Senior IT Security Engineer

Taxfix GmbH
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English, German
Experience level
Senior

Job location

Remote

Tech stack

Artificial Intelligence
Amazon Web Services (AWS)
Software System Penetration Testing
Azure
Bash
Software as a Service
Cloud Computing
Cloud Computing Security
Computer Security
Continuous Integration
Identity and Access Management
Information Technology Operations
Python
Network Security
Scripting (Bash/Python/Go/Ruby)
Google Cloud Platform
Large Language Models
Mitre Att&ck
Cybercrime
Nessus
Terraform
Qualys
Vulnerability Analysis

Job description

As our Senior IT Security Engineer, you won't just secure systems-you'll help shape a security culture that enables our teams to work with confidence, speed, and minimal friction. We're scaling rapidly across Germany, Spain, and the UK, and our 400+ employees need robust security that doesn't slow them down.

You'll report to our Director of IT and work alongside System Engineers, Software Engineers, and IT Support Administrators to implement pragmatic security controls across our entire corporate infrastructure. You'll be the hands-on driver of our internal IT security landscape-ensuring that every system, tool, and endpoint used by Taxfix teams is secure by design and resilient in the face of threats.

Whether you work remotely within Germany or from our modern Berlin office in our hybrid work model, you'll have the freedom to design and implement security solutions that scale with our growth. This isn't about creating roadblocks-it's about building security that enables our teams to work confidently and efficiently., * Implement, automate and maintain pragmatic, scalable security controls across our SaaS tooling, employee devices, IAM system, MDM solutions, AI tooling, and cloud infrastructure

  • Lead incident response and management efforts, ensuring swift, effective resolution of security events impacting corporate IT operations
  • Manage and optimise EDR, IAM, and device management solutions according to security best practices
  • Continuously monitor, evaluate, and enhance security controls to adapt to evolving cyber threats and technological changes
  • Implement and enforce IT security policies across the organisation, providing clear guidance to all departments
  • Conduct light-weight penetration testing and threat analysis to identify vulnerabilities before they become problems
  • Provide expert security guidance to stakeholders across Taxfix, translating complex security concepts into actionable recommendations, * A chance to do meaningful, people-centric work with an international team of passionate professionals.
  • Holistic well-being with free mental health coaching sessions and yoga.
  • A monthly allowance to spend on an extensive range of services that you can use and roll over as flexibly as you like.
  • Employee stock options for all employees-because everyone deserves to benefit from the success they help to create.
  • 30 annual vacation days and flexible working hours.
  • Work from abroad for up to six weeks every year. Just align with your team, and then enjoy your trip.
  • Plenty of opportunities to socialise as a team. In addition to internal tech meetups, our international team hosts regular get-togethers-virtually and in person when possible.
  • Free tax declaration filing, of course, through the Taxfix app-and internal support for all personal tax-related questions.
  • Have a four-legged friend in your life? We're happy to have dogs join us in the office.

Requirements

Do you have experience in Terraform?, Do you have a Master's degree?, + 5+ years of security engineering experience in corporate IT or cloud security roles

  • Demonstrable experience securing public cloud environments (e.g., AWS, Azure, GCP)

  • Deep understanding of cloud IAM policies, roles, and best practices for least-privilege access

  • Professional experience with penetration testing and threat analysis

  • Practical experience with vulnerability scanning tools (e.g., Tenable, Qualys, Nessus) and managing the lifecycle of identified vulnerabilities

  • Proficiency with infrastructure-as-code tooling (Terraform preferred) and CI/CD security practices

  • Proficiency in one or more scripting languages for automation, such as Python, Go, or Bash

  • Deep understanding of security frameworks and methodologies, including MITRE ATT&CK, Cyber Kill Chain, NIST and SANS incident response frameworks

  • Familiarity with AI/LLM technologies for security applications

  • Fluent in English Nice to Have

  • Previous experience in fintech or highly regulated environments

  • Network security, specifically Cisco Meraki

  • German speaking and writing skills

About the company

Spread across Germany, Spain and the UK, the team at Taxfix Group with its brands Taxfix and Steuerbot, is a compassionate group of solution-finders. We speak our minds openly, and with over 400 professionals, including tax experts, developers, and IT security experts, we're rich in ideas and voices. The group has facilitated more than 3.5 billion euros in tax refunds for its customers since its founding in 2016.

Apply for this position