Cyber Security Staff Engineer - AWS Cloud
Solarisbank•5h ago
BerlinHybridFull-timeStaff Level5+ yrs exp
Top focus
Staff EngineerCloud Security EngineerCloud EngineerAws EngineerSecurity Engineer
- Solaris is Europe's leading embedded finance platform. Solaris’ full German banking license and proprietary modular B2B tech stack empowers its partners – from SMEs to large, multinational, non-financial companies – to offer compliant, customer-centric banking services, providing seamless experiences to customers across all industries. Founded in 2016, Solaris pioneered the Banking-as-a-Service market with an unparalleled combination of tech and banking. Solaris is headquartered in Berlin and employs 300 people in Europe.
- Your Role
- Partner closely with the existing Cloud Architecture and Engineering teams to audit the current AWS environment, identify security technical debt, and plan the refactoring of legacy resources into secure Terraform code.
- Design, deploy, tune, and maintain AWS WAF (Web Application Firewall) policies and rulesets to proactively protect corporate applications and APIs against application-layer attacks (OWASP Top 10, bots, and zero-day exploits).
- Establish and enforce cloud security guardrails, multi-account structures (AWS Organizations/Control Tower), and Service Control Policies (SCPs) in collaboration with the infrastructure team.
- Help on define and audit AWS Identity and Access Management (IAM) strategies, guiding engineering teams to transition from over-privileged legacy roles toward the principle of least privilege.
- Manage and optimize cloud-native security monitoring and detection tools (AWS Security Hub, GuardDuty, CloudTrail, Inspector, or KMS).
- Help on the incident respond for AWS-specific security alerts, performing cloud forensic analysis and coordinating containment strategies.
- Ensure the AWS cloud ecosystem remains fully compliant with relevant financial regulations, internal policies, and security frameworks (NIST, CIS, BaFin requirements).
- Lead the security automatizations on the AWS environment.
- Understanding of AWS native AI capabilities (ie Bedrock or Quick)
- We'd love to see
- Depending on your level of experience, your responsibilities and scope of role will range. We don’t care much about fancy titles, but rather about real personal and professional development, as laid out in our learning framework. Let’s figure together out how you can contribute to our team.
- A degree in Computer Science, Cloud Computing, Cyber Security, Information Technology, or equivalent professional experience.
- You have spent 5+ years of dedicated professional experience in Cloud Security Engineering, with a proven track record of securing complex AWS environments.
- AWS WAF & Edge Security: Deep hands-on experience designing, implementing, and fine-tuning AWS WAF, AWS Shield, and CloudFront to protect public-facing application endpoints.
- Advanced Terraform & IaC: Strong proficiency in Terraform and auditing IaC templates for security drifts.
- AWS Security Governance: Mastery of AWS native security tools (IAM, KMS, Security Hub, GuardDuty) and multi-account security architecture.
- Collaboration with Engineering: Experience working alongside separate, established Cloud Architecture or DevOps teams, acting as a security consultant rather than a solo administrator.
- Understands agile workflows and lean principles.
- Technical leadership, cross-team collaboration, and cloud governance focus.
- Business proficient written and spoken English.
- Highly Valued Certification: AWS Certified Security - Specialty. AWS Certified Solutions Architect (Associate/Professional) is a strong plus.
- Exceptional diplomatic and communication skills to align security requirements with the objectives of the existing Architecture and Engineering teams.
- Thinking: Structured and analytical approach to untangling legacy cloud setups and defining clear, secure milestones.
- Empathic team player who avoids the "silo" mentality and focuses on enabling other teams to build securely.
- Proactive peer that helps the growth of the team.
- Curious, constant learner that is willing to share learning with others.
- Benefits
- Home office budget.
- Learning & development budget of €1000 per year and a transparent growth framework to support your career goals.
- Competitive salary and a variable remuneration program.
- Monthly meal allowance.
- Deutschland ticket subsidy.
- 28 vacation days, increasing by 2 days after 2 years and 3 days after 3 years with Solaris.
- Opportunity to work abroad for up to 12 weeks per year.
- While job ads usually paint an ideal picture of a candidate, studies show that most applicants meet an average of 60% of the criteria. Unfortunately, many promising candidates tend to apply only if they meet all the criteria. So if you think you have what it takes, but don't necessarily meet every single item in the job description, please contact us anyway. We'd love to talk with you and find out if you might be a good fit for us.
- At Solaris, we are committed to nurturing an inclusive environment
- all Solarians feel valued, respected and supported. We are dedicated to building a diverse workforce that reflects the diversity of our communities. We are committed to equal employment opportunity regardless of color, ethnicity, religion, sex, origin, disability, marital status, citizenship
- gender identity. We are proud to be an equal opportunity workplace. If you have a disability or special need that requires accommodation, please let us know.
- Information on data processing:
- DE: https://www.solarisgroup.com/gdpr_notice_de
- EN: https://www.solarisgroup.com/gdpr_notice_en
- The annual gross salary range for this position is:
- €85.000 — €110.000 EUR
Required skills
AWSTerraformCloud SecurityAWS WAFAWS ShieldCloudFrontIAMKMSSecurity HubGuardDuty