Software Engineer II - Node - Security - Admin Experience

Amazon.com, Inc.
Municipality of Valencia, Spain
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
€ 85K

Job location

Remote
Municipality of Valencia, Spain

Tech stack

Clean Code Principles
JavaScript
Artificial Intelligence
User Authentication
Computer Security
Cross-Origin Resource Sharing (Ajax Programming)
Web Development
Identity and Access Management
Node.js
Open Web Application Security
Role-Based Access Control
Secure Coding
Web Application Security
TypeScript
Software Vulnerability Management
Application Enhancement Tool
Codebase
Kibana
Vulnerability Analysis

Job description

We are looking for a security-focused Engineer to strengthen Kibana's security posture and build robust platform security features. In this role, you'll be responsible for hardening Kibana against evolving threats, managing security vulnerabilities, and ensuring our application meets the highest security standards for enterprise and government customers. You'll also leverage AI to build innovative security tools that enhance our vulnerability detection, automate security workflows, and accelerate threat response. If you're passionate about web application security and want to make a direct impact on protecting critical infrastructure while pushing the boundaries of AI-powered security, this is the role for you. What You Will Be Doing Lead security hardening efforts across Kibana's codebase and infrastructure, including content security policy implementation and enforcement Build AI-powered tools and workflows to enhance security operations, including automated vulnerability detection, intelligent security alert triage, and predictive threat analysis Manage third-party dependency security through regular audits, vulnerability assessments, and coordinated upgrades Collaborate with security researchers and respond to vulnerability reports with urgency and thoroughness Design and implement security controls for authentication, authorization, and auditing features Work closely with Operations and Engineering teams to ensure security best practices across our hosted and on-premise offerings Contribute to threat modeling and security architecture decisions for new features Write secure, maintainable code for both client and server-side components

Requirements

At least 3 years of web development experience, with a focus on secure development practices Strong knowledge of web application security principles including OWASP Top 10, secure authentication patterns, and defense-in-depth strategies Experience with security vulnerability management, including triage, remediation, and coordinated disclosure Proficiency with JavaScript, TypeScript, and Node.js Familiarity with security scanning tools and vulnerability management platforms (e.g., Snyk, CodeQL, HackerOne) Ability to work and communicate effectively with a worldwide team in a distributed work environment Hands-on experience implementing and maintaining content security policies, CORS policies, and other browser security controls Understanding of single-sign-on technologies, role-based access control, and identity management protocols

Apply for this position