Paymenttools is on a mission to transform the payment landscape for retailers in Europe. With more than 4,4 billion visitors per year in our more than 15,000 REWE Group stores and travel agencies in 21 countries we know exactly what consumers and merchants need when exchanging goods for money. We strongly believe in making payments seamless and invisible, linking them with value added services within the framework of a reliable identity service. Our mantra: #wesolvepayn. We blend cutting-edge technology with stringent security to protect sensitive payment data while nurturing innovation in a cloud-native tech environment.

As a Security Engineer, you will play a critical role in establishing secure coding practices across various development environments. Collaborating closely with software engineers across the organization, your mission is to embed security best practices across the entire development lifecycle. You’ll act as a champion for secure coding, advise teams on secure architecture and threat modeling, and help drive secure DevOps automation and tooling initiatives.

Your Tasks

• Act as a subject matter expert in application security and evangelize best practices across engineering teams.
• Design, review, and enforce secure coding practices across different technology stacks.
• Integrate security controls in CI/CD pipelines, supporting a mature DevSecOps culture.
• Conduct threat modeling workshops and support teams in risk-based architecture decisions.
• Develop tools and scripts to automate vulnerability scanning and static analysis.
• Support teams with secure Infrastructure as Code (IaC) practices, including threat mitigation in Terraform or similar frameworks.
• Collaborate on IAM design and implementation to ensure proper identity and access management in distributed systems.
  
  

Your Experience

• Strong experience in security engineering, with a focus on application and cloud-native environments
• Deep expertise in application security, including secure frameworks, libraries, and known attack vectors
• Hands-on experience with secure DevOps (DevSecOps) tools and practices
• Familiarity with Infrastructure as Code using Terraform
• Clear, concise communication in English, with the ability to influence and coach both technical and non-technical stakeholders
• Experience working with compliance frameworks such as ISO27001, PCI-DSS, or German KRITIS is an advantage
• Experience in IAM design, including role-based access control and OAuth2/OIDC integrations is an advantage
  
  

Our Benefits

• Deutschland ticket, subsidized subscription
• 1.000 euro annual learning and development budget + internal training platforms
• Discounts on travel, fashion, technology, and more through our corporate benefits
• REWE discount card for discounts for REWE group retailers
• JobRad, affordable bicycle leasing!
• Company pension plan
• Insurance Services
  
  

Perks of working with us

• We work in a hybrid environment
• Flexible working hours that fit your workflow, your time matters!
• Language courses (English and German)
• Responsibility from day one
• Work with modern and agile software such as Google Workspace, Slack, Asana, Jira, Lattice, Miro and Confluence
• Company events including Hackathons and Company Days (ask us more about these!)
  
  

We are looking forward to getting to know you - so, even if you feel that you don’t quite meet all the requirements, but the position still excites you and you think you would love to work with us, please reach out! We would still love to hear from you. We explicitly encourage applicants within groups that are underrepresented in tech spaces as of today. We value all kinds of backgrounds and walks of life.