Our client is a US enterprise AI startup.
They are looking for a highly skilled Senior Security Engineer to join their Product Security team in Barcelona (remote, full-time, permanent employment contract). You must be eligible to work in Spain/EU.
This role will focus on designing, implementing, and managing security solutions for their cloud-native platform on AWS. You will play a pivotal role in safeguarding our systems, ensuring compliance, and advancing our security posture.
● Cloud Infrastructure Security: Design, implement, and manage security controls for AWS infrastructure.
● Vulnerability Management: Perform vulnerability assessments and drive remediation efforts across cloud environments.
● Automation & Monitoring: Automate security monitoring and incident response processes using industry best practices and tools.
● Security Projects Leadership: Lead key initiatives and projects such as CNAPP selection and implementation, advanced threat detection, and custom security control development.
● Penetration Testing: Conduct and analyze penetration testing exercises to identify and mitigate potential risks.
● Compliance Support: Collaborate with compliance teams to ensure adherence to security standards like SOC 2 and ISO 27001.
● Risk Assessments: Conduct technical risk assessments for critical infrastructure components.
● Cross-Functional Collaboration: Work closely with DevOps, Infrastructure, and Application teams to embed security into the development lifecycle.
● Incident Response: Lead investigations into advanced persistent threats (APTs) and other sophisticated security incidents. If you’re looking for a real challenge in terms of mission-criticality, multi-geographic region deployments, diversity of managed services, and the chance to be a part of an impactful team working with cutting-edge cloud technologies and more, then this might be the position for you!
Requirements
● Education: Bachelor's degree in a related technical field. A Master's degree is advantageous.
● Certifications: ○ Essential: AWS Security Specialty, GIAC (e.g., GSEC)
○ Preferred: CISSP, OSCP, GPEN, GCIH
● Years of Experience: 5-8 years in cybersecurity, focusing on cloud infrastructure security.
● Deep expertise in AWS security services (e.g., EKS, IAM, KMS, GuardDuty, Config, Amazon Linux).
● Proficient in scripting and automation (e.g., Python, Bash).
● Hands-on experience with security tools like SIEM, IDS/IPS, and vulnerability scanners.
● Advanced knowledge of penetration testing tools and methodologies (e.g., Metasploit, Burp Suite).
● Expertise in network security, encryption standards, and IAM technologies.
● Familiarity with compliance frameworks (e.g., SOC 2, ISO 27001).
● Experience with security automation in DevSecOps environments.
● Strong documentation and communication skills.