We’re currently looking for an experienced engineer to join our team in Barcelona, to help us to provide defensive security capabilities by embedding security by default in our systems, building services to automate the detection of threats and assisting our teams with security incident response and forensics in our cloud infrastructure.
What you will do
- Contribute in defining our defensive security strategy.
- Assist engineering teams in responding to security incidents.
- Perform forensic analysis primarily in immutable cloud deployments.
- Develop tools to automate incident handling and response.
- Improve our security monitoring and alerting services.
- Bootstrap base OS and Docker images that are secure by default.
- Advise engineering teams in improving their security posture.
- Collaborate with other security teams on shared projects and initiatives.
Who you are
- 5+ years of experience working as a Security Engineer
- Proven experience in most of the following topics:
- Incident response
- Computer and network forensics
- Network and host intrusion detection
- Security monitoring and alerting
- Operating system hardening
- Threat intelligence
- Web application security
- Web technologies (Web applications, Web Services, Service Oriented Architectures) and related protocols
- Cloud environments (e.g. AWS, Microsoft Azure, Google Cloud, OpenStack) and their security implications
- Development experience with programming languages like Go or Python, and using version control software like git.
- Proactivity and ability to absorb and rapidly adapt to new technologies and paradigms.
- Willing to travel occasionally.
- Feeling comfortable communicating in English in a working environment.
- Seeing computer security and its challenges as a game and enjoying it.
Preferred Job Qualifications
- Participation in CTFs or other security challenges.
- Public exploits, relevant CVEs, “Hall of Fame” recognitions or bug bounties.
- Contributions to open source projects.
- Content publication on blogs, magazines or reports.
- Performing talks at conferences or workshops.
- Good understanding of Docker, Kubernetes and their security models.
- Experience with CI/CD tools (e.g. Travis, Spinnaker, Jenkins).
- Experience with security tooling and features in AWS or other cloud providers.
- Knowledge of DevOps culture (infrastructure-as-code, “you build it, you run it”, etc.) and its implications for security
- Experience with Malware Analysis, Authentication and Authorization, Applied Cryptography or Threat Modeling.
What you’ll get from us
- Flexible benefits programme (transport, restaurants, child-care, etc)
- 28 days of holidays
- Competitive compensation package
- A unique position in an international and dynamic environment
- Opportunity to shape the way we work. Your feedback and opinions are valued at all levels of the organisation
- The chance to be a key player in a growing, highly skilled team
- Great colleagues and a healthy working environment
- Benefits including private health insurance, stock purchase plan and bonus
- Flexibility to work when and how you want - flexible hours, choose your phone and computer
- Career development, including individual training budget and language classes
- Free breakfast, coffee and fruit.
Adevinta is an equal opportunity employer and values diversity in our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status or disability status. If anything you’ve read above ticks your boxes, then why not apply now to find out more!
The health of our employees is very important to us. Due to Covid-19 all of our employees currently have the option to work from home full-time or, depending on the local situation and government regulations, they may go into the office following all safety protocols. This means that our interviews are currently taking place virtually. We are reviewing the situation on a regular basis and want to ensure that we follow all governmental guidelines and put the health of our people first.