Security Engineer

Bank
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Shift work
Languages
English

Job location

Remote

Tech stack

Microsoft Windows
Microsoft Active Directory
Agile Methodologies
Software System Penetration Testing
Bash
Cloud Computing Security
Configuration Management
Continuous Delivery
Data Centers
Linux
DevOps
Multi-Factor Authentication
Hot Standby Router Protocol
Identity and Access Management
Intrusion Detection Systems
Virtual Private Networks (VPN)
Python
Key Management
Network Security
Powershell
Scrum
Role-Based Access Control
Zero Trust Network Access
Security Information and Event Management
Virtual Router Redundancy Protocols
Software Vulnerability Management
Private Cloud Environment
Scripting (Bash/Python/Go/Ruby)
QRadar
Firewalls (Computer Science)
Information Technology
Patch Management
Nessus
Operating System Security
Splunk
Devsecops
Qualys
Vulnerability Analysis

Job description

ensuring resilient, compliant, high-quality infrastructure and platforms for the business. Focus and priorities - Monitor and respond to security alerts (SIEM, EDR, IDS/IPS) in private cloud/on-prem environments - Investigate incidents, perform root cause analysis (RCA), and implement remediation - Manage identity and access controls (Active Directory, RBAC, MFA, PAM) - Conduct vulnerability assessments and track remediation across servers and applications - Integrate security controls into CI/CD pipelines (DevSecOps practices) - Implement and maintain security policies, standards, and hardening guidelines - Perform patching, compliance checks, and internal security audits - Collaborate with infrastructure, DevOps, and application teams - Maintain security documentation and support change/release processes - Ransomware resilience programs, Darktrace operationalization, SIEM/SOC integration - Zero Trust and segmentation projects Work environment You will collaborate closely with

Requirements

enthusiastic, highly skilled colleagues from our client Hubs in Romania and Amsterdam. You will work on externally hosted (private cloud) infrastructure environments for Financial Markets - a fast-paced, complex, and continuously evolving area where quality and resilience are critical. Hybrid work is part of the role: a mix of focused remote work and collaborative in-office sessions. Development and growth The Bank invests significantly in your continuous learning and personal development. You will stay up to date with the latest Security tooling, infrastructure trends, cloud security practices, and regulatory requirements. Your curiosity and willingness to improve are key to your growth path. How to succeed We hire smart people for their potential. Our biggest expectation is that you stay curious, keep learning, and take responsibility. You are a skilled, analytical, and security-focused Security Engineer. You understand infrastructure, automation, and security engineering. You are a strong communicator, a collaborative team player, and highly structured in your work. You understand that on-call or weekend work may be required. You also fully support our client's risk and security processes - since security is part of our DNA. Requirements Residency in Spain is required. Knowledge and experience - Experience with infrastructure hardening, patching, configuration management, and compliance - Experience securing (data centre) infrastructure, containers, and workloads - Hands-on with vulnerability management, pentesting processes, remediation, and security monitoring - Familiarity with identity & access controls, PAM, secrets management - Experience with monitoring, alerting and logging systems - Experience working in complex, highly regulated IT environments - Scripting skills (Python, Bash, PowerShell or similar) are a strong advantage - Security tools: SIEM (Splunk, QRadar, ELK), EDR solutions - Identity & Access Management: Active Directory, RBAC, PAM, MFA - Network security fundamentals (firewalls, IDS/IPS, VPN, segmentation) - Vulnerability tools: Nessus / Qualys - OS security: Windows/Linux hardening and patch management - Experience with VRRP, GLBP, HSRP or similar first-hop redundancy protocols - Experience performing risk/security procedures (pentesting support, vulnerability remediation, compliance reporting, PAM, DR) - Darktrace rollout and network security enhancements Competencies - Excellent written and verbal communication skills in English - Customer-focused mindset and strong collaboration skills - Ability t

Apply for this position