Cyber Security Staff Engineer AWS Cloud
Job Summary
Solarisis Europes leading embedded finance platform. Solaris full German banking license and proprietary modular B2B tech stack empowers its partners from SMEs to large multinational non-financial companies to offer compliant customer-centric banking services providing seamless experiences to customers across all industries. Founded in 2016 Solaris pioneered the Banking-as-a-Service market with an unparalleled combination of tech and banking. Solaris is headquartered in Berlin and employs 300 people in Europe.
Your Role
- Partner closely with the existing Cloud Architecture and Engineering teams to audit the current AWS environment identify security technical debt and plan the refactoring of legacy resources into secure Terraform code.
- Design deploy tune and maintain AWS WAF (Web Application Firewall) policies and rulesets to proactively protect corporate applications and APIs against application-layer attacks (OWASP Top 10 bots and zero-day exploits).
- Establish and enforce cloud security guardrails multi-account structures (AWS Organizations/Control Tower) and Service Control Policies (SCPs) in collaboration with the infrastructure team.
- Help on define and audit AWS Identity and Access Management (IAM) strategies guiding engineering teams to transition from over-privileged legacy roles toward the principle of least privilege.
- Manage and optimize cloud-native security monitoring and detection tools (AWS Security Hub GuardDuty CloudTrail Inspector or KMS).
- Help on the incident respond for AWS-specific security alerts performing cloud forensic analysis and coordinating containment strategies.
- Ensure the AWS cloud ecosystem remains fully compliant with relevant financial regulations internal policies and security frameworks (NIST CIS BaFin requirements).
- Lead the security automatizations on the AWS environment.
- Understanding of AWS native AI capabilities (ie Bedrock or Quick)
Wed love to see
Depending on your level of experience your responsibilities and scope of role will range. We dont care much about fancy titles but rather about real personal and professional development as laid out in ourlearning framework. Lets figure together out how you can contribute to our team.
- A degree in Computer Science Cloud Computing Cyber Security Information Technology or equivalent professional experience.
- You have spent 5 years of dedicated professional experience in Cloud Security Engineering with a proven track record of securing complex AWS environments.
- AWS WAF & Edge Security: Deep hands-on experience designing implementing and fine-tuning AWS WAF AWS Shield and CloudFront to protect public-facing application endpoints.
- Advanced Terraform & IaC: Strong proficiency in Terraform and auditing IaC templates for security drifts.
- AWS Security Governance: Mastery of AWS native security tools (IAM KMS Security Hub GuardDuty) and multi-account security architecture.
- Collaboration with Engineering: Experience working alongside separate established Cloud Architecture or DevOps teams acting as a security consultant rather than a solo administrator.
- Understands agile workflows and lean principles.
- Technical leadership cross-team collaboration and cloud governance focus.
- Business proficient written and spoken English.
- Highly Valued Certification: AWS Certified Security - Specialty. AWS Certified Solutions Architect (Associate/Professional) is a strong plus.
- Exceptional diplomatic and communication skills to align security requirements with the objectives of the existing Architecture and Engineering teams.
- Thinking: Structured and analytical approach to untangling legacy cloud setups and defining clear secure milestones.
- Empathic team player who avoids the silo mentality and focuses on enabling other teams to build securely.
- Proactive peer that helps the growth of the team.
- Curious constant learner that is willing to share learning with others.
Benefits
- Home office budget.
- Learning & development budget of 1000 per year and a transparent growth framework to support your career goals.
- Competitive salary and a variable remuneration program.
- Monthly meal allowance.
- Deutschland ticket subsidy.
- 28 vacation days increasing by 2 days after 2 years and 3 days after 3 years with Solaris.
- Opportunity towork abroad for up to 12 weeks per year.
While job ads usually paint an ideal picture of a candidate studies show that most applicants meet an average of 60% of the criteria. Unfortunately many promising candidates tend to apply only if they meet all the criteria. So if you think you have what it takes but dont necessarily meet every single item in the job description please contact us anyway. Wed love to talk with you and find out if you might be a good fit for us.
At Solaris we are committed to nurturing an inclusive environment where all Solarians feel valued respected and supported. We are dedicated to building a diverse workforce that reflects the diversity of our communities. We are committed to equal employment opportunity regardless of color ethnicity religion sex origin disability marital status citizenship or gender identity. We are proud to be an equal opportunity workplace. If you have a disability or special need that requires accommodation please let us know.
Information on data processing:
DE: annual gross salary range for this position is:
85.000 - 110.000 EUR
About Company
The tech company with a banking license - our Banking-as-a-Service platform has everything you need to build your own banking products.