Ofertas de empleo Security Engineer, Madrid

Description

As a Security Engineer, you will focus on strengthening product and application security by applying best‑practice cybersecurity and AI safeguards. It drives “shift‑left” initiatives to integrate automated security controls early in the software development lifecycle, working closely with cloud and engineering teams to improve secure coding practices.

• Help secure our products and applications that may introduce cybersecurity and AI risks, apply established security best practices and continuously improve our security design posture.

• Coordinate “shift left” security efforts to automate and scale security into the software development lifecycle and infrastructure security. Collaborate closely with cloud engineers and application teams to instill secure coding and other security best practices.

• Ability to embed AI agents into the development pipelines to aid threat modeling and embedding appropriate security measures into these workflows.

• Participate in secure design reviews, helping identify risks, attack surfaces, and mitigation measures in line with OWASP Top 10, SANS CWE Top 25, and industry best practices,

• Contribute to developing and maintaining tooling used for secure code reviews and support developers by answering questions and advising remediation of vulnerabilities.

• Support the vulnerability management program by helping integrate vulnerability data sources, assisting with prioritization logic, and working with engineering teams to remediate identified vulnerabilities.

• Support security audit efforts (e.g., ISO 27001, SOC Type 2) by assisting with control implementation activities and evidence collection.

• Assist with the analysis of security incidents and support of the security operations center (SOC) during investigation and resolution of security alerts.

• Handling and responding to operational security requests, ensuring timely resolution in accordance with defined procedures and SLAs.

• 3+ years of experience in Application Security, Secure Software & Application development, or related fields, preferably in a product-led, led, cloud, or SaaS environmentbased, or SaaS environment.

• You are a thoughtful and responsible security professional - Someone who is proactive, eager to learn, and comfortable seeking input and feedback.

• Solid understanding of OWASP Top 10, secure coding standards, vulnerability management penetration testing methodologies, and common web/mobile vulnerabilities.

• Practical knowledge of web technologies (e.g. Cloud IaC) and at least one modern programming language (e.g., Python, Terraform).

• Experience in securing mobile/ web applications (iOS and Android) through static and dynamic analysis.

• Have hands-onon experience with modern application stacks, infrastructure (Cloud native environment), and security tools, and apply them to help implement pragmatic defenses.

• Work with a learning mindset cross-functionally with engineers of all levels to build security into the software development life cycle. Leverage creative and strategic thinking to reduce risk through secure design and simplicity, not just controls.

• Embody a proactive mindset to embed security throughout the product lifecycle through activities like threat modeling, secure code review, and education.

• Have a good understanding of common offensive security techniques and attacker mindsets to help identify and anticipate application security risks.

• You can easily partner and forge relationships with cross-functional teams and stakeholders