Senior Security Engineer

Our client is a US enterprise AI startup.

They are looking for a highly skilled Senior Security Engineer to join their Product Security team in Barcelona (remote, full-time, permanent employment contract). You must be eligible to work in Spain/EU.

This role will focus on designing, implementing, and managing security solutions for their cloud-native platform on AWS. You will play a pivotal role in safeguarding our systems, ensuring compliance, and advancing our security posture.

● Cloud Infrastructure Security: Design, implement, and manage security controls for AWS infrastructure.

● Vulnerability Management: Perform vulnerability assessments and drive remediation efforts across cloud environments.

● Automation & Monitoring: Automate security monitoring and incident response processes using industry best practices and tools.

● Security Projects Leadership: Lead key initiatives and projects such as CNAPP selection and implementation, advanced threat detection, and custom security control development.

● Penetration Testing: Conduct and analyze penetration testing exercises to identify and mitigate potential risks.

● Compliance Support: Collaborate with compliance teams to ensure adherence to security standards like SOC 2 and ISO 27001.

● Risk Assessments: Conduct technical risk assessments for critical infrastructure components.

● Cross-Functional Collaboration: Work closely with DevOps, Infrastructure, and Application teams to embed security into the development lifecycle.

● Incident Response: Lead investigations into advanced persistent threats (APTs) and other sophisticated security incidents. If you’re looking for a real challenge in terms of mission-criticality, multi-geographic region deployments, diversity of managed services, and the chance to be a part of an impactful team working with cutting-edge cloud technologies and more, then this might be the position for you!

Requirements

● Education: Bachelor's degree in a related technical field. A Master's degree is advantageous.

● Certifications: ○ Essential: AWS Security Specialty, GIAC (e.g., GSEC)

○ Preferred: CISSP, OSCP, GPEN, GCIH

● Years of Experience: 5-8 years in cybersecurity, focusing on cloud infrastructure security.

● Deep expertise in AWS security services (e.g., EKS, IAM, KMS, GuardDuty, Config, Amazon Linux).

● Proficient in scripting and automation (e.g., Python, Bash).

● Hands-on experience with security tools like SIEM, IDS/IPS, and vulnerability scanners.

● Advanced knowledge of penetration testing tools and methodologies (e.g., Metasploit, Burp Suite).

● Expertise in network security, encryption standards, and IAM technologies.

● Familiarity with compliance frameworks (e.g., SOC 2, ISO 27001).

● Experience with security automation in DevSecOps environments.

● Strong documentation and communication skills.