Security Engineer - DevSecOps & SDLC Security (f/m/d)

Join us. Let’s care for tomorrow.

At Allianz Global Investors we foster a culture of professionalism, fulfilment, and an inclusive working environment. Do you want to be part of a leading active asset management company? Then join us now!

This position is part of AllianzGI’s Development, Test & Transformation (DTT) team, which leads the delivery of secure, resilient, and scalable technology across a global hybrid cloud environment. The role centers on integrating security throughout the software development lifecycle (SDLC), cloud‑native infrastructure, and automation platforms. Core responsibilities include implementing robust technical controls, evaluating and integrating security tools into developer workflows, advising engineering teams and security champions, and ensuring alignment with regulatory and internal compliance frameworks. The position places strong emphasis on infrastructure‑as‑code practices and AI‑driven enhancements to developer experience, while also playing a key role in audit preparedness and cross‑functional collaboration.

This role is based in our Frankfurt or Munich office.

• Implement and oversee security controls across SDLC and infrastructure layers
• Test‑drive and evaluate security tools for integration into CI/CD pipelines and developer workflows
• Advise development teams and security champions on the secure use of provided tools and platforms
• Define and enforce secure SDLC practices aligned with DORA, KAIT, BAIT, and AllianzGI’s internal frameworks
• Apply security best practices to cloud‑native infrastructure, with emphasis on Microsoft’s Well‑Architected Framework
• Secure and govern Infrastructure as Code (IaC) using Terraform Cloud, Bicep, and Ansible
• Implement policy‑as‑code using Open Policy Agent (OPA) across infrastructure and pipelines
• Automate security controls, evidence generation, and release promotion workflows
• Champion security‑by‑design principles across architecture, development, and operations
• Collaborate with governance, application, and infrastructure teams to map technologies to compliance controls
• Contribute to the Security Champion Community of Practice (CoP)
• Apply CIS Benchmarks to harden systems and validate configurations
• Support compliance dashboards and DORA metrics implementation inour IDP
• Optionally contribute to areas such as Kubernetes, Azure role assignments, VM usage, and private endpoint architecture
• Serve as a sparring partner for internal and external auditors, working closely with internal process and application owners to ensure alignment of technical controls with audit and compliance expectations

• 5+ years of experience in SDLC security, application security, or DevSecOps
• Hands‑on experience with CI/CD pipelines, GitHub, and JFrog
• Strong knowledge of Terraform Cloud, Bicep, Ansible, and cloud security principles
• Familiarity with Open Policy Agent (OPA), Microsoft’s Well‑Architected Framework, and CIS Benchmarks
• Experience with security testing tools and vulnerability management
• Proven ability to operate effectively in regulated environments (DORA, KAIT, BAIT)
• Excellent communication skills across technical and business stakeholders
• Fluent in English; additional languages are a plus.

• Degree in Information Technology or a related field
• Certifications such as CSSLP, GCSA, AZ‑500, CISSP, CISM, or CISA
• Experience with internal developer platforms (IDPs) and platform engineering
• Exposure to Agile environments and enterprise transformation programs
• Familiarity with AI‑enhanced developer workflows and their security implications

• We empower our employees by ensuring flexible work arrangements that maintain a balance between performance, productivity, career development and personal priorities (e.g., hybrid model/ flexible working hours)
• Securing your future: Access to company pension/savings plans
• Shared success: Company share purchasing plan
• Support for what matters: Mental health and wellbeing programs
• Investments in your career: Career opportunities within the entire Allianz Group
• Investments in your skills: Comprehensive learning and development offerings, including certifications and professional qualifications
• … and so much more!

Allianz Global Investors is a leading global active asset manager.

We invest for the long term and want to create value for clients every step of the way. We do this by being active – in how we partner with clients and anticipate their needs, and build solutions based on capabilities across public and private markets. Our focus on enhancing our clients’ assets leads naturally to a commitment to sustainability for positive change. Our goal is to enhance the investment experience for clients, whatever their location or goals.

Putting our clients' needs first, behaving in a transparent way and treating people fairly means acting with integrity. We encourage a collegial culture, that supports individual responsibility. We invest in the development of our employees to maximize the power of innovation.

We at Allianz believe in a diverse and inclusive workforce, we are committed to the principles of Equal Employment Opportunity and to helping applicants with any disabilities. We encourage you to bring your whole self to work, no matter where you are from, what you look like, who you love or what you believe in. We therefore welcome applications regardless of ethnicity or cultural background, age, gender, nationality, religion, disability or sexual orientation. Great to have you on board.

Simply upload your CV in English to apply for this position! If you need support to navigate our websites or at any stage during your application, please send an email with your request to recruiting@allianzgi.com

71004 | IT & Tech Engineering | Professional | n.a. | Allianz Global Investors | Full-Time | Permanent