IT Security Engineer (f/m/d) in the Tech and Data Team


Here's the deal

We are the Tech & Data team, consisting of system operators and software engineers, working in an agile environment. We are supported by coaches, product owners and project managers., the world’s biggest retailer of musical instruments and equipment is growing and evolving. And to put this growth on a solid foundation we need you, an IT Security Engineer (f/m/d).

Who we are

For the current opening, you'll be embarking on an exciting journey as the pioneer in building our Security Unit. While you won't have an existing team, you'll have the full support of our Director Technology, Daniel, and our entire Tech Leadership Team. Together, we'll work to shape the future of our security initiatives, ensuring the safety and integrity of our systems and data.

Join us in this incredible endeavor to enhance security and safeguard our digital realm. Your role will be pivotal in fortifying our digital landscape, and we can't wait to welcome you aboard.

Let's build a secure future together!💪

Who will you work with?

  • Operations
  • Engineering
  • Product Owners
  • Leadership
  • Compliance / Data Protection Office
  • System Architects
  • ...

Here’s what you’ll be doing

  • Spearhead the development and implementation of security standards at Thomann(.io).

  • Your role includes aligning our security strategy with the broader technology strategy.

  • Provide unwavering support and guidance to our teams, offering expert insights on security matters as they navigate their projects.

  • You're vigilant in analyzing and monitoring potential security threats, ensuring that our digital realm remains protected and resilient.

  • Your commitment to security is unwavering. You diligently oversee adherence to best security practices.

  • Your goal is to heighten threat awareness across all departments, fostering shared vigilance.

  • Orchestrate and conduct security audits, meticulously organizing assessments to safeguard our digital infrastructure.

What you should bring to the table

  • Minimum of 5 years in Information Technology experience, with at least 2 years in a cybersecurity role.

  • Knowledge of internet security issues and threat landscape.

  • Solid problem-solving skills with the capacity to identify and analyze security vulnerabilities.

  • Good knowledge of running automated security tests and the toolchain to do so.

  • Basic knowledge of Kubernetes, GCP, and a language like PHP, Python, or Go are a plus.

  • Relevant professional certifications (like CISSP, GSEC, etc.) are a plus.

  • You are fluent in German (B2) and English (C1).

Our Tech Stack

  • Shop-Backend: We have migrated to PHP 7.4 and are already looking forward to PHP 8. We take full responsibility for our framework and adhere to established standards (e.g. PSR) during development.

  • Frontend: We use React on the client side and Twig on the server side. We use "LESS" as a CSS preprocessor.

  • We build and transpile everything our frontend needs using Webpack and Babel.

  • With Docker and Openshift, we are on our way to a container future, making the port of Hamburg look weak.

  • We are currently working on moving our infrastructure to space, or at least to the cloud (GCP)

  • MySQL, Memcached & Solr provide our customers with reliable and fast data.

What we have to offer

  • Flexible working hours and location, with the option to go into the office (fully-remote possible)

  • 13th salary in November

  • Further training opportunities with clear development paths for your career

  • employee discount

  • Personal work equipment according to your wishes and regarding your role

  • Regular team events

  • English or German language courses

  • 1:1 sessions with an external coach, for professional development

  • Urban Sports Club discount

  • and more! Check out our Handbook

We value inclusion and diversity

We pride ourselves on being an inclusive employer that creates a welcoming atmosphere, and value diversity in our teams. We do not make judgements based on ethnicity, nationality, age, marital status, gender identity, sexual orientation, disability status, or religion.

Want to start immediately

Our application process

1. Getting to know you

30 minutes
you & recruiting

The first interview with one of our talent acquisition managers helps both of us to see if our ideas and values match.

2. Technical interview

60 minutes
you & specialists

You'll get to know a part of our team and get a chance to score with technical knowledge. In addition, you can ask anything you want to know.

3. Tryout task & debriefing

60 minutes
you & specialists

You'll receive a task that would fit your new role. You'll be asked to prepare the task either at home or live with some of our team members. Afterwards, there will be a debriefing with team members from your future department.

