Senior IT Security Engineer

@ Taxfix

Our Story

Every year millions of people are either filing their taxes in fear or giving up on their tax refund altogether. Taxfix is fixing that with an intuitive app that enables anyone, regardless of education or background, to file their taxes confidently. With teams spread across Germany, Spain, and the UK, Taxfix Group and its brands Taxfix and Steuerbot have facilitated over 3.5 billion euros in tax refunds since 2016.

Your Challenge

As our Senior IT Security Engineer, you will shape a security culture that empowers our teams to work confidently, quickly, and efficiently. Reporting to the Director of IT, you will collaborate with System Engineers, Software Engineers, and IT Support Administrators to implement robust security controls across our corporate infrastructure.

Your Responsibilities And Decisions

• Implement, automate, and maintain scalable security controls over SaaS tools, employee devices, IAM system, MDM solutions, AI tooling, and cloud infrastructure.
• Lead incident response and manage security events impacting corporate IT operations.
• Optimize EDR, IAM, and device management systems according to security best practices.
• Continuously monitor and enhance security controls to combat evolving cyber threats.
• Enforce IT security policies and provide clear guidance across all departments.
• Conduct light-weight penetration testing and threat analyses to proactively identify vulnerabilities.
• Offer expert security recommendations, translating complex concepts into actionable steps.

Core Requirements

• 5+ years of security engineering experience in corporate IT or cloud security roles.
• Experience securing public cloud environments (e.g., AWS, Azure, GCP) and deep understanding of cloud IAM policies.
• Practical proficiency with penetration testing, vulnerability scanning tools (Tenable, Qualys, Nessus), and remediation lifecycle.
• Experience with infrastructure-as-code, preferably Terraform, and CI/CD security practices.
• Proficiency in one or more scripting languages such as Python, Go, or Bash.
• Strong grasp of security frameworks and incident response methodologies (MITRE ATT&CK, NIST, etc.).
• Familiarity with AI/LLM technologies for security applications.
• Fluency in English; German language skills advantageous.

Nice to Have

• Experience in fintech or highly regulated environments.
• Expertise in network security, particularly with Cisco Meraki.
• German speaking and writing skills.

Why Taxfix?

• Meaningful, people-centric work with an international team.
• Holistic well-being benefits including free mental health coaching and yoga.
• Monthly allowances, employee stock options, and flexible vacation policies.
• Opportunity to work from abroad and extensive team social events.
• Free tax declaration filing through the Taxfix app and internal personal support.
• Welcoming office culture with pet-friendly spaces.

Key skills/competency

• IT Security
• Cloud
• IAM
• Penetration Testing
• Vulnerability Scanning
• Terraform
• Scripting
• Incident Response
• Automation
• Compliance