
YPOG · Berlin
WILLKOMMEN BEI YPOG Bei YPOG bist du Teil eines Teams, das dir Raum gibt, um zu wachsen. Und um anderen beim Wachsen zu helfen. Fachlich und auch menschlich. I...
Bei YPOG bist du Teil eines Teams, das dir Raum gibt, um zu wachsen. Und um anderen beim Wachsen zu helfen. Fachlich und auch
menschlich. Im Bereich Venture Capital/M&A/Corporate wirst du als Rechtsanwält:in auf höchstem Niveau Teil einer jungen,
unkonventionellen Law Firm. Du arbeitest mit ausgewiesenen Expert:innen auf ihrem jeweiligen Gebiet interdisziplinär zusammen und
baust enge und langfristige Beziehungen mit spannenden Mandant:innen (VC-Fonds, Start-ups, Corporates) auf – und gehörst bald
selbst zu den anerkannten Expert:innen auf deinem Gebiet.
Wir bleiben nicht stehen, wir entwickeln uns ständig weiter und erschließen uns neue Geschäftsfelder. Und wir glauben fest daran,
dass wir nur als Team erfolgreich sein können und alle ihren Teil dazu beitragen. Deshalb gibt es bei uns keine verschlossenen
Türen. Aktives Mentoring und Ausbildung der jüngeren Kolleg:innen sowie engmaschiger Austausch zwischen Teams, Standorten und
Disziplinen sind für uns selbstverständlich. Unser Team in Berlin braucht Verstärkung. Du möchtest mit uns gemeinsam die
YPOG-Corporate-Praxis gestalten, von Beginn an Verantwortung übernehmen und Mandant:innen als persönliche:r Ansprechpartner:in auf
Augenhöhe zur Verfügung stehen? Join us!
Transaktionen, Wandeldarlehensverträge etc.)
Schlüsseltechnologien wie FinTech, AI, Mobility, Energy, Circular Economy und Resilience
Arbeiten.
oder digitale Recherchetools. Deine Affinität oder Vorerfahrung in diesem Bereich ist ein großer Pluspunkt. Lass uns das
gemeinsam weiterentwickeln.
Flexibel arbeiten
Modern arbeiten
Wachsen + Weiterkommen
und AI-Themen. Ergänzt durch unsere Zusammenarbeit mit dem Bucerius Center on the Legal Profession und der Bucerius Executive
Faculty
Miteinander
Gesund bleiben
Gut unterwegs
Fragen? Gern! Du erreichst das People + Culture Team unter karriere@ypog.law.
Sonata One is a rapidly scaling, regulated fund services and technology (fintech) business. We're The Private Funds Clearinghouse, connecting more than 53,000 investors with 6,500 funds and 180 fund managers around the globe. Our vision is to change the paradigm of private markets investing through harmonising the end-to-end investment process within one platform. Investors benefit from a seamless, one & done experience across the fund lifecycle (from fund selection and subscription through to settlement and reporting) underpinned by a globally compliant KYC passport and 24/5 support. Fund managers can raise capital faster at a lower cost from a wider pool of pre-approved investors. Founded in 2015, Sonata One has a presence in eight locations worldwide including the US, UK and Luxembourg, Guernsey, South Africa and Mauritius. Role Overview: Sonata One is seeking an experienced Cloud & Microsoft 365 Engineer to own the design, implementation, and ongoing operation of our Microsoft cloud estate. You will act as a senior technical owner across identity, endpoint management, collaboration, data governance, security operations, and automation—ensuring our M365 environment is secure, compliant, scalable, and aligned with business outcomes. This is a hands-on engineering role with significant architectural influence: you will translate security and governance requirements (including SOC 2, ISO 27001, and NIST-aligned controls) into practical configurations, automation, and operational processes. You will partner with business stakeholders, IT operations, and external vendors to deliver reliable services, lead complex initiatives, and drive continuous improvement across the Microsoft stack. Key Responsibilities: IT service Management, project delivery & end user support * Operate within ITIL-aligned practices: incidents, changes, problems, and service requests with clear SLAs and communication. * Plan and lead M365 projects using structured project management (scope, timeline, risk, stakeholder management). * Coordinate cross-functional delivery (security, infrastructure, applications, vendors) to meet business deadlines and quality standards. * Act is primary escalation contact for 2nd & 3rd level end user support issues. Microsoft Intune & mobile device management (MDM/MAM) * Lead the design, implementation, and lifecycle management of Microsoft Intune for enterprise mobile device and application management. * Configure and manage mobile application deployment, updates, and retirement within Microsoft 365. * Implement Conditional Access, security baselines, compliance policies, and data protection controls for mobile devices and managed applications. * Oversee MDM and MAM across supported mobile platforms (e.g. iOS, Android, Windows). * Automate enrolment, compliance