4. Leadership interview

60 minutes
remote or in office
you & leadership

Last, you'll get to know some team members of our leadership community. If this is a fit, too, you'll receive an offer from us.

We might adjust the process for some positions. This means you might get to know some more team members or get a more detailed chance to see your new role in action.

Got any of dem benefits?

A job you can grow old with
Each team uses state-of-the-art tech and tool stacks
Regular team events
The equipment you want
Remote-first team setup
Thomann employee discount
Time and budget for professional development
Projects that really (we swear!) will go live
A passionate industry with thankful customers
Flexible working hours
An onboarding buddy so you’re never alone
English and German classes
Systemic coaching
Company pension scheme
Public transportation allowance for office contracts
Discounted Urban Sports Club membership

Our offices

Remote. Distributed. Together.

Work from home or any of our offices. Our team is 100% remote and will stay this way. You need a stable internet connection and your laptop. Currently our way of work supports the EU.


Our Thomann headquarters. Just a few minutes’ drive outside of Bamberg. Come by to visit our shop or meet with colleagues outside of tech & data.


Our office in the heart of Berlin. Easily reachable at Rosenthaler Platz. Perfect for workshops and team building.


Our office in Nuremberg's metropolitan area. Just a few minutes by foot from Erlangen station. Nice, quiet location to do some deep work.

Our Blog

Apr 25, 2023 - Sascha Steinbrink

Be part of the tool gang

We are the Swiss Army Knife of, but the fun version of it! #s.toolgang

Feb 1, 2023 - Jöran Eitel & Dominic Burucker

10 years of Thomann in Berlin

It’s hard to believe, but we are celebrating our tenth anniversary. How does that feel?

Dec 19, 2022 - Basal John

Quality Engineering or Die Trying

Transforming software development through innovative quality assurance techniques

Nov 10, 2022 - Markus Melber

The right amount of spice makes our solutions tasty

The right amount of spice makes our solutions tasty

Sep 21, 2022 - Frederik Heins

Team Competency Matrix

Finding your next team member by mapping your team’s skills and visualizing what is currently lacking.

Jul 13, 2022 - Oliver Dolgener

Are you Appic enough to join us?

Developing the most appic Thomann App while hunting for 5-star reviews and perfect burndown charts!

Jun 30, 2022 - Heiko Terfloth

A day at the BK-nusprig drive-in

Bad jokes, burgers, and developers... Did someone call us?

May 13, 2022 - Ralph Cibis goes Cyberpunk

We went fully cyberpunk! Our branding community's last side and heart project.

Jan 3, 2022 - David Beuchert

DIY software: Why it's the one and only way to do it and everyone else is wrong

My provoking approach wooing for more in-house development.

Dec 8, 2021 - Nadine

Going fully responsive

Why we redesigned our shop - and why purple's the new blue.

Oct 18, 2021 - Julia Manger

Open Space 2021

Summer 2021 - Home office, lockdown, a fourth wave and: huh?! An Open Space!

Aug 6, 2021 - Stefan Stammler

Bits, Beats, Ops-Team

Someone needs to bring our shop online. This is our mission.

Jul 7, 2021 - Ralph Cibis

Hello, Webteam

We are the Thomann Web Team. We create and the Thomann App.

Jan 27, 2021 - Nadine

What Kan Kanban do

The idea behind moving cards - with a crispy epilogue.

Sep 7, 2020 - Francesco

Guitars to Oslo or: The Art of Offering the Right Shipping Methods

Our developer Francesco provides you with behind the scenes insights

Jul 14, 2020 - Thomas Tischner

How Thomann is mastering the move to Kubernetes

Our Sysadmin Thomas tells you from his day-to-day work

Nov 4, 2019 - Domi

Thomann Dev Camp 2k19

This year under the Slogan "ready for our collective take-off".

Severe case of I-wanna-work-with-you?

...or any questions for us? Give Anne a call!

Welcome to Treppendorf, welcome to Thomann Music

We're inspiring and enabling people to speak music, everywhere. 24/7.