Senior Product Security Engineer (d/f/m)

Berlin - Tech Foundation

Our story:

Every year millions of people are either filing their taxes in fear or giving up on their tax refund altogether. We're working on fixing that. Our intuitive app enables anyone, regardless of education or background, to file their taxes with newfound confidence.

Spread across Berlin and Madrid, Team Taxfix is a compassionate group of solution-finders. We speak our minds openly, and with 500+ professionals from 60+ different nationalities, we're rich in ideas and voices. In five years, we've raised over 300 million euros in funding and helped people reclaim more than one billion euros.


Your challenge: 

You will be part of a talented multidisciplinary product team working with the latest technologies. You will own the security part of our product, and be responsible for underlying security infrastructure and culture.


Your responsibilities:

  • Help engineering teams build secure products & services from the ground up.
  • Perform application security design reviews, threat modelling and code reviews.
  • Conduct security testing on our internal and external applications and services.
  • Educate & train engineering teams to create a security conscious engineering organization.
  • Coordinate with group of product engineers (Security Champions) on the execution of security initiatives on the product.
  • Build new tools and processes with security industry best practices.
  • Support and manage end-to-end security lifecycle of our applications.


Your profile:

  • Deep technical knowledge in web application security & mobile security, 5+ years experience.
  • Strong understanding of security architecture review, threat modelling, code review & penetration testing.
  • Aptness to find flaws in the software before it reaches production.
  • Solid foundation of core information security principles and concepts including cryptography.
  • Experience in software engineering and comfortable building automation tools.
  • Solid understanding of cloud native technologies.
  • Good understanding of cloud environments (ideally GCP).
  • A genuine interest and passion for Security who loves taking initiatives.
  • Previous experience working in a DevSecOps environment in a product company.


Why Taxfix? 

  • A chance to do meaningful, people-centric work with an international team of passionate professionals.
  • Holistic wellbeing with free mental health coaching sessions, yoga, and a discounted membership to Urban Sports Club.
  • A monthly allowance to spend on home support services, including childcare, housekeeping, pet sitting, tutoring, and elderly care.
  • Employee stock options for all employees—because everyone deserves to benefit from the success they help to create.
  • Dedicated relocation and visa support for those that need it.
  • 30 annual vacation days and flexible working hours.
  • Work from abroad for up to six weeks every year. Just align with your team, and then enjoy your trip.
  • Plenty of opportunities to socialise as a team. In addition to internal tech meetups, our international team hosts regular get-togethers—virtually and in person when possible.


Excited? So are we. Learn more about Team Taxfix on our blog and get a glimpse of our culture below:


At Taxfix, we believe that incredible things happen when you have a wealth of perspectives and experiences. We're proudly committed to equal employment and development opportunities no matter your gender, race, religion, age, sexual orientation, colour, disability, or place of origin. To help mitigate any potential unconscious biases, we ask that you refrain from including your picture, age, or marital status on your CV. Let your experiences speak for themselves.

Not sure if you meet all the requirements for this role? Please apply anyways. You might bring something special to the team that we hadn't previously considered.