remediation, and operational workflows; drive measurable efficiency and reliability improvements. * Ensure all devices accessing Sonata One resources meet defined security and governance standards. Microsoft Entra ID (Azure AD) & identity platform * Architect and implement identity and access management (IAM) solutions using Microsoft Entra ID. * Design and deploy secure authentication including MFA, SSO, and modern auth patterns for cloud and integrated applications. * Integrate third-party SaaS and line-of-business applications while maintaining least-privilege and strong security posture. * Provide expert guidance on identity governance, privileged access, and Entra best practices. * Automate identity-related operations (group management, licensing workflows, lifecycle tasks) where appropriate. * Support SOC 2 control activities through documented processes and regular user access reviews. Identity lifecycle management (ILM) * Own the identity lifecycle: joiner/mover/leaver, role-based access control (RBAC), and federation where applicable. * Design, configure, and automate identity governance workflows to meet internal policy and regulatory expectations. * Implement self-service identity and password management capabilities aligned with security policy. * Drive adoption and maturation of the Microsoft Identity Governance capabilities (e.g. access reviews, entitlement management, lifecycle workflows). * Conduct periodic access certifications with business owners in line with SOC 2 and Sonata One access control policies. Microsoft Purview & data lifecycle management * Lead administration and support of Microsoft Purview for classification, labeling, data governance, and compliance reporting. * Implement and automate retention, deletion, and archival policies across M365 workloads. * Design data protection strategies aligned with GDPR, POPIA, and organisational data handling requirements. * Ensure effective protection through retention labels, DLP, encryption, and integration with backup/archival strategy where required. * Partner with legal, risk, and business teams on data handling, eDiscovery, and audit readiness. Microsoft Sentinel (SIEM) * Implement and operate Microsoft Sentinel for centralised logging, detection, and security analytics. * Configure analytics rules, workbooks, automation rules/playbooks, and integrations for threat detection and incident response. * Tune detections to reduce false positives; improve mean time to detect/respond through automation and operational discipline. * Support security operations with reporting, KPIs, and continuous optimisation of use cases. Microsoft Defender suite (Endpoint, Office 365, Identity & vulnerability management) * Lead configuration and operation of Defender for Endpoint, Defender for Office 365, and Defender for Identity (and related XDR capabilities as adopted). * Architect vulnerability and exposure management: baselines, patching posture, configuration hardening, and endpoint protection standards. * Integrate Defender signals with Sentinel and broader security tooling for cohesive detection and response. * Proactively manage security incidents and alerts; drive improvements to reduce risk and operational friction. * Monitor endpoint and workload health to maintain current patch/vulnerability posture across the estate. SharePoint administration, design & Power Platform * Design, implement, and administer SharePoint Online (sites, hubs, permissions, information architecture) for performance, security, and usability. * Lead development of Power Apps and Power Automate solutions that automate business processes and integrate with M365 and line-of-business systems. * Establish and enforce SharePoint and Power Platform governance (DLP, environment strategy, solution lifecycle, ALM where applicable). * Support document management, collaboration patterns, and migration/onboarding activities as required. Power BI * Architect and deliver Power BI solutions (datasets, reports, dashboards) that support data-driven decision-making. * Integrate data from multiple sources; implement refresh, gateway, and workspace patterns that scale securely. * Enforce Power BI governance: workspace access, sensitivity labels, row-level security, and compliance with data policies. Microsoft Teams * Design and manage Teams environments, policies, and templates for effective collaboration. * Optimise Teams integration with SharePoint, OneDrive, Planner, and Power Platform. * Implement Teams governance and compliance (meeting policies, guest access, retention, eDiscovery alignment). Cybersecurity frameworks & compliance * Apply knowledge of SOC 2, ISO 27001, and NIST (and related control frameworks) to M365 design and operations. * Implement and evidence security controls, risk treatments, and audit-ready