Senior Security Engineer - Platform

The Security team partners across the company to help Preply grow safely and sustainably. We are responsible for platform security, application and product security, security operations, and incident response. We work closely with SRE, Data teams, Engineering teams, and our GRC function to make security practical, measurable, and scalable.

We work in small teams, which means you'll have high ownership, real influence on technical decisions, and the opportunity to drive meaningful improvements across the company. We promote self-direction, strong collaboration, and a culture where trust and clear communication matter.

We have diverse technical challenges that will allow you to develop your skills across the stack - sometimes we write about them in our Engineering Blog! Please, also visit our Tech Radar and our YouTube channel to learn more about the technologies we use at Preply!

What you'll be doing:

• Own platform security across AWS, Kubernetes, and GCP, with a strong focus on detection, alerting, and incident response readiness

• Lead key platform security initiatives end-to-end, from problem definition through rollout and iteration

• Act as a strong technical voice in defining how platform security is designed, implemented, and operated at Preply

• Evolve our monitoring from "we have a SIEM" to a detection and response capability that is effective, trusted, and actionable

• Work hands-on with our current tooling, including Datadog as our SIEM, Okta as our primary IdP, and a range of SaaS platforms

• Drive cross-functional platform security initiatives from problem definition to production rollout, partnering with SRE, Data, Engineering, and GRC

• Strengthen cloud and platform security across AWS and Kubernetes, with expanding scope in GCP, through practical guardrails, secure patterns, and automation

• Improve the robustness of access to internal infrastructure, including identity, privileged access, and auditability

• Improve security of Kubernetes deployments, including cluster and workload security, policy enforcement, and secure workload identity patterns

• Mature detection and response capability using Datadog

• Improve log coverage and data quality (cloud, Kubernetes, CI/CD, identity, and key SaaS)

• Build and tune actionable detections with clear severity, ownership, and expected frequency

• Reduce noise through correlation, deduplication, enrichment, and continuous tuning

• Establish repeatable triage workflows and clear escalation paths, being part of the Security on-call rotations

• Create investigation playbooks and runbooks so alerts can be handled consistently and quickly

• Partner with Data teams to improve monitoring for suspicious activity and sensitive access patterns, with an emphasis on practical, high-signal alerting

• Improve secrets management and reduce exposure risk across CI/CD and runtime

• Build security automation that makes the secure path the easy path for engineers

Do you have experience in Terraform?, * Strong experience securing cloud and platform environments, especially AWS and Kubernetes, and the ability to extend that security approach into GCP

• Hands-on experience driving and delivering technical security initiatives end-to-end in production environments
• Strong understanding of the software development lifecycle, and comfort working with CI/CD and infrastructure as code
• Practical experience improving identity and access security, with strong familiarity with Okta event monitoring and identity-focused detection patterns
• Experience building or maturing security operations capability, especially turning SIEM inputs into reliable operational outcomes (triage, runbooks, tuning, and measurable improvement)
• Experience improving logging coverage and signal quality, and building detections that are actionable rather than noisy (experience with Datadog SIEM is a plus)
• Strong collaboration skills and the ability to influence decisions across SRE, Data, Engineering, and GRC
• Business-oriented mindset and comfort making cost-benefit tradeoffs
• Strong communication skills. Minimum C1 English level.
• Willingness to participate in on-call rotations and partner effectively with SRE during incidents.

Nice to have:

• Terraform and infrastructure as code at scale
• Jenkins hardening and CI/CD supply chain security controls
• Cloudflare security controls (WAF, bot mitigation, edge protections)
• Scripting or programming for automation and tooling
• Incident response experience in cloud-native environments (AWS and Kubernetes)

• An open, collaborative, dynamic and diverse culture;
• A generous monthly allowance for lessons on Preply.com, Learning & Development budget and time off for your self-development;
• A competitive financial package with equity, leave allowance and health insurance;
• Not in Barcelona? We offer an attractive relocation package to join us in our Preply Barcelona Hub
• Access to free mental health support platforms;
• Access to Gympass-partnered wellness and gym centers throughout Spain to promote and support well-being and physical health;
• The opportunity to unlock the potential of learners and tutors through language learning and teaching in 175 countries (and counting!).

At Preply, we're all about creating life-changing learning experiences. We help people discover the magic of the perfect tutor, craft a personalised learning journey, and stay motivated to keep growing. Our approach is human-led, tech-enabled - and it's creating real impact. We've just reached unicorn status with a $150M Series D, accelerating our vision to transform education through human-led, AI-enhanced learning. Today, 100,000+ tutors teach 90+ languages to learners in 180 countries - and we're only getting started. As a category-defining company, we're shaping what the future of learning looks like at global scale. Every Preply lesson sparks change, fuels ambition, and drives progress that matters. Joining Preply means helping define the future of education at global scale, and building something that truly matters for millions of people, every day., * Care to change the world - We are passionate about our work and care deeply about its impact to be life changing. * We do it for learners - For both Preply and tutors, learners are why we do what we do. Every day we focus on empowering tutors to deliver an exceptional learning experience. * Keep perfecting - To create an outstanding customer experience, we focus on simplicity, smoothness, and enjoyment, continually perfecting it as every detail matters. * Now is the time - In a fast-paced world, it matters how quickly we act. Now is the time to make great things happen. * Disciplined execution - What makes us disciplined is the excellence in our execution. We set clear goals, focus on what matters, and utilize our resources efficiently. * Dive deep - We leverage business acumen and curiosity to investigate disparities between numbers and stories, unlocking meaningful insights to guide our decisions. * Growth mindset - We proactively seek growth opportunities and believe today's best performance becomes tomorrow's starting point. We humbly embrace feedback and learn from setbacks. * Raise the bar - We raise our performance standards continuously, alongside each new hire and promotion. We build diverse and high-performing teams that can make a real difference. * Challenge, disagree and commit - We value open and candid communication, even when we don't fully agree. We speak our minds, challenge when necessary, and fully commit to decisions once made. * One Preply - We prioritize collaboration, inclusion, and the success of our team over personal ambitions. Together, we support and celebrate each other's progress.