IT Security Engineer

Deine Rolle im Team

• Protect our systems and cloud environments: You continuously analyze security risks, implement modern security standards, and ensure the protection of our cloud infrastructure and critical business systems.
• Establish clear security policies and processes: You further develop our security policies, standardize security processes, and ensure their adoption across the entire organization.
• Drive security awareness and training initiatives: You strengthen security awareness throughout the company through training sessions, workshops, and proactive communication with all teams.
• Ensure structured incident and risk management: You identify security incidents at an early stage, coordinate their handling, prepare analyses, and continuously improve our incident response procedures.
• Ensure compliance with standards and regulations (PCI, ISO, NIS2): You support the company in meeting external compliance requirements, prepare audits, and guide business units through compliance processes.
• Monitor our core security mechanisms: You analyze security-critical components, support monitoring and audit processes, and ensure transparency regarding security-relevant events.
• Collaborate closely with Product, IT, and Engineering teams: You support other teams in designing secure solutions, reducing risks, simplifying security processes, and contributing to a secure, scalable overall architecture.
• Ensure a secure software development lifecycle: You expand our secure development lifecycle (SSDLC), support teams on security-related topics, and ensure that security reviews are a reliable part of our processes.

Unser Angebot

• Work in our partner's coworking spaces (max. 3 days a week) or in your home office, as long as you can guarantee uninterrupted internet access.
• Regular further education.
• The stability of an extremely successful German high-tech company that is funded by its successful product and not by investors.
• Outcome focused teams and a culture of direct feedback.
• Modern equipment: MacBook.
• International, collaborative team with strong cohesion.
• Spectacular team events in various European countries.
• Autonomy from day one.
• Work in your team on a first-name basis, without a dress code, and at eye level.
• Flexible working hours from Mondays to Fridays.

Technologien und Skills

• SSO
• Google Cloud Platform
• SIEM
• AWS
• MFA

Unsere Erwartungen an dich:

Qualifikationen

• You identify security risks at an early stage and proactively think in terms of solutions.
• You have a strong understanding of how software, infrastructure, and cloud systems interact.
• Assessing the security of systems, services, and processes is your passion.
• Understanding of secure development and infrastructure processes (SSDLC, Cloud Security, IAM, Risk Management).
• Strong analytical thinking when evaluating security incidents and vulnerabilities.
• Excellent communication skills - able to explain technical risks in a clear and understandable way.
• Basic knowledge of cloud environments (GCP/AWS) and automated workflows (e.g., CI/CD).

Erfahrung

• Nice-to-have: Experience with compliance standards such as ISO 27001, PCI DSS, or NIS2.
• Nice-to-have: Experience with security testing (e.g., SAST, DAST, vulnerability scans).
• Nice-to-have: Experience with security tools and standards such as SIEM, SSO/MFA, audits, and policies.

Benefits

• Flexible Arbeitszeiten
• Home Office
• No Dresscode
• Team Events