documentation. * Ensure incident management, data protection, and access management requirements are met across M365 services. * Facilitate regular access reviews with business partners per Sonata One Access Control and Data Management policies. Automation, scripting & infrastructure as code * Develop automation using PowerShell, Microsoft Graph, Bicep/ARM, and other IaC or API-driven tooling as appropriate. * Build repeatable deployment pipelines and configuration patterns to reduce manual effort and configuration drift. * Deliver low-code/no-code automation on Power Platform where it improves time-to-value for the business. Qualifications & Experience: Required: * 5+ years in IT with 3+ years focused on Microsoft 365 / Azure identity and security (mid-level); 7+ years with substantial ownership of M365 architecture and operations (senior level). * Demonstrable hands-on experience with Entra ID, Intune, Defender, Purview, SharePoint Online, Teams, and Power Platform (Power Apps / Power Automate). * Practical experience implementing Conditional Access, MFA/SSO, compliance policies, and MDM/MAM. * Experience with SIEM/SOC workflows; Microsoft Sentinel strongly preferred. * Strong PowerShell skills and familiarity with Graph API, automation, and IaC concepts (Bicep/Terraform a plus). * Understanding of SOC 2, ISO 27001, or NIST control implementation in cloud/SaaS environments. * Experience supporting access reviews, audit evidence, and identity governance processes. * Relevant Microsoft certifications (e.g. SC-200, SC-300, MS-102, AZ-104, MS-700) or equivalent demonstrated expertise. * Matric plus tertiary qualification in IT, computer science, or related field (or equivalent experience). * Eligibility to work in South Africa; valid driver’s licence if on-site travel is required. Preferred: * Experience with Microsoft Identity Governance (Entitlement Management, Access Reviews, Lifecycle Workflows). * Power BI development and enterprise governance (Premium/Fabric awareness). * POPIA and GDPR data protection programme delivery in Microsoft 365. * ITIL Foundation or practical ITSM tool experience (ServiceNow, Halo, etc.). * Project management certification (PMI, PRINCE2) or proven delivery of multi-workstream programmes. * Experience in professional services, financial services, or regulated industries. Certifications: * Microsoft Certified: Azure Solutions Architect Expert. * Microsoft Certified: Security, Compliance, and Identity Fundamentals. * Microsoft Certified: Microsoft 365 Certified: Enterprise Administrator Expert (or equivalent). * ITIL Certification (latest version). * Certified Information Systems Security Professional (CISSP) or equivalent is a plus.
INTRO At Adsquare, our mission is driven by our core focus: * Passion – Solving complex challenges with great people, tech, and data. * Niche – Location Intelligence for Programmatic Advertisers. Our core values are integral to everything we do: * Drive: We turn ambition into action to deliver valuable outcomes. * Resilience: We adapt, persevere, and grow stronger. * No BS: We value honesty, transparency, and clear communication. * Humble: We choose modesty over vanity and let results speak for themselves. * Moral Compass: We do the right thing with fairness, integrity, and respect. We seek candidates who not only bring top-tier technical expertise but also embody these values in every aspect of their work. ABOUT THE TEAM As a (Senior) Data Engineer at Adsquare, you will be a key contributor to our core engineering function, creating and maintaining scalable big data pipelines that power our applications and drive business value. Because our engineering department handles a variety of critical data challenges, you will be assigned to a specific cross-functional squad based on your individual strengths, experience, and current business needs. To give you an idea of the work, your daily mission might involve: * Data Ingestion & Products: Developing data solutions built on massive volumes of location signals, geospatial (places) data, and audience attribute data. * Data Integrations & Egress: Architecting privacy-first, massive-scale data egress solutions to ensure our datasets reach external partners reliably, securely, and efficiently. Regardless of the specific squad, you will work alongside a talented team of Data and Backend Engineers under the guidance of a Technical Team Lead, operating with a high degree of autonomy and a strong software engineering mindset. YOUR MISSION * Data Pipeline Ownership: Take full accountability for the pipeline lifecycle—from raw data ingestion to transformation and external delivery—according to defined SLAs, time, and budget. * Architect Scalable Solutions: Design and build robust data architectures required to process and transfer terabytes of data. * Pipeline