Senior Cloud Security Engineer

At PPRO, our mission is to simplify access to local payment methods and our vision is to enable the sale of goods and services to anyone in the world using their preferred way to pay. We empower partners such as Ant Group, PayPal and Stripe to access new markets, connect with more customers, and accelerate their growth.
Our strength lies in our diverse global team with 50+ nationalities and 10+ international locations- all united around one goal – to deliver the best possible products and services to our partners and customers. While our company mission is to keep innovating global commerce, our internal mission is to #chooseaction, #beopen, #thinkcustomer, #gofurther and #wintogether
The Purpose:
As a Senior Security Engineer, you’ll play a pivotal role in supporting PPRO’s mission to provide robust, secure, scalable and resilient systems. In PPRO, we operate an extensive cloud environment spanning across several AWS accounts and GCP. Your primary focus will be on ensuring the security and integrity of our cloud infrastructure and services, including the development and maintenance of our security platform. You will conduct assessments and analyze risks, design secure solutions, maintain IaC codebases and security automations, design metrics and KPIs to measure our security posture as well as detect, investigate and prevent attacks against our technology systems. The role is highly collaborative, involving frequent interaction with various members of the technology

What will you be doing:

• Risk assessments and architecture reviews of our cloud environments and technology stacks.
• Collaborating with engineering on the design of secure solutions.
• Writing Hardening Standards and Security Guidelines for various technologies and processes.
• Owning and maintaining our Cloud Native Application Protection Platform (CNAPP).
• Developing automations for recurrent and manual tasks around auditing activities, cloud security posture management (CSPM) and other security processes.
• Maintaining and expanding our IaC codebase and CI/CD pipelines.
• Threat modelling applications and services and creating detection rules for our SIEM.
• Provide technical advice in various compliance matters.

Some of the technologies you will get to work with:

• AWS (Kubernetes, ECS, GuardDuty, SecurityHub, Lambda and more).
• Security tools (Aqua Security, Rapid7, Qualys, DefectDojo, Artifactory, CrowdStrike and more).
• DataDog (SIEM).
• Terraform, Terragrunt.
• Github Actions.

You will need to have:

• Solid knowledge of computer networks and operating systems.
• Strong background in AWS, with a great understanding of security hotspots, best practices and security related services.
• Container security best practices (incl. Kubernetes security).
• Infrastructure as code (preferably Terraform).
• CI/CD pipelines (preferably Github actions).
• Scripting (Python, bash).
• Excellent English skills in written & spoken.
• Strong interpersonal skills, able to effectively foster security awareness within the company.
• Proactive security mindset with a focus on identifying potential vulnerabilities and risks.

What's in it for you ? :
Hybrid working - We offer a hybrid structure with a 3 days / week on site expectation, so you can strike the balance between office and home working. In addition to our 30-day holiday allowance, we also provide a work from abroad policy, enabling employees to work remotely for up to another 30 days per year
Insurance - Because better safe than sorry - we want our employees to benefit from various insurances including accident insurance, disability insurance, direct insurance (bAV) and travel insurance. 
Enhance Family Leave - We understand the importance of family - that's why we offer enhanced family leave to support you during key life moments.
Gym membership - PPRO helps contribute towards the costs of your gym membership, supporting your physical fitness journey while easing the burden on your wallet
Professional and personal development - We provide leadership cafes, on-the-job training, and access to LinkedIn learning to help you gain knowledge beyond your role. We also offer German language courses to our non native speakers employees.
Mental Health Platform - We’ve teamed up with a top well-being platform to provide one-on-one therapy, chat therapy, therapist-led courses, guided meditations, and more.
Our office - Located on St.-Martin-Straße, one stop from Ostbahnhof on the 3 and 7 S-lines. The office is situated in a modern and spacious building with fully multimedia-equipped meeting rooms for up to 30 people. The 4th floor features a kitchen and a lunch area, providing a comfortable space for meals and breaks.
Our Principles: 
We get things done: We are courageous; we take ownership, make decisions and get things done.
We act with trust and integrity: We listen first and challenge respectfully. We seek out and leverage diverse perspectives. We welcome and offer honest and open feedback, always assuming positive intent
We put the customer first: We are laser focused on delivering outstanding outcomes for our customers. We put the customer at the heart of what we do.
We make things better: We boldly explore  new ideas and have an unwavering commitment to continuous improvement.
We work as a team: We collaborate closely and value team success over individual achievement.