Security Engineer

hace 2 semanas

Madrid, España FoshTech A tiempo completo

**Our mission**:
We are a cutting-edge e-commerce company. Our creative, smart and dedicated teams pool their knowledge and experience to find the best solutions to meet project needs, while maintaining sustainable and long-lasting results. How do we achieve this? By making sure that our teams thrive and develop professionally. Strong advocates of hiring top talent and letting them do what they do best, we strive to create a workplace that allows for an open, collaborative and respectful culture.

**The Role**:
**What you will be doing...**:
This is a highly visible role You will protect our infrastructure by analyzing, remediating, and monitoring breaches, issues, incidents, and vulnerabilities. The right person must have excellent engagement and communication skills and a solid customer-focused and team-oriented approach that balances security needs and user experience to provide best-in-class security for the organization.

**Must also be bilingual: English/Spanish.**

**Main responsibilities for this Role**

Vulnerability Management & SecOps Engineer will be responsible for following (but not limited to) responsibilities in day-to-day work:

- Keep and improve the Vulnerability Management Program of the company.
- A focal point of contact for Vulnerability scanning schedule, configuration in a tool, and execution as per the schedule. Any failure of scans is to be investigated and scheduled to be re-run.
- Administration of **Tenable Vulnerability Management** (Nessus) and using its various features to enable and support the Vulnerability Management Program.
- Usage of **ManageEngine EndPoint Central**, **New Relic**, and any other tools available in the company in order to take advantage of their features to improve the Vulnerability Management Program and Metrics.
- Conducts periodical discovery of IT Assets, ensures that identified assets are appropriately tagged, and includes the new assets in the Vulnerability Management tool.
- Assess the identified vulnerabilities and study & understand the risk profile and impact.
- Identify any false positives reported and the technical limitations of the vulnerability in the environment, and be able to declare and manage it within the Tenable tool.
- Keep and improve existing scripts to process vulnerability results (i.e. to automatically import them into Jira while matching existing data in **Axonius**).
- Perform Penetration Tests following OWASP and using tools such as **Burp Suite** or **ZAP**.
- Develop and manage a bug bounty program (i.e. write the security researcher conditions, review received vulnerabilities, etc.).
- Manage vulnerabilities reported by corporate antivirus (i.e. **Crowdstrike**).
- Collaborate with Infrastructure teams (Windows, Linux, Networks, etc.) for the remediation/mitigation of the identified vulnerabilities.
- Maintain the Vulnerability Dashboard for the scope and submits reports to both Technical teams and Management.
- Keep and improve the existing server hardening guides, to avoid recurring vulnerabilities.
- Organize work to achieve compliance with established KPIs for Vulnerability Management and proactively work towards achieving the same. Maintain periodical reporting on the progress.
- Escalate -discuss and consult
- as required to next levels and Management in a timely manner.
- Participate in meetings with various stakeholders as per the schedules. Liaise with different teams in different geographical zones.
- Propose, plan, and execute vulnerability service/security service improvement initiatives.
- Adhere to different policies set out by the organization.
- Follow and improve existing **procedures**.
- Keep your work organized based on **tickets** (**Jira**).
- Prepare and provide different reports (weekly/monthly/ad-hoc) to the Top Management as necessary.
- Maintain appropriate knowledge required for successful and efficient delivery of the responsibilities.
- Keeping abreast of new threats and vulnerabilities and providing analysis as per applicability.
- Help the organization understand advanced cyber threats.
- Possibility to perform **on-call** after working hours and weekends.

**Knowledge and skills you need to have**:

- Five years of a university degree or four-year college diploma is required, preferably in computer science, telecommunications, or other related academic fields. Or equivalent work experience.
- Must have working experience administering and operating Tenable Vulnerability Management for a large enterprise.
- Working and hands-on experience in running a Vulnerability Management process.
- Good understanding of Reporting needs at various levels of organization and ability to design, create, and present the same.

