Systems Administrator managing IT support and compliance activities in a tech - oriented company. Leading infrastructure design and security measures while collaborating with managed service providers.
About the role
- (Senior) Security Engineer establishing secure coding practices and driving DevOps automation for Paymenttools, enhancing payment security in Europe.
Responsibilities
- Act as a subject matter expert in application security and actively promote best practices across engineering teams.
- Lead and execute the deployment and rollout of security platforms.
- Continuously improve the organization’s DevSecOps maturity.
- Integrate security controls into CI/CD pipelines and evangelize a strong DevSecOps culture.
- Collaborate on the design and implementation of Identity & Access Management (IAM) in distributed systems.
- Develop automated workflows for vulnerability management.
- Facilitate threat modeling workshops and support teams in making risk-based architectural decisions.
- Document security implementations and contribute to engineering security standards.
- Ideally, you also bring experience in penetration testing or red teaming and have worked in regulated environments such as FinTech.
Requirements
- Strong background in security engineering, with a focus on application security and cloud-native environments (Kubernetes, Postgres).
- Deep expertise in application security, including secure frameworks, libraries, and common attack vectors.
- Hands-on experience with DevSecOps tools and practices, specifically integrating security into GitHub Actions (CI/CD).
- Experience with Infrastructure as Code (IaC), preferably using Terraform or OpenTofu.
- Proficiency in programming languages such as Python or Golang to automate security workflows.
- Experience with LLM tooling and workflows, with an interest in AI-Agenting and multi-agent systems.
- Clear and concise communication skills in English, with the ability to influence and coach both technical and non-technical stakeholders. German-language skills are a plus.
- Ideally, you have experience with GCP and CNAPP platforms (e.g., Wiz).
- Ideally, you have experience with compliance frameworks such as ISO 27001, PCI-DSS, or KRITIS, and bring knowledge in IAM design, including role-based access control and OAuth2/OIDC.
Benefits
- Deutschland ticket, subsidized subscription
- 1.000 euro annual learning and development budget + internal training platforms
- Discounts on travel, fashion, technology, and more through our corporate benefits
- REWE discount card for discounts for REWE group retailers
- JobRad, affordable bicycle leasing!
- Company pension plan
- Insurance Services
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Cyber Security Expert supporting project teams with structured risk assessments and compliance documentation at Nordex wind farms. Collaborating closely with Information Security to ensure secure operations.
OT Cybersecurity Engineer enhancing cybersecurity in industrial environments. Ensuring compliance with cybersecurity standards and collaborating across engineering, IT, and product teams.
Information Security Analyst implementing security solutions at one of Brazil's largest banks. Focus on information security and compliance with internal policies and best practices.
Security Intern collaborating with security teams to ensure compliance and develop secure processes in fintech environment. Engaging in hands - on experience with application security and risk management.
![[solidcore] logo](/api/images/solidcore.jpg)
Director overseeing IT operations and cybersecurity at [solidcore]. Ensuring system reliability and compliance for HQ and studio locations.
Senior Manager of Cybersecurity application and cloud security at Medtronic. Leading teams to enhance security in cloud - native environments and software development.
Security Engineer designing and implementing secure architecture solutions for Disney's global technology ecosystem. Collaborating with teams to assess threats and secure AI/ML implementations and technologies.
Head of Information Security at Thndr, leading security strategy and governance across Egypt, UAE, and KSA. Responsible for managing risk and building trusted security function.
Security Lead responsible for security across product, cloud infrastructure, and internal systems. Aiming to enhance security measures and practices within a SaaS environment.