Senior Security Engineer (Incident Response)

About the team:

We are seeking experienced Security Engineering with a passion for security and demonstrated expertise in Digital Forensics and Incident Response (DFIR) in a hybrid environment. The selected candidate will provide technical leadership and subject matter expertise within the Security Operations Team. The Security Operations (SecOps) Team works in collaboration with other teams within the Information Security organisation, collaborating with internal cross-functional teams as well as external partners. SecOps is responsible for leading and implementing the various initiatives related to improving SumUp’s security such as security monitoring and incident response, vulnerability management, threat intelligence and providing guidance on security best practices.

As a Senior Security Engineer in our Security Operations Team, you will lead Incident Response investigations, driving incidents to resolution, implementing lessons learned from security incidents, refining and maturing our processes and procedures. With experience in security engineering and automation, you will build and maintain playbooks and workflows with automation, playing a key role in elevating the efficiency and effectiveness of our security operations. This position is a unique chance to make a significant impact on our developing security posture.

What you’ll do:

• Lead security incident response engagements covering detection through post-incident, participate in an on-call rotation
• Perform root cause analysis, participate in incident reviews, write and review incident reports and drive implementation of lessons learned and mitigation strategies
• Develop initiatives and automations that improve our capabilities to effectively respond and remediate security incidents (e.g. defining alerting use-cases, identifying threat hunting hypothesis, promoting detection engineering, etc.)
• Mentor teammates and share your knowledge, Incorporating current security trends, advisories, publications, and academic research
• Improve process excellence by maintaining security documentation and continuously refine automation playbooks to adapt to the ever-changing threat landscape, ensuring our defences remain robust.
• Lead cross-team technical/project decisions, collaborating closely with other team members, and external partners

You’ll be great for this role if you have

• 6+ years of demonstrated experience in SOC or Incident Response roles, In-depth knowledge of incident response methodologies and tools
• Engineer mindset, experience in designing and implementing automations, processes and tools to improve detection and response capabilities, implementing and maintaining toolsets
• Skill in preserving evidence integrity according to standard procedures or national standards, knowledge of laws, regulations and ethics as they relate to cybersecurity and privacy.
• In-depth knowledge and experience with security technologies such as EDR, firewalls, cloud security tools, containers, AWS or GCP with a focus on cloud trail, and cloud watch.
• Team player with a willingness to share knowledge and experience with peer teams and engineers, capability to build working relationships with key stakeholders.
• GCIH, SANS or similar certification.

Why you should join SumUp:

🌍 Opportunity to work with SumUppers globally on large-scale fintech products used by millions of businesses worldwide, from our Berlin office. This involves an office-first setup.

🌈 Commitment to Diversity and Inclusion: Be part of a workplace that values and promotes diversity, fostering an inclusive environment where everyone's perspectives are respected and embraced

📚 A dedicated annual L&D budget of €2,000 for attending conferences and/or advancing your career through further education.

🚀 Enrolment onto our VSOP program: You will own a stake in SumUp’s future success

💶 A corporate pension scheme where we match up to 20% of your contributions

🔄 30 Days Sabbatical: Enjoy the unique opportunity to take a well-deserved break with our 30 days sabbatical benefit after completing 3 years of employment with SumUp.

🔗 Referral Bonus: Earn additional rewards by referring talented individuals to join the SumUp team.

🚵🏾‍♂️ Numerous other benefits such as Urban Sports Club subsidy, Kita placement assistance, relocation assistance, subsidised office lunches.

About us:

SumUp is a leading financial technology company, founded in 2012 with the goal of empowering small businesses around the globe. We’re the financial partner of choice for more than 4 million merchants in over 35 markets. We collectively build, plan and fine-tune the technology that drives SumUp and empowers small businesses around the world.

We believe in the everyday hero. Those who have the courage to follow their passion and who have the strength and determination to realise their dreams. Small business owners are at the heart of all we do, so we're creating powerful, easy-to-use financial solutions to help them run their business. With a founders mentality and a 'team-first attitude' our diverse teams across Europe, South America, and the United States work together to ensure that small business owners can be successful doing what they love.

SumUp is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. SumUp does not make hiring or employment decisions on the basis of race, colour, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender identity, sexual orientation, disability, age or any other basis protected by applicable laws or prohibited by Company policy. SumUp also strives for a healthy and safe workplace and strictly prohibits harassment of any kind.

Job Application Tip

We recognise that candidates feel they need to meet 100% of the job criteria in order to apply for a job. Please note that this is only a guide. If you don’t tick every box, it’s ok too because it means you have room to learn and develop your career at SumUp.