Information Security Engineer

Responsibilities

• Analyze and review technical architectures and system configurations across on-premises and cloud environments
• Identify security gaps and improvement opportunities, and advise stakeholders on remediation strategies
• Partner with internal IT, engineering, and product teams on security topics such as identity and access management, mobile device management, and network security
• Conduct technical risk management activities, including risk identification, evaluation, and impact assessment
• Support and participate in information security incident response and investigation activities
• Improve and scale security operations through enhanced tools, processes, and automation
• Implement and strengthen technical and organizational security controls, including centralized logging and vulnerability management
• Design and establish centralized security services for distributed business units and international subsidiaries
• Automate recurring security and compliance activities using scripting and tooling
• Support technical due diligence activities for vendors, partners, and acquisitions
• Promote and strengthen a security and data protection culture across the organization
• Contribute to secure architecture and secure SDLC practices

Qualifications

• Strong foundation in systems engineering, including infrastructure, architectures, and networking
• Solid understanding of technical security controls such as encryption, IAM, endpoint security, and network protections
• Experience with common enterprise security and IT tools (e.g., CSPM platforms, MDM solutions, Microsoft 365 security stack)
• Familiarity with enterprise and delivery tools such as Jenkins, Jira, and Confluence
• Understanding of common attack techniques, threat scenarios, and security operations practices
• Experience supporting or participating in incident response processes
• Knowledge of information security risk management methodologies
• Understanding of network design and architecture principles
• Experience with cloud security concepts and Infrastructure as Code (Terraform preferred)
• Understanding of SDLC and secure software development practices
• Basic scripting or programming skills (Python, Bash/Shell, or similar)
• Strong analytical and problem-solving skills
• Ownership mindset with the ability to independently drive tasks forward
• Comfortable working in lean and agile environments
• Excellent written and verbal communication skills in English (German is a plus)
• Demonstrated curiosity, learning mindset, and enthusiasm for information security

Preferred Qualifications

• Relevant security certifications (e.g., CISSP, GIAC, cloud security certifications)
• Experience building or scaling security operations in cloud-first environments
• Experience with security automation and orchestration