**Competencies**:

- ** Reading comprehension**: You must be able to read and understand the existing procedures, and the tasks assigned on tickets. This is crucial for you to work under mínimal supervision and excel. If you are a technical guru but don't understand the assigned

  • Security Integration Engineer.

    hace 4 semanas

    Madrid, España Kudelski Security A tiempo completo

    Stimulating. Motivating. Challenging. Leveraging its long-standing expertise in securing digital content as well as fighting piracy, Kudelski Security, a division of the Kudelski Group, is a provider of cybersecurity solutions and services focused on protecting data, processes and systems for companies and organizations around the world, safeguarding...

  • Platform Security Engineer.

    hace 4 semanas

    Madrid, España Kudelski Security A tiempo completo

    Stimulating. Motivating. Challenging. Leveraging its long-standing expertise in securing digital content as well as fighting piracy, Kudelski Security, a division of the Kudelski Group, is a provider of cybersecurity solutions and services focused on protecting data, processes and systems for companies and organizations around the world, safeguarding...

  • Security Engineer

    hace 2 semanas

    Madrid, Madrid, España Celonis A tiempo completo

    We're Celonis, the global leader in Process Mining technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes - and for that, we need you to join us.We're Celonis, the global leading Process Mining software company and one of...

  • Security Integration Engineer.

    hace 6 días

    Madrid, España Kudelski Security A tiempo completo

    Stimulating.Motivating.Challenging.Leveraging its long-standing expertise in securing digital content as well as fighting piracy, Kudelski Security, a division of the Kudelski Group, is a provider of cybersecurity solutions and services focused on protecting data, processes and systems for companies and organizations around the world, safeguarding their...

  • Platform Security Engineer.

    hace 6 días

    Madrid, España Kudelski Security A tiempo completo

    Stimulating.Motivating.Challenging.Leveraging its long-standing expertise in securing digital content as well as fighting piracy, Kudelski Security, a division of the Kudelski Group, is a provider of cybersecurity solutions and services focused on protecting data, processes and systems for companies and organizations around the world, safeguarding their...

  • Security Engineer

    hace 2 semanas

    Madrid, Madrid, España Swiss Re - Schweizerische Rückversicherungs-Gesellschaft A tiempo completo

    Join a team of cybersecurity professionals and contribute to Swiss Re's mission of increasing global resilience. As a Security Engineer, you will be in charge of implementing cutting-edge enhancements for our security tools, including malware protection and email sandboxing, maintaining a hybrid work model where you can work both remotely and in the...

  • Fullstack Security Engineer

    hace 2 semanas

    Madrid, España Marks Sattin A tiempo completo

    **Are you an experienced **Full-stack Security Engineer** looking for your next adventure?** My client, a leading financial services company is looking to add an experienced Full stack Security Engineer to their growing teams in either London, Lisbon or Madrid! As an experienced Full-stack Security Engineer, you must have at least** 4-5 years of experience,...

  • Detection Security Engineer

    hace 2 semanas

    Madrid, Madrid, España Swiss Re - Schweizerische Rückversicherungs-Gesellschaft A tiempo completo

    Detection Security Engineer (Hybrid setup) Join a group of cybersecurity experts and assist Swiss Re in achieving its goal of increasing the world's resilience. As the Detection Security Engineer, your main responsibility will be to help close security vulnerabilities by collaborating with incident responders and proactively searching for complex cyber...

  • Security Automation Engineer

    hace 6 días

    Madrid, España Celonis A tiempo completo

    .We're Celonis, the global leader in Process Mining technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes - and for that, we need you to join us.We're Celonis, the global leading Process Mining software company and one...

  • Fullstack Security Engineer

    hace 2 semanas

    Madrid, Madrid, España Marks Sattin A tiempo completo

    Are you an experienced Full-stack Security Engineer looking for your next adventure?My client, a leading financial services company is looking to add an experienced Full stack Security Engineer to their growing teams in either London, Lisbon or Madrid As an experienced Full-stack Security Engineer, you must have at least 4-5 years of experience, working...

  • Cloud Security Engineer

    hace 2 semanas

    Madrid, Madrid, España Semrush A tiempo completo

    Security Position: RemoteHey there! We're Semrush, a global IT company focused on developing a cutting-edge platform for digital marketers. Exciting opportunities await, so don't let this one slip by!Cloud Security Engineer Role:Contribute to the swift implementation of security controls and features in the cloud.Conduct technical security assessments and...

