Senior Cyber Security Engineer (ITSecOps)

We are looking for a hands-on Senior Cyber Security Engineer to establish and lead Codeway's IT Security Operations (ITSecOps) function. This role will initially work directly with the IT leadership to design and implement core security infrastructure and processes. The ideal candidate combines strong technical expertise (MDM, EDR, SIEM, NAC, endpoint and network security) with strategic thinking and the ability to build systems from scratch in a fast-growing environment. WHAT YOU'LL BE DOING Security Infrastructure & Architecture

• Lead the implementation and ongoing management of MDM, EDR/XDR, SIEM, and NAC solutions.
• Design and continuously improve endpoint and network security architecture.
• Define and operationalize logging, monitoring, alerting, and incident response workflows.
• Integrate security tools seamlessly with existing IT and infrastructure systems.

Security Operations (SecOps)

• Establish and manage incident detection and response processes.
• Own and drive the vulnerability management lifecycle.
• Implement and oversee patch management security controls.
• Define and enforce endpoint hardening standards.
• Develop and maintain internal security policies and technical standards.
• Conduct regular risk assessments and security reviews.
• Manage third-party security vendors, tools, and service providers.

Governance & Compliance

• Support internal and external audits and compliance initiatives (e.g., ISO 27001, SOC 2).
• Maintain up-to-date documentation, security procedures, and operational playbooks.

Do you have experience in SoC?, Degree in Computer Engineering, Information Systems, Cyber Security, or a related field.

• 5-8+ years of experience in IT Security, Security Operations, or Infrastructure Security.
• Proven hands-on experience implementing and managing MDM, EDR/XDR, SIEM, and NAC solutions.
• Experience building and scaling security processes and infrastructure from scratch is highly preferred.
• Prior experience in fast-scaling technology companies is a strong advantage.
• Strong expertise in endpoint security and network security fundamentals.
• Solid experience in log management, correlation, and threat detection & incident response.
• Good understanding of Identity & Access Management (IAM) principles and practices.
• Familiarity with scripting (Bash, Python) and core infrastructure concepts such as VPNs, firewalls, and network segmentation.

Nice to Have * Relevant security certifications (e.g., CISSP, CISM, CEH, or similar).

• Hands-on experience supporting or leading ISO 27001 and/or SOC 2 implementation initiatives.
• Proven experience establishing or scaling a SOC or SecOps function.

• Full-time contract with competitive salary
• Private health insurance, a generous meal card
• Full visa & relocation support if you're moving to Barcelona
• Annual learning & development budget for courses, tools, or events that support your growth
• Free access to Codeway's suite of apps across productivity, wellness, and education
• A top-notch office in the heart of the city

Codeway builds consumer apps used by millions around the world, spanning AI creativity, wellness, learning, and productivity. Our products are built with a strong focus on user experience, speed, and quality, and are powered by deep in-house technology and data capabilities. Barcelona is a growing core hub for Codeway. We are building a strong engineering culture here, focused on ownership, fast execution, and high standards of craft. This is a place for engineers who want to stay close to the product, influence real decisions, and see their work reach users quickly. We are now looking for a Senior Cyber Security Engineer (ITSecOps) to join our Barcelona team and help us build and scale high-quality mobile experiences across our consumer app portfolio.