Senior Could Security Engineer

As a Cloud Security Engineer at NavVis, you will play a critical role in strengthening our cloud security posture across AWS and Kubernetes environments. You will own and optimize our Wiz platform, implement security automation, and ensure compliance with ISO 27001 and SOC 2 standards.

This is a hands-on role where you will collaborate closely with engineering teams to embed security into our infrastructure and processes., * You will own and optimize cloud security posture using Wiz, AWS native tools, and internal monitoring.

• You drive security hardening and automation across AWS, Kubernetes (EKS), and on-prem infrastructure.

• You are responsible for Integrating security controls into CI/CD pipelines (Terraform, Helm, GitOps) to prevent misconfigurations.

• You build and maintain guardrails and detection rules for identity, network, and workload security.

• You will design and enforce least-privilege IAM policies; review access patterns and SAML workflows.

• You will be a strategic partner to the engineering teams to secure new services and architecture changes.

• You will be responsible for leading vulnerability management and remediation across cloud assets, containers, and applications.

• You will support risk assessments, compliance (ISO 27001, SOC2), and internal security reviews.

• You are responsible for responding to security incidents, conducting investigations, and improving follow-up actions.

• You will contribute to internal security documentation, standards, and processes.

Do you have experience in Terraform?, * Strong hands-on experience with AWS security (IAM, KMS, network controls, GuardDuty, Security Hub) and a solid understanding of Kubernetes security (RBAC, admission controllers, network policies).

• Solid Terraform skills and a mindset for automating improvements rather than relying on manual work.

• Experience with CSPM and monitoring tools (Wiz is a plus) to maintain a strong cloud security posture.

• Familiarity with ISO 27001 and SOC2 to support risk assessments, control implementation, and continuous improvement.

• Comfortable investigating security incidents, leading follow-ups, and maintaining clear documentation.

• Ability to design and enforce least-privilege IAM policies and support SSO initiatives.

• Strong communication and cross-team collaboration skills, enabling you to work closely with engineering teams to translate security needs into practical solutions and secure new services and architecture changes.

• You have strong English language skills for effective internal collaboration

• It's important to take a break from work! We offer 30 days of paid time off per year
• Affordable access to a vast network of fitness and wellness facilities through EGYM Wellpass subsidy
• Deutschlandticket subsidy to support sustainable travel using public transport
• We offer flexible working hours and a hybrid work setup, enabling you to plan your work around your life, and not your life around work!
• We offer full visa and relocation support for international candidates
• An attractive bike leasing model through JobRad, in line with our commitment towards sustainable mobility
• A competitive compensation package that values the skills and experience you bring
• Up to 4000 EUR employee referral bonus
• Financial support for local language classes to help you in your journey of integrating into the culture!

When people use our technology to "bridge the gap" between the physical and digital worlds, they don't just capture reality - they create a new one. In this new reality, they are smarter, more productive, more streamlined, and more creative - because they have the digital foundation to build the world they want to live in. That's what NavVis offers in all our products and services: the tools to not just map the world as it is, but to pave the way to a better future. To forge something new. Physical or digital, there is only one reality. And it's the reality NavVis empowers people to build better., NavVis is a technologically-focused, global leader in reality capture and digital factory solutions. Prominent manufacturers and laser scanning professionals around the world trust our ground-breaking technology, designed to capture and share the built environment as photorealistic digital twins. By bridging the physical and digital worlds, we're helping organizations make smarter decisions and build more efficient, connected operations. With over 300 people from around 60 nationalities and offices around the globe, we're proud to be a truly international and diverse place to work. As a scaling company, we bring together the agility, innovation, and entrepreneurial mindset of a startup with the professionalism and reliability of an established enterprise - offering our team the best of both worlds. You'll be part of an open culture that values trust, collaboration, and transparency. We are proud of our environment where diverse talent can thrive and where feedback fosters individual growth and development. Do you share our passion for disruptive technology and want to be part of our dynamic journey? At NavVis, you'll own your projects, bring innovative ideas to life, and have real opportunities to grow your career and be recognized for your impact. We derive our strength from our diversity. NavVis' unwavering commitment to fostering an inclusive and diverse workplace has laid the foundation for our incredible growth. We thrive on the collective strength of our people who come from diverse backgrounds. We respect and value every experience associated with race, gender identity, sexual orientation, nationality, religion and disability. We do not discriminate on the basis of any of these, or other identities, and strongly encourage everyone to apply. Together with you, we build NavVis! If you need assistance at any stage of the recruiting process due to a disability, please reach out to your recruiting partner(s) for this position.     If you require alternative methods of application or screening, you must approach the employer directly to request this as Indeed is not responsible for the employer's application process.