MenuMenu

Senior Security Engineer- Zalando Payments (all genders)

Location
Germany - Berlin
Contract
Full time
Job Category
IT Consulting & Operations

THE ROLE & THE TEAM 

The Information Security team at Zalando Payments acts as the second line of defense, owning the Information Security Management System and providing independent oversight of security risks and controls. As a regulated e-money and payments institution, we operate under frameworks such as DORA, PCI DSS, GDPR, and BaFin expectations, ensuring security is embedded, measurable, and auditable.

In this role, you will help define and maintain security policies, standards, and the ZPS Security Controls Framework, while independently verifying control design and effectiveness across cloud, infrastructure, and application domains. You will work closely with first line Engineering teams, while maintaining the independence required to challenge and strengthen the overall security posture.

We are evolving towards a modern, scalable GRC model focused on automated evidence collection and continuous control monitoring. You will play a key role in driving this transformation, combining governance expertise with a technical mindset.

You will also support internal and external audits, regulatory readiness, and management reporting, ensuring control effectiveness is demonstrated in a structured and data driven way.

INCLUSIVE BY DESIGN

If you think you have what it takes, we encourage you to apply even if you don't meet every single requirement. You may just be the right candidate for this or other roles!

At Zalando, our vision is to be the leading pan-European ecosystem for fashion and lifestyle e-commerce – one that thrives on diversity and is truly inclusive by design. We believe that diverse teams fuel innovation and creativity, and we actively seek out talent from all backgrounds.

We actively seek to reduce bias in our hiring and employment processes, focusing on your qualifications, skills, and contributions. To support this, we kindly ask that you refrain from including personal details such as your photo, age, or marital status in your CV, ensuring a fair and equitable evaluation based solely on your abilities and potential.

We are committed to providing an exceptional and accessible candidate experience for everyone. If you require any accommodations to support you throughout the hiring process, please let us know – we are here to assist you.

Discover more about our commitment to creating a diverse and inclusive workplace: https://jobs.zalando.com/en/our-culture/diversity-and-inclusion

WHAT WE’D LOVE YOU TO DO (AND LOVE DOING)

  • Own and evolve the Information Security Management System at Zalando Payments, ensuring alignment with DORA, PCI DSS, ISO 27001, and internal policies.

  • Drive the ZPS Security Controls Framework, including control definition, evidence requirements, and maturity targets.

  • Independently verify security controls, assessing design and effectiveness, and ensuring traceability between risks, controls, and evidence.

  • Apply a GRC engineering mindset by enabling automated evidence collection and continuous control monitoring.

  • Collaborate with first line Engineering and Operational Security teams to ensure scalable and effective control implementation.

  • Support internal and external audits and ensure regulatory readiness through structured, evidence driven practices.

 

WE’D LOVE TO MEET YOU IF 

  • You have 5+ years of working experience in Information Security, Risk, or GRC, ideally in regulated environments such as fintech or payments.

  • You understand frameworks and regulations such as DORA, PCI DSS, ISO 27001, or GDPR.

  • You have experience designing or assessing security controls, including defining evidence and evaluating effectiveness.

  • You bring a GRC engineering mindset, with an interest in automation, scalable evidence collection, and continuous monitoring.

  • You are able to challenge constructively as a second line of defense, while collaborating effectively with engineering and security teams.

  • You communicate clearly with both technical and non technical stakeholders, including senior management.

OUR OFFER

Zalando provides a range of benefits, here’s an overview of what you can expect. Ask your Talent Acquisition Partner to learn more about what we offer.

  • 27 days of holiday a year to start for full-time employees (+1 day for every calendar year up to 30 days)

  • 2 paid volunteering days a year

  • Hybrid working model with up to 60% remote per week, actual practice is up to each team to best support their collaboration

  • Work from abroad for up to 30 working days a year

  • Employee shares program

  • 40% off fashion and beauty products sold and shipped by Zalando, 30% off Lounge by Zalando, discounts from external partners

  • Relocation assistance available (subject to prior agreement)

  • Family services, including counseling and support

  • Health and wellbeing options (including Wellhub, formerly Gympass)

  • Mental health support and coaching available

  • Drive your development through our training platform and biannual peer-to-peer review
     

Recruiter

Claudia Moras Baez

claudia.moras.baez@zalando.de

Please note that all applications from this job page must be completed using the online form - we do not accept applications via e-mail. Once reviewed, our recruiters will contact applicants via an official Zalando email address (@zalando.de).

In some cases we also work with a selection of headhunters and agencies to fill specific roles. Please note that neither Zalando nor our recruiting partners will ask for any kind of payment to apply for a job or attend an interview.

If you have any questions about our recruitment process, please take a look at our FAQ page.

About Zalando

Founded in Berlin in 2008, Zalando is the leading European technology platform for fashion and lifestyle. Connecting 62 million active customers with more than 7,000 brands across 29 markets, our operations are built on a unique AI-powered data and infrastructure platform. For our customers, our multi-app approach - comprising Zalando, ABOUT YOU, and Lounge by Zalando - delivers an inspiring, highly personalized shopping experience, serving different customers with different needs. For our partners, we are building the operating system for e-commerce. Through ZEOS, Tradebyte, and SCAYLE, we open our logistics, software, and service capabilities to brands and retailers, enabling them to seamlessly scale their businesses across borders.

Learn more about our culture