DevSecOps Engineer – Cloud Security (Hybrid, Berlin)

About the role

We are looking for a DevSecOps Engineer to lead cloud security initiatives for a fast‑growing European fintech. You will work in a hybrid setting from Berlin, shaping security practices across a regulated, API‑first brokerage platform built on modern cloud‑native architecture.

Key responsibilities

• Design and automate security controls across AWS infrastructure.
• Secure Kubernetes/EKS environments and cloud‑native applications.
• Embed security into CI/CD pipelines and software delivery workflows.
• Develop and improve vulnerability management processes and tooling.
• Manage IAM, RBAC, and least‑privilege access models.
• Drive infrastructure security, compliance, and monitoring initiatives.
• Support secure API and platform development in a regulated fintech context.
• Collaborate closely with DevOps, Platform Engineering, and Software Engineering teams.

Required profile

• Strong experience in DevSecOps, cloud or platform security, preferably in fintech or regulated financial services.
• Hands‑on expertise securing production AWS environments.
• Deep knowledge of Kubernetes and container security.
• Proven ability to embed security into engineering workflows.
• Security certifications (e.g., CISSP, CCSP, CCSK, CISM) are a plus but not mandatory.

Required skills

• AWS (VPC, Security Groups, GuardDuty, CloudTrail, Control Tower)
• Kubernetes / EKS
• Terraform
• Helm
• GitHub & CI/CD pipelines
• SAST / DAST / SCA tooling
• OPA / Policy‑as‑Code
• IAM / RBAC / SSO
• WAF / PKI / Certificates
• Cloud‑native security & observability tooling

What we offer

• Hybrid working model with strong flexibility across Germany.
• Startup agility combined with solid financial backing and long‑term stability.
• Exposure to large‑scale AWS and Kubernetes environments.
• High ownership, autonomy and impact on platform security strategy.
• Excellent progression opportunities as the business scales.