Job Description

About the Company

Affinidi is a technology company dedicated to changing data ownership for good. We empower businesses and individuals with control and ownership of their data, with a comprehensive approach to managing their holistic identity – accounting for all aspects of their digital footprint while ensuring privacy and security.

Affinidi’s technology enables users to benefit from decentralised digital identity solutions. We believe that everyone has the right to own and control their data, and we are committed to creating a trusted digital credentials ecosystem that empowers businesses and individuals to securely exchange data and services across borders and industries.

Build security into the DNA of a privacyfirst technology company.

Affinidi is building the infrastructure for the next generation of digital identity and AI Trust Frameworks. We enable individuals and organisations to own, control, and share verifiable data and ensure Agentic solutions can be trusted. Our technology sits at the intersection of decentralised identity, cryptography, and AI. Security isn't a support function here; it is a core product value.

We are looking for a Manager, Security Engineering to lead our Application, Platform, and Offensive Security functions. If you want to own a broad, meaningful security remit at a company where what you build genuinely matters to people's digital lives, then this is the role for you.

What You'll Own

Product & Application Security You'll embed security engineers within Engineering teams operating a shift-left model, reviewing architecture, building threat models, integrating security controls into CI/CD pipelines, and driving vulnerability management to ensure releases are never blocked by avoidable risk.

Platform Security (AWS) Working closely with Platform Engineering, your team will enforce least-privilege IAM, network security, secrets management, and infrastructure hardening across our AWS environment by triaging, classifying, and remediating risks with speed and precision.

Offensive Security You'll run repeatable cycles of penetration testing and red-team cyber exercises for production services, using both internal capability and external partners. Your team will leverage AI tooling for threat modelling, attack surface monitoring, and adversarial simulation.

Team Leadership You'll lead a diverse team of security professionals through mentoring individuals, setting SMART objectives, and building a culture of experimentation, reflection, and continuous improvement. You'll also contribute to the broader Security and Technology Operations leadership group.

Security Strategy & Governance As a member of our Information Security Management Systems (ISMS) Committee, you'll contribute to our ISO27001 programme, drive security maturity initiatives, and ensure compliance with GDPR, DPDPA, and PDPA requirements within your scope.

What Makes This Role Interesting

• AI meets security - You'll develop strategies to exploit AI for security operations and defend against AI-driven threats. LLM risk, AI red-teaming, and adversarial simulation are active parts of your brief.
• Real cryptographic depth - Affinidi's stack includes applied cryptography and distributed identity infrastructure. This is not commodity security work.
• Cross-functional influence - You'll work across Engineering, Platform, Legal, and Governance, building partnerships that accelerate delivery while keeping security first.
• Ownership with support - You'll have strategic input, budget accountability for tooling, and direct access to the Director of Security and Technology Operations.

What We're Looking For

Experience

• 12+ years in technical security roles spanning application security, infrastructure/platform security, and offensive security
• Proven experience leading and growing security engineering teams
• Hands-on background in secure architecture, threat modelling, and SDLC security integration
• Experience operating in AWS environments with distributed systems and microservices
• Familiarity with AI security risks and tooling (OWASP LLM Top 10, security-focused AI tools)
• Strong cryptography knowledge; applied cryptography experience is a strong advantage

Frameworks & Standards

• ISO27001, NIST CSF, OWASP - implementation or management experience required
• Regulatory data privacy frameworks (GDPR, DPDPA, PDPA) - working knowledge

Tooling Familiarity AWS Platform, WIZ · CrowdStrike · Snyk · Burp Suite · AWS Security · GitLab and GitHub · Rust · TypeScript/Node.js, Flutter/Dart, CoPilot, and mainstream LLM’s, Microsoft Enterprise tools.

You as a leader and operator

• You communicate complex security concepts clearly across all levels of seniority
• You make fast, well-reasoned decisions with imperfect information
• You build win-win partnerships and influence without authority
• You hold people to high standards while supporting their growth
• A degree in IT or a related field, or equivalent experience

Why Affinidi

• Work on technology that is redefining how identity and data work on the internet
• Join a globally distributed, senior engineering culture with genuine ownership
• Hybrid working from Berlin with a strong async-first collaboration model
• Competitive compensation and equity participation
• A security team that is genuinely valued, not an afterthought

Equal Opportunity

We believe in hiring different and diverse talent and providing a safe space where everyone can share their views without fear, where differences are celebrated, and where no one is left out. Inclusive cultures are the foundation for collaboration and innovation within our team.

Privacy Notice

By applying for this position, you confirm that you have read and understood Affinidi’s Candidate Privacy Policy, and consent to the collection, use, and disclosure of your personal data for recruitment purposes, as described in the policy