Senior Security Engineer

Our client is a US enterprise AI startup.

They are looking for a highly skilled Senior Security Engineer to join their Product Security team in Barcelona (remote, full-time, permanent employment contract). You must be eligible to work in Spain / EU.

This role will focus on designing, implementing, and managing security solutions for their cloud-native platform on AWS. You will play a pivotal role in safeguarding our systems, ensuring compliance, and advancing our security posture.

• Cloud Infrastructure Security : Design, implement, and manage security controls for AWS infrastructure.
• Vulnerability Management : Perform vulnerability assessments and drive remediation efforts across cloud environments.
• Automation & Monitoring : Automate security monitoring and incident response processes using industry best practices and tools.
• Security Projects Leadership : Lead key initiatives and projects such as CNAPP selection and implementation, advanced threat detection, and custom security control development.
• Penetration Testing : Conduct and analyze penetration testing exercises to identify and mitigate potential risks.
• Compliance Support : Collaborate with compliance teams to ensure adherence to security standards like SOC 2 and ISO 27001.
• Risk Assessments : Conduct technical risk assessments for critical infrastructure components.
• Cross-Functional Collaboration : Work closely with DevOps, Infrastructure, and Application teams to embed security into the development lifecycle.
• Incident Response : Lead investigations into advanced persistent threats (APTs) and other sophisticated security incidents. If you’re looking for a real challenge in terms of mission-criticality, multi-geographic region deployments, diversity of managed services, and the chance to be a part of an impactful team working with cutting-edge cloud technologies and more, then this might be the position for you!

Requirements

• Education : Bachelor's degree in a related technical field. A Master's degree is advantageous.
• Certifications : ○ Essential : AWS Security Specialty, GIAC (e.g., GSEC)

Preferred : CISSP, OSCP, GPEN, GCIH

• Years of Experience : 5-8 years in cybersecurity, focusing on cloud infrastructure security.
• Deep expertise in AWS security services (e.g., EKS, IAM, KMS, GuardDuty, Config, Amazon Linux).
• Proficient in scripting and automation (e.g., Python, Bash).
• Hands-on experience with security tools like SIEM, IDS / IPS, and vulnerability scanners.
• Advanced knowledge of penetration testing tools and methodologies (e.g., Metasploit, Burp Suite).
• Expertise in network security, encryption standards, and IAM technologies.
• Familiarity with compliance frameworks (e.g., SOC 2, ISO 27001).
• Experience with security automation in DevSecOps environments.
• Strong documentation and communication skills.