IT Security Engineer (DevSecOps) | FinTech Location: Hamburg (Hybrid) Industry: B2B Payments & Supply Chain Finance The Mission: Join a BaFin-regulated, international Payment Institution that is bridging the gap between global transactions and supply chain finance. Partnering with the world’s largest banks (including Deutsche Bank and UniCredit), our client handles high-stakes liquidity for enterprise customers. As an IT Security Engineer, you will be the guardian of this ecosystem, ensuring that "security-by-design" is a reality, not just a buzzword. The Role: This is a proactive, hands-on role situated at the intersection of Infrastructure, Application Security, and Compliance. You won’t just be monitoring dashboards; you will be architecting the resilience of a platform that moves millions of Euros daily. Infrastructure Hardening: Strengthen and secure cloud/on-prem infrastructure, working directly with DevOps to automate security within the CI/CD pipeline. Offensive & Defensive Security: Conduct regular penetration testing, security assessments, and audits. Lead incident response and malware investigations when needed. AppSec Advocacy: Partner with Java/Spring development teams to identify vulnerabilities at the code level and enable secure deployment configurations. Regulatory Leadership: Play a key role in aligning the technical stack with critical industry standards, including GDPR, ISO 27001, and the upcoming DORA requirements. Your Profile: Proven Track Record: Several years of experience in IT Security, ideally within a high-stakes or regulated environment (Finance, Healthcare, etc.). Tooling Mastery: Deep familiarity with SIEM, IDS/IPS, firewalls, and PenTesting frameworks. Automation Mindset: Proficient in Linux environments with strong scripting skills ( Python, Bash, or Ansible ) to automate security tasks. Developer Empathy: A solid understanding of the Java/Spring ecosystem and how security fits into the modern SDLC. Proactive Nature: You don't wait for a breach to happen; you hunt for vulnerabilities and propose architectural improvements. What’s in it for you? High Impact: Direct ownership over the security posture of a growing financial institution. Modern Culture: A tech-first environment with flat hierarchies, flexible hours, and a focus on "getting things done" rather than bureaucracy. Growth & Budget: An annual personal development budget and structured feedback to ensure you stay at the forefront of the Cybersecurity field. The "Hamburg" Perk: Work from a modern office in the heart of the city with a team that values both professional excellence and team spirit. Why this role? In the world of European Fintech, DORA (Digital Operational Resilience Act) is the biggest shift in a decade. This role puts you at the center of that transition, giving you the chance to build a "gold standard" security environment that satisfies both elite hackers and strict German regulators.