Welcome to the team:
Senior Security Automation & Integration Engineer (m/f/diverse)

    Your tasks

    • Designing, building, and maintaining automation workflows and reusable integration components for cyber security operations;
    • Connecting security platforms, SIEM/SOAR, EDR/NDR, vulnerability management, and threat intelligence tools through stable data flows;
    • Improving operational efficiency by reducing manual effort and increasing the reliability of security processes;
    • Developing and maintaining REST API integrations, including authentication, authorization, pagination, rate limiting, and error handling;
    • Working with OAuth2, OpenID Connect, JWT, API keys, webhooks, SDKs, and common data formats such as JSON and XML;
    • Implementing data mapping, transformation, logging, and exception handling to ensure reliable integrations;
    • Using strong Python skills and practical experience with PowerShell, Bash, or other relevant programming languages;
    • Applying Git-based development practices, including version control, branching, pull requests, code reviews, and structured testing;
    • Applying secure, maintainable coding practices and supporting CI/CD pipelines where applicable;
    • Leveraging experience with cloud integrations, cloud logging, or IAM concepts in Azure, AWS, or GCP is beneficial;
    • Utilizing knowledge of dashboards, operational reporting, security metrics, or tools such as Power BI, Grafana, Kibana, or SIEM dashboards;
    • Applying familiarity with DevOps tools such as Docker, Kubernetes, Terraform, Ansible, Azure DevOps, GitHub Actions, or GitLab CI where relevant;
    • Collaborating with SOC Analysts, Security Architects, Platform Engineers, Infrastructure Teams, and Application Owners;
    • Supporting vendor evaluation, technical assessments, integration testing, and controlled rollout of new capabilities;
    • Applying detection engineering knowledge where automation workflows interact with SIEM or EDR content, while keeping the main focus on automation and integration.

    Your Profile

    • Successfully completed studies in cyber security, computer science, business informatics, software engineering or a comparable qualification.
    • Senior hands-on engineering profile with 5+ years of experience in security automation, security platform engineering, software development or API-based integration of cyber security products.
    • Strong Python skills and practical experience with scripting, REST APIs, secure API authentication, data transformation and integration of vendor SDKs or security tools.
    • Good understanding of Git-based development practices, maintainable code, testing, documentation and CI/CD concepts where applicable.
    • Experience with security platforms such as Microsoft Defender XDR, Microsoft Sentinel, Splunk, Elastic, CrowdStrike, Palo Alto Cortex, Tenable, Qualys or Rapid7 is beneficial, depending on the target environment.
    • Knowledge of cloud integration, operational reporting, DevOps tools or detection engineering concepts is helpful, but not the primary focus of the role.
    • Ability to collaborate with SOC Analysts, Security Architects, Platform Engineers, Infrastructure Teams and Application Owners when designing and improving automation solutions.
    • Strong analytical skills, ownership and the ability to communicate technical integration topics clearly to technical and non-technical stakeholders.
    • Good command of English in speaking and writing.

    In return, we offer:

    • Good work-life balance, including 25 days annual paid leave (increasing with 1 day per year up to 31 in total), flexible working hours, work-from-home and work from abroad opportunities;
    • Luxury package of additional health and dental insurance;
    • Food vouchers in the amount of EUR 80 monthly;
    • 6 additional annual days off for exceptional circumstances
    • Employee assistance program for psychological, financial and legal consultations;
    • Multisport card;
    • Annual contribution of EUR 153.39 net per child for a summer camp/school/kindergarten for children up to age of 15;
    • Possibilities for building career-advancing skills by covering training/certification courses and conferences based on individual learning and development needs, access to an online learning platform;
    • Opportunities for long-term professional development in a stable, 150-year-old company while contributing to the vision of a new, just starting Digital Technology Center;
    • Friendly and supportive multicultural environment, open to new opinions and ideas.

    Commerzbank is proud to be an equal opportunity employer, committed to creating a diverse environment. All qualified applicants will receive consideration for employment without regard to gender, race, color, national origin, religion, gender identity or expression, sexual orientation, genetics, disability, age, or any other characteristics.

    Our Benefits

    • Learning Platforms
    • Children Summer Camp Contribution
    • Employee assistance program
    • 6 Exceptional Days Off
    • Food vouchers
    • 25 up to 31 annual paid leave
    • Multisport Card
    • Health& Dental Insurance
    • Work-life balance
    • Work internationally

    Learning Platforms; Children Summer Camp Contribution; Employee assistance program; 6 Exceptional Days Off; Food vouchers; 25 up to 31 annual paid leave; Multisport Card; Health& Dental Insurance; Work-life balance; Work internationally

    The company

    Commerzbank is a leading international commercial bank with branches and offices in almost 50 countries. The world is changing, becoming digital, and so are we. We are leaving the traditional bank behind us and we are choosing to move forward as a digital enterprise.

    As part of this strategy, Commerzbank continues the expansion of its Digital Technology Center in Sofia, Bulgaria. We need motivated people who will join us on this journey, and we are looking for a Senior Security Automation & Integration Engineer in our Cyber Defense and Security Base Services team.

    Cluster Cyber Defense & Base services provides 1. LoD activities within the Commerzbank Cyber Security Origination. In addition, to these operational topics the cluster also develops and operates a variety of security tools which are used by the operational units SOC and Threat Intelligence.

    In the Cluster Organization, business analysts, engineers and product owners work together as a team. The agile methods support the team members in performing their functions by facilitating a rapid and flexible response to changing conditions and customer needs through an iterative approach and the continual development of new solutions resulting in better products, higher quality, and more efficient processes.

    The role focuses on developing and maintaining automation and integration solutions for cyber security operations. The engineer builds API-based integrations, reusable workflow components and reliable data flows between security platforms to improve operational efficiency, reduce manual effort and support scalable cyber defense processes.

    Contact

    Apply now with your up-to-date CV in English!

    Due to the high volume of applications, we contact only the candidates who best match the role requirements. If you do not hear from us within 14 days, please consider that we won't proceed with your application at this stage.