Senior Security Engineer (100% remote-friendly within Spain)

📋 Description

• • Are you a seasoned cybersecurity professional with a passion for safeguarding digital assets and a knack for leading critical incident response efforts? DocPlanner Group S.A. is seeking a highly skilled Senior Security Engineer to join our dynamic, fully remote-friendly team within Spain. This pivotal role offers the opportunity to significantly impact our organization's security posture by taking ownership of incident response, conducting in-depth investigations, and proactively enhancing our cybersecurity defenses.
• • In this capacity, you will be instrumental in shaping and executing our security operations roadmap. This involves not just reacting to threats but also strategically designing and implementing long-term strategies that fortify our defenses against an ever-evolving threat landscape. Your expertise will be crucial in refining and maintaining our existing processes, optimizing our security tooling, and ensuring our documentation and training programs are robust and up-to-date, thereby maturing our overall cybersecurity incident response capabilities.
• • A core responsibility will be the design, implementation, and ongoing maintenance of sophisticated security event monitoring systems. You will be at the forefront of detecting potential threats, performing daily alert investigations, and orchestrating incident response activities across both cloud-native infrastructures and traditional on-premises environments. This requires a deep understanding of various technology stacks and the ability to adapt quickly to new challenges.
• • You will also play a key role in identifying, scoping, and managing ongoing security incidents for our customers. This involves developing comprehensive remediation plans and driving their implementation to enhance security maturity across the board. Your analytical skills will be put to the test as you normalize, analyze, and identify security events from diverse application logs, transforming raw data into actionable intelligence.
• • Collaboration is key in this role. You will work closely with our development and operations teams, providing expert guidance and assistance to improve our log monitoring capabilities. This includes integrating threat intelligence feeds and implementing automation to streamline detection and response processes, making our security operations more efficient and effective.
• • The ideal candidate will possess a strong understanding of secure software development practices, including a thorough knowledge of common vulnerabilities such as those outlined in the OWASP Top 10. This proactive approach ensures that security is considered from the ground up, not as an afterthought.
• • Furthermore, your ability to communicate complex technical issues and security risks clearly and authoritatively to a diverse range of audiences – from IT professionals and executives to business decision-makers – is paramount. Maintaining transparency and building trust with stakeholders through effective communication is a critical aspect of this role.
• • This is a global position, demanding flexibility to accommodate occasional work outside standard business hours, including weekends, to ensure continuous security coverage.
• • You will be responsible for deploying and managing our Security Operations Center (SOC) tech stack, leveraging SIEM platforms for log analysis and correlation, and working with application security and Web Application Firewall (WAF) platforms. Experience with Infrastructure as Code tools like Terraform and container orchestration platforms like Kubernetes will be highly advantageous in managing our modern infrastructure.
• • Ultimately, this role is about being a guardian of our digital environment, driving continuous improvement in security operations, and ensuring the resilience of our systems against sophisticated threats. If you are a proactive, detail-oriented, and experienced security professional ready to make a significant impact, we encourage you to apply.