Skip to main content
Back to jobs

Security Engineering Lead (m/f/d)

External
upvest logoUpvest · Berlin, Germany
Full-timeRemote1mo ago
Application SecurityAWSAzureCI/CDCloud SecurityCompliance
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role


About the role

Upvest is at the inflection point where security needs to scale and remain a foundational discipline of the company. We're hiring a Security Engineering Lead to step into our lean and efficient Security team, set its multi-quarter direction, work cross-functionally and scale Security Engineering into a team that continues to own Upvest's entire application security and cloud security posture in a highly regulated environment as it scales. This role sits alongside our Security Operations and GRC teams, which owns detection, response, and compliance operations. Where SecOps keeps watch over what's happening now , Security Engineering shapes what we build and how we build it, embedding security into the SDLC, hardening our cloud environment, and building the platforms that make security teams more effective. You will own the secure paved roads every Upvest engineer relies on: automated SAST/DAST/SCA in our GitHub Actions pipelines, SSDLC adherence, IAM and network controls, and the technical implementation of DORA's (and other regulations') ICT risk framework for our platform. Our mission for the team is simple: make the secure way the easy way for everyone at Upvest.

Responsibilities

  • Set the multi-quarter strategy for application and cloud security across Upvest's Investment API platform - aligned with our product roadmap, our tenant commitments, and our regulatory obligations under DORA, MiFID II, and BaFin's MaRisk / BAIT requirements.
  • Lead, mentor, and grow our Security Engineering and Upvest's security culture. You'll inherit a small, talented team and own hiring, onboarding, growth, and retention as we scale. And you'll create initiatives to build security into the development and product life cycle.
  • Build paved roads. Own how Upvest performs encryption, authN/authZ, CI/CD, data, and network surfaces. We want fewer security review queues and more security baked into the templates.
  • Own application security end-to-end. Threat modeling, secure code review, SAST/DAST/SCA tooling integration in our GitHub Actions CI/CD, and vulnerability management.
  • Drive better cloud security posture across our GCP environment - IAM, VPC Service Controls, Cloud KMS, CSPM (Wiz), Binary Authorization for GKE, Terraform-driven infrastructure security baselines, and our Linkerd service mesh posture.
  • Embed security in every product design. Partner deeply with product and engineering teams. Architecture reviews, design partnerships, security champions across product squads, collaboration beats gatekeeping.
  • Stay current on emerging threats. AI / LLM security, agentic identities, and the secure use of AI tooling in our own engineering workflow are an active concern
  • Represent Upvest's security posture clearly to everyone
  • What you bring:
  • Hands-on, technically credible. You earn the trust of engineers by going deep, so you're comfortable reading code, threat modeling designs, debating architectures, and writing tooling when it's valuable.
  • Cloud-native security depth. GCP preferred; AWS or Azure transferable. You know IAM, network segmentation, KMS, IaC security (Terraform), and Kubernetes hardening (RBAC, network policies, Pod Security Standards) as a craft.
  • Product/Application security foundations. OWASP Top 10 / ASVS, secure code review, SAST/DAST/SCA tooling integration, supply-chain

Additional Information

At Upvest, we are on a mission to make investing as easy as spending money . Upvest empowers businesses to offer a wide range of investment products and the best experience in the field of capital market investment and retirement planning. Upvest's Investment API is easy to integrate so that fintechs and financial institutions can save resources and fully focus on their core business. We are proud to partner with Europe's leading Fintechs and financial institutions such as DKB, Revolut, N26 and Raisin. Founded in 2017 by Martin Kassing, Upvest now brings together over 270 talented professionals from more than 70 nationalities. Upvest is backed by €280M in total funding from world-class investors, including BlackRock, Tencent, Sapphire Ventures, and Bessemer Venture Partners, Earlybird, Notion Capital, and Motive. Our latest €105M funding round in March 2026 - led by Sapphire and Tencent - serves as a massive catalyst for our growth, allowing us to offer premier investment experience.


Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at upvest? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect