Job Drop BerlinYOUR WAY INTO BERLIN TECH
POST A JOBSAVED JOBSMEET A STARTUPREADSUBSCRIBE
NewsletterLinkedIn
AboutTermsImpressumPrivacy

Senior Security Engineer - Cloud Security

TTrade Republic
Seniority
Senior
Model
In-Office
Sector
Fintech
Salary
Undisclosed
Contract
Full-Time

About the role

As a Senior Security Engineer in Trade Republic's Cloud Security team, you'll architect and maintain secure cloud infrastructure that protects critical systems and customer data across AWS environments. You'll focus on implementing security controls, automation, and compliance validation for Europe's largest savings platform serving 8 million customers.

What you'll do

  • Design and implement security controls for cloud infrastructure across AWS environments
  • Build and maintain Infrastructure as Code (IaC) security standards and automated compliance validation
  • Develop cloud security automation using Terraform, CloudFormation, and Python to enforce security baselines
  • Implement and optimise Cloud Security Posture Management (CSPM) solutions and remediation workflows
  • Architect secure network segmentation, VPCs, security groups, and zero-trust network access solutions
  • Manage identity and access management (IAM) policies, service control policies, and least privilege frameworks
  • Monitor and respond to cloud security events using CloudTrail, GuardDuty, Security Hub, and SIEM integration
  • Conduct security assessments of Kubernetes clusters, container registries, and serverless architectures
  • Drive cloud security initiatives including encryption strategies, secrets management, and data protection controls

What you'll need

  • 5+ years as a Security Engineer with 4+ years specialising in cloud security
  • Deep AWS security expertise (IAM, VPC, Security Hub, GuardDuty, KMS, CloudTrail, Config)
  • Advanced Infrastructure as Code skills (Terraform required, CloudFormation)
  • Strong understanding of Kubernetes security (RBAC, network policies, Pod Security Standards)
  • Experience with container security tools (Falco, Trivy, etc)
  • Proficiency in Python and automation for security policy enforcement
  • Knowledge of security frameworks and cloud compliance (ISO 27001, SOC 2, CIS Benchmarks)
  • Experience with DevSecOps practices and security integration in CI/CD pipelines
  • Understanding of network security, TLS/mTLS, service mesh architectures

Nice to have

  • Multi-cloud experience (GCP, Azure)
  • Knowledge of financial services regulations (MaRisk, BAIT, GDPR)
APPLY →