paymenttools

Senior Security Engineer, d/f/m

paymenttools

full-time

Posted on:

Location Type: Hybrid

Location: BerlinGermany

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

CloudDistributed SystemsGoGoogle Cloud PlatformKubernetesPostgresPythonTerraform

About the role

  • Act as a subject matter expert in application security and actively promote best practices across engineering teams.
  • Lead and execute the deployment and rollout of security platforms.
  • Continuously improve the organization’s DevSecOps maturity.
  • Integrate security controls into CI/CD pipelines and evangelize a strong DevSecOps culture.
  • Collaborate on the design and implementation of Identity & Access Management (IAM) in distributed systems.
  • Develop automated workflows for vulnerability management.
  • Facilitate threat modeling workshops and support teams in making risk-based architectural decisions.
  • Document security implementations and contribute to engineering security standards.
  • Ideally, you also bring experience in penetration testing or red teaming and have worked in regulated environments such as FinTech.

Requirements

  • Strong background in security engineering, with a focus on application security and cloud-native environments (Kubernetes, Postgres).
  • Deep expertise in application security, including secure frameworks, libraries, and common attack vectors.
  • Hands-on experience with DevSecOps tools and practices, specifically integrating security into GitHub Actions (CI/CD).
  • Experience with Infrastructure as Code (IaC), preferably using Terraform or OpenTofu.
  • Proficiency in programming languages such as Python or Golang to automate security workflows.
  • Experience with LLM tooling and workflows, with an interest in AI-Agenting and multi-agent systems.
  • Clear and concise communication skills in English, with the ability to influence and coach both technical and non-technical stakeholders. German-language skills are a plus.
  • Ideally, you have experience with GCP and CNAPP platforms (e.g., Wiz).
  • Ideally, you have experience with compliance frameworks such as ISO 27001, PCI-DSS, or KRITIS, and bring knowledge in IAM design, including role-based access control and OAuth2/OIDC.
Benefits
  • Deutschland ticket, subsidized subscription
  • 1.000 euro annual learning and development budget + internal training platforms
  • Discounts on travel, fashion, technology, and more through our corporate benefits
  • REWE discount card for discounts for REWE group retailers
  • JobRad, affordable bicycle leasing!
  • Company pension plan
  • Insurance Services
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
application securityDevSecOpsvulnerability managementpenetration testingprogramming languagesInfrastructure as CodeGitHub ActionsKubernetesTerraformcloud-native environments
Soft Skills
communication skillsinfluencecoachingcollaborationrisk-based decision makingdocumentationworkshop facilitationconcisenessinterpersonal skillsleadership
Certifications
ISO 27001PCI-DSSKRITIS