Security Cloud Engineer

Join to apply for the Cloud Defensive Security Engineer (Elastic) role at Adevinta We're Adevinta , a global leader in digital marketplaces. Our brands – including Marktplaats in the Netherlands, mobile.Global Tech Hubs in Barcelona, Amsterdam, Paris, and Berlin develop common products and innovation platforms that are highly scalable, customisable, and secure. As a Defensive Security Engineer on the Cloud Defense team within Security Operations, you will own and evolve our Elastic-based detection and observability platform, enabling "Defense as a Service" for security and engineering teams across the company. You need to be comfortable growing your security skills on the job while collaborating with security engineers, SOC analysts, and incident responders. You will join the Cloud Defense team, responsible for consolidating and scaling our operating defensive security capabilities for our multi‐cloud (AWS and GCP) environments, platforms, and applications. Redesign, evolve, and operate our Elastic stack (Elasticsearch, Kibana, Elastic Security/Observability) as a core part of the defensive platform. Own the ingestion pipelines for security and infrastructure telemetry (e.g. AWS/GCP audit logs, EDR telemetry, OS/syslog from Linux fleets and key application logs from our core products), including Beats/Agents, ingest pipelines, and index lifecycle management. Pragmatically optimise Elastic for performance, scalability, cost, and reliability (index strategy, shard planning, hot/warm/cold, retention policies). Define and maintain standards and templates for indices, data streams, mappings, and dashboards. Implement and maintain detection content in Elastic (KQL/EQL queries, rules, anomaly jobs) following defense‐as‐code practices: versioning, code reviews, testing, and CI/CD. Collaborate with engineering teams, SOC, and Incident Response to translate threat scenarios and cloud/runtime risks into Elastic rules, alerts, and dashboards. Improve detections to reduce false positives and improve signal quality, based on feedback from SOC, IR, and product teams. Contribute to internal tooling that improves detection engineering (e.g. shared rule templates, test harnesses, linters, rule packaging). Manage Elastic infrastructure, data pipelines, and content deployments using IaC tools (Terraform, CloudFormation) and CI/CD platforms (GitHub Actions, Argo CD). Integrate Elastic with other security and cloud services (e.g. EDR agents, cloud‐native security tools, ticketing, notification channels, SOAR) to support end‐to‐end defensive workflows. Support the hardening and security of the Elastic platform (access control, encryption, secrets, network policies, backups, and recovery). Treat Elastic as a product: maintain a roadmap, backlog, changelog, and documentation for the platform's security capabilities. Provide self‐service onboarding patterns for product and platform teams (data ingestion blueprints, dashboards, reference queries, runbooks). Partner with Cloud, SRE, Platform, and Application teams to ensure the right telemetry is available for runtime security, incident response, and troubleshooting. Build and maintain simple and clear dashboards that show data coverage, detection health, and ingest reliability over time. Level up the team's Elastic skills by treating detections as data problems: help colleagues design data models, queries, and pipelines that scale, and coach them on performance, cost, and reliability trade‐offs at our volume. Strong hands‐on experience designing, operating, and troubleshooting Elastic deployments in production (on‐prem or cloud‐managed). Experience building and operating log/telemetry pipelines into Elastic (Filebeat/Metricbeat/other Beats, Elastic Agent, Logstash, ingest pipelines). Proficiency with Kibana: dashboards, visualisations, Lens, saved searches, alerting and spaces. Infra / DevSecOps and Cloud Terraform, Ansible, CloudFormation) to deploy and manage infrastructure. Experience with CI/CD pipelines (GitHub Actions, Jenkins, etc.) to automate configuration and infrastructure deployments. Hands‐on experience with Linux systems, containers, and Kubernetes (EKS or vanilla deployments). Experience with public cloud environments, preferably AWS and/or GCP (cloud logging, IAM basics, network fundamentals). Security Knowledge Good understanding of core security and SOC concepts: logs vs events vs alerts, detections, triage, and investigations. Understanding of common cloud and application security risks (misconfigurations, credential misuse, suspicious access patterns). Willingness and curiosity to grow security expertise working next to seasoned security professionals. General 4+ years of experience in a relevant role (Platform/Observability Engineer, Elastic Engineer, DevOps/Cloud Engineer, Security Engineer). Strong scripting/automation skills in at least one language (Go, Bash, Python). Excellent communication and documentation skills, able to work effectively with engineers and security specialists in a distributed fast‐paced environment. Practical experience with Elastic Security or SIEM capabilities (detection rules, timelines, cases, EQL/KQL for threat detection). Hands‐on experience integrating Elastic with EDR/runtime security tools (e.g. Prior work in a Cloud Security/Cloud Defense/SecOps team. Contributions to open‐source projects, security libraries, or public talks/blog posts about Elastic, observability, or security. Relevant certifications (Elastic, Cloud Security, Kubernetes, or DevOps related). Participation in our Short Term Incentive plan (annual bonus) You just need reliable internet Research suggests that women and individuals from underrepresented groups may self‐select out of opportunities if they don't meet 100% of the job requirements.