Portfolio Jobs

Please note that the positions are based in Berlin/London— relocation and visa support is provided if required (only if already based in the United Kingdom or Europe).


BEST WORK OF YOUR CAREER

Trade Republic is the largest savings platform in Europe - we operate in 18 countries, serving +10 million customers who trusted us with over 150B in assets. But we’re striving for more.

We have a bold mission to empower everyone to build wealth with easy, safe, and free access to financial systems. You will have the opportunity to grow your career by collaborating with a team of outstanding talents and state of the art technology to build a lasting, positive future for millions.

WHAT YOU'LL BE DOING

As a Senior IT Security Engineer in our Security Operations team, you'll architect and maintain the defenses that protect our global workforce and internal infrastructure. You will be the primary guardian of our endpoint ecosystem, corporate network, and identity perimeters. Your responsibilities include:

• Endpoint Defense: Deploy and manage EDR/XDR solutions across a diverse fleet, with a primary focus on macOS alongside Windows and Linux devices.
• Identity & Access Management (IAM): Architect end-user IAM workflows, including SSO integration, MFA enforcement, and automated lifecycle management (Joiners/Movers/Leavers) together with our IT team.
• Network Security: Secure our physical and logical corporate networks, managing firewalls, VPNs, and SD-WAN architectures.
• Zero Trust Architecture: Implement and optimize Zero Trust Network Access (ZTNA) to replace traditional perimeter-based security for internal applications.
• Device Management (MDM): Define security baselines and hardening standards within MDM tools like Jamf to ensure "compliant-only" device access.
• Vulnerability Management: Drive and automate the patching for all non-cloud assets, ensuring third-party software and OS vulnerabilities are remediated within SLA.
• Network Access Control (NAC): Manage and monitor office network security, implementing 802.1X authentication for wired and wireless environments.
• Data Loss Prevention (DLP): Implement and tune endpoint-level DLP controls to prevent unauthorized data exfiltration.
• Security Awareness & Phishing: Lead technical initiatives for phishing simulations and deploy automated tools to analyze, report suspicious emails, and provide security awareness training for all employees

WHAT WE'RE LOOKING FOR

Core Experience

• 5+ years as a Security Engineer with 4+ years specializing in Enterprise/Corporate Security.
• Identity: Deep experience with modern Identity Providers (Okta, Google Workspace) and passwordless authentication.
• Endpoint: Proven track record managing enterprise EDR (CrowdStrike, SentinelOne) and MDM platforms (Jamf) at scale.
• Networking: Strong understanding of non-cloud networking (switching, routing, and firewalling).
• Hardening Knowledge: Practical experience applying CIS Benchmarks or NIST standards to end-user workstations and office infrastructure.

Skills

• Automation: Proficiency in automating security tasks and API integrations between security tools.
• Zero Trust: Experience moving organizations away from legacy VPNs toward ZTNA solutions (e.g., Zscaler, Netskope or Tailscale).
• Hardware Security: Familiarity with TPM/Secure Enclave technologies and disk encryption management (FileVault, BitLocker).
• Financial Services: Experience working in highly regulated environments (GDPR, BaIT, or MaRisk).

WHY YOU SHOULD APPLY NOW

Our culture rewards ownership, excellence, and high energy. We care deeply about outcomes and hold each other accountable - we’re here to win and fix one of the largest challenges Europeans face - closing the pension gap and democratising wealth. If this gets you fired up, reach out!