Optimization: Continuously improve data pipelines for cost and performance. This includes analyzing query plans, optimizing compute and working memory, and strategically applying horizontal or vertical scaling. * Engineering Rigor: Elevate data engineering standards. Implement CI/CD workflows, infrastructure-as-code, test-driven development (TDD), and automated testing to ensure reliable and maintainable code. * Data Monitoring: Create and maintain live monitoring dashboards to ensure data solutions are healthy and to support strategic decision-making. * Collaboration & Mentorship: Bridge the gap between Data and Backend engineering. For Senior applicants, act as a technical leader by mentoring junior team members, conducting code reviews, and introducing best practices. YOUR PROFILE We are looking for a candidate with varying levels of experience (mid-level to senior, typically 3-6+ years) in Data Engineering or Backend Development with a heavy data focus. You must be comfortable working in a self-organized, agile environment. Must-Have Technical Skills: * Programming Mastery: Very strong proficiency in Python and SQL. You write modular, production-ready code and possess a solid understanding of both Functional Programming and Object-Oriented Programming (OOP) principles. * Big Data & PySpark: Deep experience with large-scale data processing frameworks, specifically Apache Spark / PySpark. You understand how to handle TB-scale datasets efficiently. Deep understanding of big data file formats like parquet and avro. Experience with open Lakehouse formats like Iceberg. * Advanced Optimization Skills: Proven experience in optimizing data pipelines for compute, working memory, and cost efficiency, including reading and analyzing complex query plans/profiles. * Database & Storage Architecture: Expertise in the trade-offs between OLAP and OLTP systems. You have built solutions using relational and non-relational (NoSQL) databases, and horizontally scalable data warehouses/lakehouses (e.g., Redshift, Snowflake, StarRocks). * Cloud Native (AWS): Experience architecting solutions within the AWS ecosystem (e.g., S3, Athena, Glue, EMR, Lambda, Batch). * Infrastructure & Orchestration: Production experience treating infrastructure as software using Terraform, alongside experience with orchestration tools like Airflow, dbt, or Step Functions. * Engineering Fundamentals: Solid grasp of computer science principles, data structures, algorithms, and git-flow/CI/CD pipelines. * AI tools: Good command of using AI tools (e.g. Claude Code, Kiro, Gemini Pro) to improve and refactor your code, increase your productivity and quality and performance of your code. NICE TO HAVE * Compiled Languages: Experience with a compiled or strongly typed language (e.g., Java, Scala, Go, Kotlin, C++, Cython). * Geospatial Data: Experience working with GIS (Geographic Information Systems) and geo-spatial datasets. * Data Formats: Expertise in optimizing file formats (Parquet, Avro, Iceberg) for performance. * Streaming Technologies: Familiarity with Kafka and Flink. * Backend Context: Experience working closely with Backend engineers or familiarity with Backend architectural patterns (microservices, API design). WHY US? * Hybrid work model * 30 vacation days * Learning budget * Regular team and company events * Latest hardware of your choice * Pet-friendly Berlin office RECRUITING PROCESS COULD REQUIRE ON SITE STEPS For technical roles (Data, Engineering, and Product), candidates are encouraged to upload any technical certifications referenced in their CV via the "Other Documents" section of the application form. Alternatively, certification documents may be submitted after the first technical interview. Any certifications listed on the CV must be provided and successfully validated before proceeding to the second technical interview stage. * Step 1: Short 30-min take-home technical quiz. * Step 2: Value-based interview (30 mins). * Step 3: Deep-dive technical interview (1.5 hours) with the Data team. * Step 4: Practical data-crunching challenge. * Step 5: Team Meet & Greet — the final step to ensure we’re a great fit for each other. WORK MODEL Hybrid in Berlin, Remote for B2B opportunity
