Senior Security Engineer

Workato transforms technology complexity into business opportunity. As the leader in enterprise orchestration, Workato helps businesses globally streamline operations by connecting data, processes, applications, and experiences. Its AI-powered platform enables teams to navigate complex workflows in real-time, driving efficiency and agility.

Trusted by a community of 400,000 global customers, Workato empowers organizations of every size to unlock new value and lead in today's fast-changing world. Learn how Workato helps businesses of all sizes achieve more at workato.com.

Workato fosters a flexible, trust-oriented culture that empowers everyone to take ownership of their roles. We value innovation and seek team players eager to actively contribute to our growth.

We believe in balancing productivity with self-care, offering a vibrant work environment and benefits that support your personal and professional life.

If this resonates with you, please submit an application. We look forward to connecting!

Why choose us :

• Named an "enterprise startup to bet your career on" by Business Insider
• Recognized in Forbes' Cloud 100 as one of the top 100 private cloud companies
• Ranked 17th in Deloitte Tech Fast 500 for fastest-growing tech companies in the Bay Area; 96th in North America
• Ranked #1 for remote work by Quartz

Responsibilities

We are seeking a highly skilled Senior Security Engineer for our Product Security team in Barcelona, Spain. You will design, implement, and manage security solutions for our cloud-native platform on AWS, playing a key role in safeguarding our systems, ensuring compliance, and enhancing our security posture.

• Cloud Infrastructure Security: Design, implement, and manage security controls for AWS infrastructure.
• Vulnerability Management: Conduct vulnerability assessments and lead remediation efforts.
• Automation & Monitoring: Automate security monitoring and incident response processes.
• Security Projects Leadership: Lead initiatives like CNAPP implementation, threat detection, and custom security controls.
• Penetration Testing: Perform and analyze penetration tests to identify risks.
• Compliance Support: Collaborate to meet standards like SOC 2 and ISO 27001.
• Risk Assessments: Conduct technical risk evaluations of infrastructure components.
• Cross-Functional Collaboration: Work with DevOps, Infrastructure, and Application teams to embed security.
• Incident Response: Lead investigations into security threats and incidents.

If you're looking for a challenging role with multi-region deployments, diverse managed services, and cutting-edge cloud technologies, this position might be for you!

Requirements Qualifications / Experience / Technical Skills

• Education: Bachelor's in a related technical field; Master's is a plus.
• Certifications:
  • Essential: AWS Security Specialty, GIAC (e.g., GSEC)
  • Preferred: CISSP, OSCP, GPEN, GCIH
• 5-8 years in cybersecurity with a focus on cloud infrastructure security.
• Deep expertise in AWS security services (EKS, IAM, KMS, etc.).
• Proficient in scripting (Python, Bash).
• Experience with SIEM, IDS / IPS, vulnerability scanners.
• Knowledge of penetration testing tools (Metasploit, Burp Suite).
• Expertise in network security, encryption, IAM technologies.
• Familiar with compliance frameworks (SOC 2, ISO 27001).
• Experience with security automation in DevSecOps environments.

Soft Skills / Personal Characteristics

• Strong documentation and communication skills.