule and Home-office options, so that you can balance your working life and private life.
• Learning and development opportunities
• 23 holidays per year
• Another 5 days (readjustments days) and 2 days (cultural days)
• A collaborative, trustful and innovative work environment
• Being part of an international team and work in global projects
• Relocation assistance to Madrid provided

At BASF, the chemistry is right.

Because we are counting on innovative solutions, on sustainable actions, and on connected thinking. And on you. Become a part of our formula for success and develop the future with us - in a global team that embraces diversity and equal opportunities irrespective of gender, age, origin, sexual orientation, disability or belief.

Contact

Do you have any questions about the application process or the position? Please reach out to Felipe Bianco (felipe.bianco@partners.basf.com)