Security Engineer remote

ABOUT US

Pliant is a European fintech specializing in B2B payment solutions. Our modular, API-first platform helps businesses streamline spending, improve cash flow, and integrate payments into their financial workflows. Designed for industries with complex payment needs, such as travel and fleet, Pliant enables greater efficiency, control, and profitability.

We serve two primary customer segments:

• Companies looking to optimize operational processes through intuitive apps and APIs, gaining control, automation, and financial flexibility through extended credit lines.
• Businesses such as financial software platforms, ERP providers, and banks that want to launch or enhance their credit card offerings using Pliant's embedded finance and white-label solutions.
  

Founded in 2020 and headquartered in Berlin, Pliant supports over 4,000 businesses and more than 20 partners globally. As a licensed e-money institution (EMI), we issue Visa-powered credit cards in 11 currencies across more than 30 countries, helping companies streamline and simplify payments.

Learn more at

About the Role

We're looking for a hands-on Security Engineer *remote* (m/f/d) with deep expertise in DevSecOps, cloud security (AWS), and automation to join our growing security team at Pliant. You'll play a critical role in designing and building secure foundations that scale. You will work closely with engineering, product, and infrastructure teams to embed security into our platform and developer workflows without slowing innovation.

This role is ideal for someone who thrives in a fast-moving environment, owns problems end-to-end, and wants to build modern, automation-driven security at scale.

What You'll Do

• Integrate security best practices throughout the SDLC to protect products, infrastructure, and customer data.
• Design, implement, and maintain security automation tooling to address problems at scale (e.g., patch management, vulnerability management, compliance evidence collection).
• Embed security controls and guardrails into the developer platform to enable secure and efficient delivery.
• Define and promote "Paved Roads" - reusable, secure development standards and Terraform/Docker modules.
• Harden containerized workloads (ECS and EKS) - ensure clusters follow security best practices for isolation, networking, and access control; Maintain secure, up-to-date base images; enforce image signing and provenance; implement admission control, least-privilege IAM roles, and runtime anomaly detection.
• Deploy and manage cloud security platforms (e.g., Wiz) and drive remediation workflows.
• Automate collection of audit-ready evidence for frameworks like PCI DSS, ISO 27001, SOC 2, and DORA.
• Support vulnerability management (triage, SLAs, RCA) and lead incident response and post-mortems.
• Conduct threat modeling, architecture reviews, and provide guidance on secure design and cryptography.
• Build and maintain security documentation, internal tooling, and feedback loops to strengthen security culture.
• Act as a security SME across application, cloud, and compliance domains.

What We're Looking For

• 5+ years of experience in a technical security role, preferably in a cloud-native or fintech/SaaS environment.
• Strong proficiency with AWS services and security (IAM, KMS, CloudTrail, S3, GuardDuty, SCPs, etc.).
• Solid understanding of DevSecOps practices and integrating security into CI/CD workflows.
• Proficient in Terraform and other IaC tooling, capable of writing secure, reusable modules and enforcing guardrails.
• Proficient in Python, Bash, or TypeScript – capable of scripting and building automation tools.
• Experience securing containers (Docker, ECS, EKS, or Kubernetes) and implementing hardened images.
• Expert level understanding of OWASP Top 10, secure coding, and software supply chain risks.
• Experience managing and integrating cloud security platforms (e.g., Wiz, Orca, Lacework, Prisma Cloud).
• Understanding of vulnerability management and remediation workflows at scale.
• Experience with application security practices, including code review, threat modeling, static and dynamic analysis (SAST, DAST), and attack surface analysis.
• Experience performing Application Penetration Testing or Vulnerability Research / Bug Bounty Hunting. (Ability to discover and identify fixes for SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities)
• Experience with threat modeling or security reviews.
• Excellent communication skills and empathy, security is a complex topic that you have to be able to explain to audiences of various levels of previous exposure or learning.

Bonus Skills

• Exposure to compliance frameworks (PCI DSS, ISO 27001, SOC 2).
• Familiarity with detection engineering or lightweight SIEM tooling.
• Contributions to open-source security tools or internal security automation frameworks.
  
  

What You'll Bring

• A builder's mindset: you enjoy solving real-world security problems with automation.
• A pragmatic approach to security: focused on reducing risk while enabling delivery.
• Willingness to dive into unknowns, collaborate across teams, and take ownership.
• Passion for clean, maintainable, and reusable code - even for security tools.
  
  

WHAT WE OFFER 

• The opportunity to work in a growing team with big responsibilities that thrives on a strong exchange of knowledge and excellence 
• Attractive remuneration
• Your choice of preferred OS, Windows or Mac
• Flat hierarchy and transparent communication in a relaxed, professional atmosphere
• Opportunity to develop your talent in a dynamic team with ambitious goals
• Flexibility and possibility to work remotely
• Company card with a monthly allowance for lunches, coffee, etc. with co-workers

At Pliant, we believe diversity and inclusion are essential to building not only an innovative product but also an exceptional experience for both our customers and our team. This commitment begins with our hiring process—we welcome individuals of all racial and ethnic backgrounds, religions, national origins, gender identities or expressions, sexual orientations, ages, marital statuses, and abilities. If you require accommodations or accessibility support during the interview process, please let us know in your application so we can make sure your experience is seamless.