Job Drop BerlinYOUR WAY INTO BERLIN TECH
POST A JOBSAVED JOBSMEET A STARTUPREADSUBSCRIBE
NewsletterLinkedIn
AboutTermsImpressumPrivacy

Senior Security Engineer

TTrade Republic
Seniority
Senior
Model
In-Office
Sector
Fintech
Salary
Undisclosed
Contract
Full-Time

About the role

We're looking for a Senior Security Engineer to join our Application Security team at Trade Republic, Europe's largest savings platform. You'll be responsible for safeguarding applications and integrating security throughout the development lifecycle for our platform serving 8+ million customers across 17 countries.

What you'll do

  • Partner with engineering teams to embed security into the software development lifecycle from design to deployment
  • Conduct security code reviews, threat modeling sessions, and architecture reviews for critical applications and services
  • Design and implement SAST, DAST, and SCA solutions to identify vulnerabilities early in the development process
  • Build and maintain application security testing automation within CI/CD pipelines
  • Develop secure coding standards, security libraries, and reusable security components for engineering teams
  • Perform penetration testing and vulnerability assessments of web applications, APIs, and mobile applications
  • Triage, prioritize, and remediate application vulnerabilities working closely with development teams
  • Create security champions program and provide security training to engineering teams
  • Research emerging application security threats and integrate defensive measures into the security architecture
  • Contribute to bug bounty program management and coordinate with external security researchers

What you'll need

  • 5+ years as a Security Engineer with 4+ years focused on application security
  • Deep understanding of web application security (OWASP Top 10, API security, authentication/authorization)
  • Hands-on experience with security testing tools (Burp Suite, OWASP ZAP, Semgrep, etc.)
  • Strong programming skills in modern languages (Python, Java, Kotlin, Go, or JavaScript)
  • Experience integrating security tooling into CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins)
  • Expertise in secure architecture patterns for microservices, APIs, and distributed systems
  • Solid understanding of cryptography, secure session management, and identity/access management
  • Excellent communication skills to translate security concepts for engineering audience

Nice to have

  • Hands-on experience with security testing of cryptocurrency/blockchain infrastructure and applications
  • Experience with mobile application security (iOS/Android)
  • Knowledge of compliance frameworks (PCI-DSS, GDPR, MaRisk)
APPLY →