Senior Infrastructure Security Engineer mfd

Team

We are seeking a Senior Infrastructure Security Engineer with extensive experience in securing cloud environments particularly AWS. This pivotal role will focus on managing and optimizing the security of our cloud infrastructure to safeguard against evolving threats and ensure compliance with industry best practices and regulatory requirements.

As a Senior Infrastructure Security Engineer you will oversee multiaccount AWS architectures automate security processes and secure cloud infrastructure workloads and network resources. You will drive security improvements implement proactive risk mitigation strategies and ensure continuous compliance through automation and monitoring.

The ideal candidate will have a solid foundation in security architecture Site Reliability Engineering (SRE) and DevOps principles with a proven track record of delivering secure scalable solutions in cloud environments.

Your Responsibilities

• Manage and secure a multiaccount AWS architecture applying security controls and best practices across multiple AWS accounts and environments.
• Manage cloud identities to ensure secure compliant and leastprivileged access for users and service accounts minimizing security risks.
• Secure applications and network infrastructure to prevent malicious traffic mitigate potential attacks and protect the network perimeter.
• Implement security guardrails and policies and automate tasks such as monitoring compliance checks patch management and remediation processes to enhance operational efficiency and eliminate misconfigurations.
• Work with CWP CSPM and CIEM tools to implement and manage centralized security operations streamline compliance processes and enhance visibility across the infrastructure.
• Monitor Cloud infrastructure to identify vulnerabilities and misconfigurations ensuring proactive security controls early detection of risks and timely patch installation and configurations to remediate vulnerabilities.
• Harden host and container operating systems by adhering to security benchmarks and industry best practices to ensure robust security.
• Secure Kubernetes clusters containerized environments and workloads following best practices for container security and runtime protection.
• Integrate SIEM systems to onboard logs for centralized logging realtime threat detection and improved incident response.
• Conduct periodic reviews and monitor networks analyze logs and assess systems to prevent unauthorized use protect critical information and ensure service availability.
• Assist with compliance audits by preparing documentation and providing the necessary evidence.
• Review engineering proposals offer feedback and suggest improvements to enhance security and operational efficiency.
• Go beyond compliance to implement the latest security tools and techniques that improve the security posture of the organization.
• Identify opportunities to reduce infrastructure costs propose innovative solutions and suggest areas for improvement. Contribute to defining the roadmap setting priorities and aligning with OKRs.

Your Profile

• 5 years of experience securing cloud infrastructures (preferably AWS) managing multiaccount architectures and designing and implementing security systems to mitigate risks and ensure compliance.
• Relevant certifications such as AWS Certified Security Specialty are a plus.
• Handson experience with AWS security services such as CloudTrail GuardDuty IAM Config WAF Shield Inspector and KMS.
• Strong foundation in security architecture Linux systems identity and access management (IAM) and network security.
• Strong expertise in Kubernetes and container security including runtime protection and OS hardening.
• Experience in vulnerability management incident response and compliance enforcement through automation.
• Experience in administering SIEM (Security Information and Event Management) systems such as Splunk.
• Proficiency in Infrastructure as Code (IaC) and configuration management tools such as Terraform Ansible and Packer along with programming languages (e.g. Python) to automate security tasks.
• Passionate about security enjoys challenges and keeps uptodate with emerging threats and security technologies.
• Understanding of EU regulations and compliance standards such as GDPR ISO/IEC 27001 DORA and other relevant frameworks for data protection security and operational resilience is a plus.
• Knowledge of DevOps/SRE principles and integrating security into CI/CD workflows.

Join our mission join our team and grow with us!

At Raisin we care about each other and it is one of our top priorities to foster an open and caring environment in which everyone feels welcome and comfortable. Our culture is strongly driven by our ambitious team which connects more than 75 different nationalities.

Youll find us in our modern and open office in the trendy Kreuzberg district with a view of the Spree River ideally connected to public transportation and surrounded by a variety of restaurants and shopping opportunities.

As part of our team you will benefit from:

• Employee Development Budget of 2000 and four full training days per year.
• Access to Babbel for continuous language learning.
• Hungry all the time Snacks daily fresh fruit as well as drinks provided at the office.
• Flexible working hours home office and 30 vacation days.
• Enjoy more than 50 different sports with Urban Sports Club: We subsidize your membership with more than 20 per month.
• Love cycling With JobRad lease the bike of your choice and enjoy tax savings plus Raisin covers your monthly insurance costs.
• A company pension scheme (Betriebliche Altersvorsorge) which we support with 20.
• Do you miss being in the office The Deutschland Ticket gets you there which we subsidize with 25 per month.
• You are moving from another country or city to join us We will support your relocation.