Security Engineer (f / m / div)
at Penta Berlin
About your new role :
We’re looking for a hands-on Security Engineer to help us create the most secure banking experience for our customers.
In this role, you will lead the implementation of secure solutions with high availability that have a direct impact on securing Penta’s applications and infrastructure.
Based in our Berlin office, you’ll interact with a range of stakeholders including product development leads, architects, our platform and compliance teams, and external partners.
You’ll propose innovative security solutions and updates to existing solutions; negotiate alternative options; and build secure technical roadmaps.
In your new role you will :
Conduct secure architecture reviews and threat modelling workshops with teams to ensure all security risks are understood, and security requirements are identified.
Help the product and development teams to appropriately address security requirements
Ensure the use of appropriate security tools in the development environment
Implement proper access management in tech
Develop secure audit trails across the platform for each application
Design and conduct security training for developers
Conduct security onboarding sessions for new employees
Manage Penta’s external bug bounty program and develop an internal one
Manage and develop our vulnerability management process
Engage actively with risk assessments and with the development teams to resolve risks
Secure containers, CI / CD pipelines and implement guardrails for the developers aligned with the DevSecOps principles
Review, respond and triage security vulnerability reports
What do you need to be successful?
Strong verbal and written English communication skills you’ll be working with technical and professional Pentonians at all levels
Experience of building compliance and security automation as part of CI / CD pipelines
Demonstrable skill as a penetration tester
A high degree of technical expertise across a wide range of platforms, infrastructure, applications, storage, backup, etc.
Industry certifications e.g. OSCP, CISSP
Ideally you have prior experience working in a fintech and / or banking environment or similar regulated industry
Deep understanding of OWASP Top 10 security vulnerabilities and ability to explain them in detail.
Good understanding of cloud security (preferably AWS)
Ability to automate smaller security tasks via bash or Python scripting
Understanding of code flows and structures and experience in code reviews
What’s in it for you :
Working with a group of diverse and talented peers with a growth mindset and get shit done attitude.
A high degree of collaboration and autonomy.
The ability to change the way banking works for SMEs, startups and freelancers.
Wellness program across our locations : flexible working hours, Yoga once per week, counselling.
Strong network of companies and experts as part of the finleap family, Europe's No.1 fintech ecosystem.
Choice of computer.
Personal learning budget.
Company-wide events - we believe hard work and success deserve to be celebrated both in and out of our office.
Ability to travel between our offices.
Why Penta :
Penta is on a mission to become the digital financial partner for SMEs, entrepreneurs & freelancers and provide them with the experience they deserve when it comes to handling their finances with ease and transparency.
We are trusted by more than 20,000 clients and we are on a path to grow even more.
We are a team of 100+ stubborn professionals striving towards the same goal; making Penta’s product the best. When we see our customers happy, it motivates us even more to push traditional boundaries and inspires us to reimagine business banking for good.
Penta has international offices in Berlin and Belgrade
Sounds good? Then we’d love to get to know you!
Penta embraces diversity and equal opportunity in a serious way. We don’t just accept difference, we thrive from it and it’s the basis of our success.
We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.
Required / /
Resume / CV
Drop files here Cover Letter Drop files here When autocomplete results are available use up and down arrows to review Degree
Website / Github / Portfolio
Would you at any point require Visa sponsorship from Penta? *
Please let us know what is your salary range. *
How did you hear about this job? *
I hereby acknowledge that the personal data I have provided in the application process will be processed in accordance with the