Application Security Engineer (S-SDLC) - Cybersecurity (ODS)

Application Security Engineer (S-SDLC) - Cybersecurity (ODS)

Country: Spain

Open Digital Services is the software development company of Santander Group powering the next generation of banks by creating innovative banking products and implementing them in collaboration with Santander Group Affiliates.

Santander Group is one of the world's largest financial institutions and the Eurozone's leader, we're committed to being the best Digital Bank with Branches in the industry.

Our mission at ODS is to design and support an advanced digital and omnichannel platform, ensuring the best customer experience using cutting‑edge technology. Openbank, our flagship partner, is where we develop our most advanced concepts first. Be part of our Best‑in‑Class team and help us create unique value for our customers!

Join us to tackle exciting tech challenges in an agile environment, benefiting from learning, growth, and local and international career opportunities in a modern, diverse setting.

The Application Security Specialist ensures that products are secure from threats and vulnerabilities throughout their build lifecycle. This role focuses on Threat Modeling, Secure Software Development Life Cycle (SSDLC), and proper reporting.

The SSDLC program features the latest technologies in the pipeline developed in cloud environments. Your role will contribute to their evolution and you will be able to implement new ones, the main tasks will include:

• Maintain and evolve the secure software development life cycle (CI/CD)
• Develop new rules in the SAST tool
• Strengthen Threat Modeling and SSDLC capabilities using key market tools for our development teams.
• Collaborate in the creation of code security related automatisms (AWS Lamba, Python,…)
• Work directly with development teams to ensure the SSDLC process aligns with our workflows in an automated manner, making the secure path the easiest to adopt.
• Develop the "Security Champion" role within development teams to scale security practices to thousands of developers.

• Experience with SAST tools such as GHAS, Checkmarx, Fortify, Veracode,…
• Deep understanding of SSDLC
• Experience implementing CI/CD pipelines
• Knowledge of the threat modelling process, Github Actions, IaC, OWASP top 10, and AWS, including Lambda and CloudFormation.
• Excellent communication skills for interacting with development teams and stakeholders in English and Spanish.
• Organized and detail‑oriented approach to work.

• Joining a dynamic and agile company undergoing international expansion.
• Working in start‑up mode with the support of the Santander Group.
• Competitive remuneration and attractive benefits package.
• Possibility of growth within the company and the Group.
• Collaborating on international projects in different countries.
• Excellent work environment, social clubs and frequent events.

ODS is an equal opportunity employer. All applicants will be considered as equal without paying attention to gender identity, sexual orientation, ethnicity, religion, age, political orientation, union membership nor disability status.

We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify, and build.

The personal data you provide as well as any data generated during the selection process are confidential and will be processed by Open Bank, S.A./ Open Digital Services, S.L. with registered office at Plaza de Santa Bárbara 2, 28004 (Madrid), for the sole purpose of managing your participation in the selection processes and, where appropriate, to formalise your recruitment.

For further information about your rights and data protection, please read the ODS/Openbank Privacy Policy applicable to this type of data processing here.