Appfire is hiring a
Senior Security Engineer in Spain

Summary

Appfire is hiring a Senior Security Engineer to join their Information Security team. The role involves collaborating with teams on security within cloud environments, performing security assessments and penetration testing, enforcing continuous security compliance, supporting incident response and security operations, and ensuring compliance with various policies and regulations. Requirements include a degree in Computer Science or equivalent experience, 5+ years of cybersecurity engineering and/or architecture experience, experience in a multi-cloud environment, familiarity with vulnerability scanning tools and pen testing, scripting language knowledge, SQL manipulation skills, cryptography concepts understanding, and knowledge of common information security frameworks. Benefits include health insurance, remote work flexibility, annual sport allowance, training budget, incentive equity program, paid holidays, paid training, assistance for tech events and conferences, summer schedule, and team building activities.

Requirements

• Degree in Computer Science, Information Security, Engineering, or equivalent experience
• 5+ years of experience working in cyber security engineering and/or architecture at a software company

Responsibilities

• Collaborate with Engineering, IT Operations, and DevOps to design, engineer, and support security within our cloud environments, products, and vendor solutions, while promoting DevSecOps
• Perform security assessments and penetration testing on web applications, mobile clients, etc
• Enforce continuous security compliance for our Cloud apps and cloud infrastructure
• Review and approve controls needed to protect data and technology assets in compliance with policies, regulation, and legal requirements
• Support incident response and security operations
• Ensure compliance with and support our vulnerability management program, including SCA, SAST, DAST, penetration testing, and bug bounty programs
• Provide expertise in the integration efforts of Appfire acquisitions and alignment to information security standards and policies
• Implement and maintain information security systems and services to support the Information Security team

Preferred Qualifications

• Experience performing security work in a multi-cloud environment is preferred
• Experience with at least one vulnerability scanning tool (e.g. Qualys, Rapid7, Wiz, etc.)
• Experience as a pen tester for web-based applications and familiarity with the OWASP top ten vulnerability categories
• Working knowledge of at least one scripting language, Python preferred, and Linux concepts/command line familiarity
• An understanding of key cryptography concepts such as symmetric/asymmetric keys, algorithms, and protocols (PKI, GPG, RSA, x509 certificates and TLS/SSL)
• Knowledge of common information security frameworks such as CIS, NIST, ISO 27001 & SOC 2 a plus

Benefits

• Health insurance
• Remote work flexibility
• An annual sport allowance to help you keep a great work/life balance
• An annual budget for training, and event attendance
• Incentive Equity Program
• 25 days of paid holidays
• Paid training
• Paid assistance to tech events and conferences
• Summer schedule for you to fully enjoy the sun!
• Team building activities