Senior Security Engineer - Purple Teaming

THE BEST WORK OF YOUR CAREER 

Trade Republic is the largest savings platform in Europe - we operate in 18 countries, serving +10 million customers who trusted us with over 150B in assets. But we’re striving for more.

We have a bold mission to empower everyone to build wealth with easy, safe, and free access to financial systems. You will have the opportunity to grow your career by collaborating with a team of outstanding talents and state-of-the-art technology to build a lasting, positive future for millions. 

WHAT YOU'LL BE DOING

As a Senior Security Engineer in Purple Teaming, you'll plan and execute purple team exercises aligned to real‑world threat actors to protect Trade Republic's critical systems and customer data. Your responsibilities include:

• Design attack scenarios covering initial access, persistence, lateral movement, privilege escalation, command‑and‑control, and exfiltration.
• Coordinate with business and engineering teams to gather requirements, understand operational constraints, and ensure testing activities align with business risk.
• Assess existing security controls to ensure they aren't just "active," but actually effective.
• Conduct deep-dive assessments of internal networks, applications, and cloud infrastructure.
• Develop and tune SIEM detections, analytics rules, and alerts based on attack simulations and real incidents together with the Security Operations team.
• Validate alert quality, reduce false positives, and improve signal‑to‑noise ratio.
• Validate coverage of detections against known TTPs and identify detection gaps.
• Support and enhance incident response playbooks, escalation paths, and response automation.
• Conduct hypothesis‑driven threat hunts based on attacker tradecraft and threat intelligence.

WHAT WE'RE LOOKING FOR 

Core Experience

• 5+ years as a Security Engineer with 3+ years specializing in Purple/Red/Blue Teaming.
• Experience running or leading purple team exercises in enterprise environments
• Strong understanding of real‑world attacker behavior, not just theoretical frameworks
• Experience operating in regulated or compliance‑driven environments (MaRisk, BAIT, GDPR)

Technical Experience

• Strong understanding of cloud security (AWS) and Kubernetes security
• Good understanding of macOS security
• Experience with SIEM solutions, preferably Google SecOps
• Experience with Endpoint Detection & Response (EDR) tools such as SentinelOne or CrowdStrike
• Proficiency in Python, Go or other scripting language
• Multi-cloud experience (GCP, Azure) is advantageous

WHY YOU SHOULD APPLY NOW

Our culture rewards ownership, excellence, and high energy. We care deeply about outcomes and hold each other accountable - we’re here to win and fix one of the largest challenges Europeans face - closing the pension gap and democratizing wealth. If this gets you fired up, reach out!