  • Senior Cloud Security Engineer

    hace 2 semanas

    Madrid, España LRI Invest A tiempo completo

    Description Cloud Security Engineer: Summary of the position Outline of main duties and responsibilities The main responsibilities of the role will be: - Hands-on day-to-day management of security tooling both vendor tools (such as Mimecast Tessian and Netskope) and public cloud security tools (such as Azure Security Center, Conditional Access and...

  • Security Engineer Remoto

    hace 2 meses

    Madrid, España Digital Talent Agency A tiempo completo

    Desde DTA estamos seleccionando un perfil de SECURITY ENGINEER para I+D con al menos 2 años de experiencia.¿QUÉ NECESITAMOS?- Licenciatura/grado en Ingeniería de Telecomunicación, Informática o titulación técnica afín.- Al menos 2 años acreditables de experiencia como Security Engineer. El nivel de experiencia determinará las funciones y...

  • Security Engineer Remoto

    hace 4 semanas

    Madrid, España Digital Talent Agency A tiempo completo

    Desde DTA estamos seleccionando un perfil de SECURITY ENGINEER para I+D con al menos 2 años de experiencia.¿QUÉ NECESITAMOS?- Licenciatura/grado en Ingeniería de Telecomunicación, Informática o titulación técnica afín.- Al menos 2 años acreditables de experiencia como Security Engineer. El nivel de experiencia determinará las funciones y...

  • Security Engineer Remoto

    hace 2 semanas

    Madrid, Madrid, España Dtagency A tiempo completo

    Desde DTA estamos seleccionando un perfil de SECURITY ENGINEER para I+D con al menos 2 años de experiencia.¿QUÉ NECESITAMOS?Licenciatura/grado en Ingeniería de Telecomunicación Informática o titulación técnica afín.Al menos 2 años acreditables de experiencia como Security Engineer. El nivel de experiencia determinará las funciones y condiciones...

  • Security Engineer

    hace 2 semanas

    Madrid, España Fortra, Llc A tiempo completo

    As a hands-on role, the Security Engineer is to collaborate with all parts of the organization globally, including IT, DevOps, and Development. The role is responsible for cybersecurity controls, and processes to identify, protect, detect, respond, and recover to protect the organization and its assets. A mix of Office 365, email security, endpoint security,...

  • Security Engineer

    hace 2 semanas

    Madrid, Madrid, España Fortra, Llc A tiempo completo

    As a hands-on role, the Security Engineer is to collaborate with all parts of the organization globally, including IT, DevOps, and Development. The role is responsible for cybersecurity controls, and processes to identify, protect, detect, respond, and recover to protect the organization and its assets. A mix of Office 365, email security, endpoint security,...

  • Security Engineer Remoto, 100% En remoto

    hace 1 mes

    Madrid, Madrid, España Digital Talent Agency A tiempo completo

    Security Engineer Remoto en 100% En remoto. Desde DTA estamos seleccionando un perfil de SECURITY ENGINEER para I+D con al menos 2 años de experiencia. ¿QUÉ NECESITAMOS? Licenciatura grado en Ingeniería de Telecomunicación Informát...< p>

  • Security Engineer Remoto, 100% En remoto

    hace 2 semanas

    Madrid, Madrid, España Digital Talent Agency A tiempo completo

    Security Engineer Remoto en 100% En remoto. Desde DTA estamos seleccionando un perfil de SECURITY ENGINEER para I+D con al menos 2 años de experiencia. ¿QUÉ NECESITAMOS? Licenciatura grado en Ingeniería de Telecomunicación Informát...< p>

  • Security Engineer Remoto, 100% En remoto

    hace 4 semanas

    Madrid, Madrid, España Digital Talent Agency A tiempo completo

    Security Engineer Remoto en 100% En remoto. Desde DTA estamos seleccionando un perfil de SECURITY ENGINEER para I+D con al menos 2 años de experiencia. ¿QUÉ NECESITAMOS? Licenciatura grado en Ingeniería de Telecomunicación Informát...< p>