Senior Cloud Security Engineer
We are looking for a Senior Cloud Security Engineer with a strong DevSecOps mindset, someone who embeds security into the engineering lifecycle, builds automation that eliminates manual overhead, and works closely with development teams to make secure-by-default the standard. In this role, you will secure our cloud infrastructure, own our CI/CD security posture, and develop tooling that scales with our engineering organisation.
- Design and maintain secure, highly available infrastructure on AWS.
- Apply zero-trust principles across our cloud and network perimeter.
- Develop custom automation scripts and tooling (using Python, Go, or Bash) to monitor compliance, eliminate manual operational overhead, and contextualize findings from detection systems.
- Embed automated security controls into CI/CD pipelines using GitOps principles, GitHub Actions/GitLab CI, and Infrastructure as Code (Terraform, AWS CDK).
- Own the security gates that ship with every deployment.
- Serve as the security SME for engineering, running threat modeling sessions, reviewing architectures, and translating security requirements into development tasks.
- Leverage Agentic AI, LLMs, and frameworks (like AWS Bedrock) to build internal tools for automated vulnerability detection and secret scanning (e.g., detecting leaked PII or security misconfigurations).
- 4+ years of hands-on experience in Cloud Security, DevSecOps, or Site Reliability Engineering (SRE) with a strong security focus. (required)
- Deep knowledge of AWS services, specifically IAM, EC2, ECS, EKS, VPC, Lambda, and Security services (e.g., GuardDuty, SecurityHub CSPM, Amazon Inspector, etc.). (required)
- Proven ability to secure complex cloud and hybrid network architectures. (required)
- Understanding of IaaS, PaaS, SaaS cloud deployment models, and shared responsibility models. (required)
- Strong proficiency in Python, Go, and Bash. (required)
- Comfortable writing production-grade code and interacting with APIs. (required)
- Hands-on experience securing Docker containers, Kubernetes (EKS), and deploying policy and infrastructure as code via declarative tools such as Terraform and Helm. (required)
- Excellent ability to translate complex security requirements into actionable development plans for cross-functional teams. (required)
- Flexibility to work where you thrive – Enjoy the freedom of our Hybrid working model, combining onsite collaboration and remote work, with an additional 25 days per year to work from a city or country of your choice.
- Reward for your impact – Receive a competitive total compensation package aligned with Bitpanda’s pay-for-impact policy, including participation in our stock option plan.
- Support for your mental wellbeing – Access confidential coaching, counselling, and mental health resources whenever you need them through OpenUP.
- Time to recharge – Take extra time off to rest, reset, and recharge, with 3 additional days off in 2026 to prioritise your wellbeing.
- Continuous learning and growth – Grow your skills and stay ahead in your career with unlimited access to Udemy’s library of online courses at your own pace.
- Exclusive perks and rewards – Enjoy discounts, rewards, and perks from partners worldwide across lifestyle, wellness, tech, and travel.
- Support during life milestones – Take advantage of our additional 8 weeks of gender-neutral new parent leave to welcome and bond with your new addition to the family.
- Fuel and focus on-site – Pandas in Vienna, Bucharest, Barcelona, and Berlin can enjoy free onsite dining, with freshly prepared lunches and snacks to keep you fueled and focused all day long.
- Recognition for your contributions – Celebrate milestones and achievements with recognition and rewards for your Tenure at Bitpanda.
- Show your Bitpanda pride – Access exclusive Bitpanda-branded merchandise and gear to represent.
- Connect and celebrate with your team – Join unforgettable company events, from our Winter Party in Vienna to gatherings worldwide, fostering fun, connection, and celebration.