ÜBER UNS The appliedAI Initiative elevates Europe’s industry to become shapers in the age of AI, creating a future that we desire to live in. Through our ecosystem of strong partners, comprehensive programs, services and solutions we advance companies holistically on their AI journey. With our uniquely diverse, interdisciplinary, and driven team, we build on deep technical expertise while specializing on applicability of the solutions. We share a mindset of collaboration and openness with our ecosystem of leading companies and tech players. Our common goal is to strengthen the European landscape, jointly creating unique knowledge for applying trustworthy AI. We believe that AI Agents will be the dominant topic for AI in the near future and that appliedAI with its partner ecosystem will impact how this technology is being used in industry and beyond in Europe. DEINE AUFGABEN You build the systems other engineers learn from. At appliedAI, we help Europe’s leading companies turn ambitious AI and digitalization strategies into production-grade software - and you take end-to-end ownership of that delivery for our most complex client engagements, while setting the engineering standard that elevates the entire Engineering team. Whether your depth comes from AI/ML systems, large-scale digitalization programs, or solution architecture for complex enterprise environments, you thrive on turning ambiguity into scalable, well-governed systems. Your tasks will include: * Architecting and implementing production-grade software and AI solutions for enterprise clients - spanning classical ML, GenAI applications, validated RAG, and agentic systems, alongside the broader digital and software architecture around them - with attention to security, scalability, hybrid/cloud deployments, and operational maturity * Defining and championing engineering excellence across the team: code quality, design reviews, evaluation harnesses, observability, security, and MLOps standards * Leading technical delivery from target architecture through production hardening and client handover, working closely with engagement leads on scope and value * Building reusable engineering accelerators - templates, libraries, and evaluation frameworks - that multiply the impact of the wider Engineering team * Mentoring mid-level and senior engineers, facilitating technical guilds, and driving a culture of shared knowledge and continuous improvement DEIN PROFIL * 10+ years of software engineering experience, including a strong track record at principal or lead level - as an AI/ML engineer, software architect, digitalization lead, or solution architect - with meaningful exposure to AI/ML systems in production or a demonstrated ability to grow quickly into that depth * Deep engineering foundation across distributed systems, APIs, data pipelines, cloud-native architecture (Azure, AWS, or GCP), containers, CI/CD, and MLOps * Strong command of Python and solid exposure to the modern AI stack - LangChain/LangGraph, vector stores, evaluation frameworks, or platforms such as Azure AI Foundry - or a proven ability to master this stack rapidly given your engineering depth * A demonstrable track record leading complex, end-to-end technical delivery in client-facing settings, at enterprise scale * Pragmatic and code-first in your approach; opinionated about quality, evaluation, security, and operational maturity * Fluent in both English and German DEINE VORTEILE * A highly qualified and motivated team of ~90 people is on a journey to change the rapidly evolving European AI Landscape * Experience the best of both worlds with our hybrid work model: You can choose to work from our vibrant offices - either at the IPAI in Heilbronn or the House of Communication in Munich - while also enjoying the flexibility to work remotely a few days each week * Opportunity to shape a variety of projects and the development of new, original content based on the latest developments in AI and its adoption in businesses * An atmosphere that encourages to think and experiment in new ways with software, hardware, and processes * A highly visible initiative that helps you build a large and high-level network of start-ups, partners, and tech companies * A flexible development budget that’s yours to shape - invest it in training, certifications, conferences, or new challenges, however you want to grow * Sports membership with Wellpass to access thousands of sports facilities all over Germany (and beyond), as well as online courses * JobRad: Lease a bike for a cheaper rate via JobRad and we cover the bike insurance on top * Sabbatical option: You can take a sabbatical of up to 3 months after min. 3 years of employment - because sometimes 30 vacation days are not enough to explore the beauty of this world * PME Familienservice: A 24/7 support for a successful work & life in any life situation. Benefit from free support in areas like life coaching, child care and many other options * Mobility budget: Every month we contribute to your individual mobility usage with public transport or shared mobility offers within the app Moovster * Workation: Work from anywhere in the EU/EWR area for up to 3 months per year - combining working at a nice place and spending your leisure time in the evening like vacation KONTAKT Lucas Fernandes - Senior Talent Acquisition Specialist appliedAI Initiative GmbH, August-Everding-Str. 25, 81671 München