At Moss, we give finance professionals the power to automate their day-to-day and make forward-thinking decisions.

Our team and culture make us unique — we’re driven by impact and growth, where every one of us strives to learn and excel. Recognised by Sifted’s Rising 100 and LinkedIn's Top Startups, we’re here to help propel your career and together, make Moss a lasting success.

Our Information Security team is seeking a Senior Security Engineer (f/m/d) focused on Cloud Security and Security Operations. Your role will be instrumental in strengthening and scaling our cloud security architecture, detection capabilities, and incident response maturity across Moss’ infrastructure and SaaS ecosystem.

You will work in close partnership with our Staff Security Engineer for Product and Application Security, forming the senior technical security core at Moss. Together, you will ensure that cloud infrastructure, runtime detection, and product-layer security operate as a cohesive, high-signal security system.

Reporting to the Director of Information Security, you will take ownership of how Moss detects, prioritises, and responds to security risks across GCP, SaaS systems, and internal services.

Your responsibilities

You will act as the bridge between Security, Platform, and Engineering teams, owning the following areas:

Own and strengthen our Cloud Security posture

Design and continuously improve Moss’ security architecture in GCP, including IAM design, organisational policies, logging strategy, and network controls.

Own and evolve our Cloud Security Posture Management setup in Wiz, prioritising and driving remediation of misconfigurations, identity risks, vulnerabilities, and runtime threats.

Work closely with Platform Engineering to embed scalable and pragmatic security guardrails into our infrastructure.

Own and evolve our Security Operations capabilities

Own and continuously improve our Datadog Cloud SIEM.

Develop, tune, and maintain detection rules across cloud logs, identity systems, SaaS integrations, and security-relevant application logs. Improve signal quality by reducing noise and increasing risk-based, actionable alerting.

Drive the integration of critical systems into the SIEM as part of vendor onboarding and annual control reviews. Improve alert routing, triage workflows, and response coordination across Slack and Jira.

Lead detection engineering & monitoring strategy

Translate threat scenarios and real-world attack paths into effective detection coverage.

Continuously improve log ingestion strategies across GCP, Google Workspace, Wiz, Atlassian, Jumpcloud and other critical systems.

Identify visibility gaps and close them pragmatically. Define and track detection coverage and maturity improvements over time.

Lead security investigations and response enablement

Investigate complex cloud and SaaS security events and incidents.

Improve incident response playbooks, post-incident reviews, and learning loops. Contribute to reducing Mean Time to Detect (MTTD) and improving overall response effectiveness.

About you

• Proven experience (5+ years) in security engineering with deep hands-on expertise in cloud security and security operations.

• Strong practical experience securing GCP environments, including IAM, Cloud Audit Logs, organisational policies, and network architecture.

• Strong experience securing Kubernetes environments (RBAC, service accounts, Workload Identity, network policies, container risks).

• Experience building and operating SIEM platforms (Datadog preferred; Splunk, Elastic or similar acceptable). You have built and tuned detection rules, improved signal-to-noise ratio, and increased detection quality.

• Experience with Cloud Security Posture Management tools (Wiz preferred) and risk-based remediation workflows.

• Experience securing CI/CD pipelines (e.g. GitHub Actions), including identity federation and secret management.

• Strong understanding of cloud attack paths, identity risks, and modern infrastructure threats.

• Experience working in cloud-native, DevOps-driven environments.

• Fluent English language skills, verbal and written.

In addition, here are the skills and attributes we are looking for:

• Systems Thinker – You design security systems and detection strategies, not just isolated controls.

• Signal Optimiser – You care deeply about reducing noise and increasing meaningful coverage.

• Cloud-Native Security Engineer – You understand how modern GCP environments are built, operated, and attacked.

• Analytical Problem Solver – You break down complex security events into clear root causes and actionable remediation steps.

• Collaborative Team Player – You work closely with Platform, Engineering, and Compliance teams to raise the overall security bar.

• Results Oriented – You focus on measurable improvements in posture, detection maturity, and response effectiveness.

• Pragmatic Builder: You avoid overengineering. You implement solutions that scale with Moss’ growth and regulatory landscape.

About Moss

Moss is a SaaS scale-up founded in Berlin, with a team of 300+ people from 50+ nationalities in 5 offices across Europe. 

Our ambition is bold: to power every SMB’s spend across Europe - fully digital, AI-driven, and seamlessly integrated for complete control. To date, over 5000 businesses in Germany, Netherlands and the UK use Moss’ leading spend management product, with modules such as corporate cards, accounts payables, employee cash reimbursements and procurement.

Moss has raised a total of €180 million in funding and is backed by the most renowned tech investors including Valar Ventures, Tiger Global, Global Founders Capital, Cherry Ventures and A-Star.

Be part of a culture that thrives on impact and speed, where you can take bold moves, learn fast and accomplish more. We’re a place where you can fast track your career - here's what else to expect:

• Top-of-market compensation package, including equity. 

• Our vibrant offices are at the heart of our culture, where in-person time fuels collaboration and connection over weekly breakfasts and Friday demos.

• Additional benefits include: 20 days “work from abroad”, 600EUR/GBP Learning & Development Budget, and other local benefits.

Unless stated otherwise, benefits apply to full-time positions (interns and working students receive a tailored package).

By applying for the above position, you will confirm that you have reviewed and agreed to our Data Privacy Policy.