Senior Information Security Engineer
Germany
Full Time
1 hour ago
No Sponsorship
Key skills
AWSAzureCloudCyber SecurityGoogle Cloud PlatformAIGCPGoogle CloudIAMCommunicationOWASPPenetration TestingCloud SecurityWAF
About this role
Role Overview
- Evaluate and strengthen internal security controls and processes, driving continuous improvement of our Information Security Management System and related policies
- Participate in internal and external audits (e.g. ISO 270xx)
- Develop and enhance threat models for PAIR Finance resources and services, conducting security risk assessments and defining targeted mitigation strategies based on threat models
- Investigate end-to-end information-security incidents, preparation of comprehensive reports for management and regulators
- Monitor threat intelligence, hacking techniques, and CVEs affecting our AWS and M365 environments
- Collaborate with DevOps and Product teams to integrate security throughout the Software Development Lifecycle
- Utilize Wiz and similar platforms to identify, prioritize and remediate cloud security risks (CSPM/CIEM)
- Execute vulnerability scans, analyze DAST results, and support penetration testing activities
Requirements
- Strong communication skills in English (B2+) and German (B1 minimum, B2 preferred)
- Academic degree in Information Security, Cybersecurity, or equivalent field
- 3+ years hands-on experience securing cloud infrastructure (AWS, Azure, GCP); AWS expertise is highly desirable (SecurityHub, IAM, WAF, GuardDuty)
- Solid knowledge of security frameworks such as ISO 270xx, BSI Grundschutz, NIST, SOC2
- Practical experience with cloud security platforms and CSPM/CIEM (Wiz experience is a significant advantage)
- Ability to write and maintain clear technical documentation
- A level of technical expertise that would allow you to evaluate severity and applicability of vulnerabilities and quality of fixes in a cloud environment
- Proven track record with vulnerability management, DAST tools, and penetration testing methodologies (OWASP, PTES)
- Relevant certifications (nice-to-have): CISSP, CISM, CISA, ISO 27001 Lead Implementer / Lead Auditor, AWS Security Specialty, BSI Grundschutz Practitioner, AI‑related certifications (e.g. Certified AI Security Specialist)
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security
- Google Cloud Platform
Benefits
- Thriving, financially stable company
- Strong experienced international team to support and mentor you along the way, smooth onboarding process
- International team of 30+ nationalities with professionals and experts
- Flat hierarchy, transparent and appreciative feedback culture, monthly all hands meetings, annual feedback and evaluation cycle, regular 1-on-1s with your lead
- Well-structured onboarding process as well as supportive and welcoming colleagues
- Personal learning & development budget as well as German and English language courses
- Good salary for your strong performance
- Unlimited employment contract, flexible working hours and 28 vacation days for your work-life balance
- Company pension plan, partly covered Deutschlandticket (public transport) and access to “Corporate Benefits” voucher platform to ensure your full well-being
- Fun company summer and Christmas parties as well as regular team events