Senior Security Engineer- Zalando Payments (all genders)

Job description

THE ROLE & THE TEAM: The Information Security team at Zalando Payments acts as the second line of defense, owning the Information Security Management System and providing independent oversight of security risks and controls. As a regulated e-money and payments institution, we operate under frameworks such as DORA, PCI DSS, GDPR, and BaFin expectations, ensuring security is embedded, measurable, and auditable. In this role, you will help define and maintain security policies, standards, and the ZPS Security Controls Framework, while independently verifying control design and effectiveness across cloud, infrastructure, and application domains. You will work closely with first line Engineering teams, while maintaining the independence required to challenge and strengthen the overall security posture. We are evolving towards a modern, scalable GRC model focused on automated evidence collection and continuous control monitoring. You will play a key role in driving this transformation, combining governance expertise with a technical mindset. You will also support internal and external audits, regulatory readiness, and management reporting, ensuring control effectiveness is demonstrated i...