Job Drop BerlinYOUR WAY INTO BERLIN TECH
POST A JOBSAVED JOBSMEET A STARTUPREADSUBSCRIBE
NewsletterLinkedIn
AboutTermsImpressumPrivacy

Senior IT Security Engineer

TTrade Republic
Seniority
Senior
Model
In-Office
Sector
Fintech
Salary
Undisclosed
Contract
Full-Time

About the role

As a Senior IT Security Engineer in our Security Operations team, you'll architect and maintain the defenses that protect our global workforce and internal infrastructure. You will be the primary guardian of our endpoint ecosystem, corporate network, and identity perimeters.

What you'll do

  • Deploy and manage EDR/XDR solutions across a diverse fleet, with a primary focus on macOS alongside Windows and Linux devices.
  • Architect end-user IAM workflows, including SSO integration, MFA enforcement, and automated lifecycle management (Joiners/Movers/Leavers) together with our IT team.
  • Secure our physical and logical corporate networks, managing firewalls, VPNs, and SD-WAN architectures.
  • Implement and optimize Zero Trust Network Access (ZTNA) to replace traditional perimeter-based security for internal applications.
  • Define security baselines and hardening standards within MDM tools like Jamf to ensure compliant-only device access.
  • Drive and automate the patching for all non-cloud assets, ensuring third-party software and OS vulnerabilities are remediated within SLA.
  • Implement and tune endpoint-level DLP controls to prevent unauthorized data exfiltration.
  • Lead technical initiatives for phishing simulations and deploy automated tools to analyze, report suspicious emails, and provide security awareness training for all employees.

What you'll need

  • 5+ years as a Security Engineer with 4+ years specializing in Enterprise/Corporate Security.
  • Deep experience with modern Identity Providers (Okta, Google Workspace) and passwordless authentication.
  • Proven track record managing enterprise EDR (CrowdStrike, SentinelOne) and MDM platforms (Jamf) at scale.
  • Strong understanding of non-cloud networking (switching, routing, and firewalling).
  • Practical experience applying CIS Benchmarks or NIST standards to end-user workstations and office infrastructure.
  • Proficiency in automating security tasks and API integrations between security tools.

Nice to have

  • Experience moving organizations away from legacy VPNs toward ZTNA solutions (e.g., Zscaler, Netskope or Tailscale).
  • Familiarity with TPM/Secure Enclave technologies and disk encryption management (FileVault, BitLocker).
  • Experience working in highly regulated environments (GDPR, BaIT, or MaRisk).
APPLY →