Security Engineer in Madrid

Packlink

Workplace
Onsite
Hours
Full-Time
Internship
No
Share offer

Job Description

In Packlink we want to be the fastest-growing global provider of shipping services and technology.

We are building the best shipping platform for private customers and businesses. Shipping is a complex business and small to medium businesses need a solution to the problems shipping brings into their day to day work. With our technology, SMBs can improve their shipping experience delivering a premium service to their customers.

At Packlink Engineering team we are looking for our new colleagues, people eager to join a motivated high impact team to improve our product and systems. You'll find a friendly and welcoming work environment.

You will bring your people and leadership skills to work with talented people to understand their needs and help them progress through their career.

To achieve this we work in interdisciplinary teams with clearly defined responsibilities.

 

What you’ll find is:

  • Microservices, microservices, and microservices, with more than 50 in production.
  • More than 3.4K requests per minute... are you up for the challenge?
  • Event oriented architecture.
  • A company with more than 15 nationalities.
  • Docker containers from your local environment until production.
  • DevOps mentality.
  • And much more!

What you will be doing: 

  • Incident Response: as part of the security incident management process, detect, analyze, and respond to security events
  • Penetration and offensive Testing
  • War games
  • Evaluation of security in products/processes
  • Security compliance: policies, regulations, and audits.
  • Risk management: Identify and manage risk associated with corporate infrastructure and connectivity
  • Promote security with advice, best practices, and guidelines
  • Security Architecture: Identify, monitor, and remediate vulnerabilities in products and architecture across Cloud environments
  • Security Development
  • Threat Intelligence: threat modeling across business applications and infrastructure integrations
  • Manage our disclosure program
  • Provide security advice on a constant stream of new products and technologies
  • Participate in security issues triage
  • Design and execute a company-wide security training plan
  • Support our data protection officer and compliance team with information requests, pen-testing coordinations, internal and external audits, disaster recovery, and related activities.
  • Evangelize teams about security test strategies for complex systems
  • Integrate security checks in a non-blocking way throughout the development cycle
  • Help building and leveling up our bug bounty program
  • Be the security evangelist and drive security awareness across the organization
  • Develop custom security automation tooling
  • Integration of security tools or frameworks in our CD/CI
  • Mentor other engineers in order for them to interiorize security best practices and grow as technical contributors

What we are looking for:

  • Experience securing cloud services, building compliant distributed systems
  • Experience in microservices and event-driven ecosystem
  • Experience with containerization technologies
  • Software development experience in some of our language’s stack: Python, Scala, Java, Typescript/Javascript (Angular and React)
  • Experience with static analysis tools
  • Experience in white box testing
  • Experience developing custom security automation tools and solutions to help monitoring, detection, and response capabilities
  • Several years of professional experience working in a Security team
  • Active participation in incident response investigations
  • Experience in threat modeling
  • Passion for educating others in security best practices
  • Experience in scaling security with automation
  • Scripting skills (Python/Bash/Go …)
  • Experience in bug bounty programs and triaging security issues

 

It would be great if you: 

  • Experience implementing PCI, SOC 2 compliance or related
  • Experience in compliance with GDPR
  • CISSP, CISM, Security+, GCED, GICSP, GCIH, SSCP, OSCP or CASP+ Certification or similar
  • Have JVM knowledge is a big plus
  • Have a degree in Computer Science or related technical/scientific discipline
  • Participated in some Information security management system certification process (ISMS): ISO 27001, SOX, …

 

What we offer:

  • ✔️ Competitive salary package. We’re looking for the right person. Annual salary offer: Senior from 50k - 60k, Staff from 60k - 75k
  • 📙 Personal Training Budget. Up to 2000€/year training budget (certifications, conferences attendance…) for investing in your professional development. We want to help you to improve your technical skills, feel involved in the tech community, and develop your soft skills in order to lead teams or manage other stakeholders.
  •  🗺️ Languages classes on a weekly basis. Thirsty of knowledge? Learn a new language by joining our free English/Spanish/French classes. In groups of 4-5 people, you can connect and enjoy learning your favorite language with one of our great coaches.
  • 📈 Engineering Career Path. A career growth plan, created by engineers for engineers. You can check it in our blog (https://medium.com/packlinkeng/the-path-to-our-career-path-8781e4565ae3)
  • 📖 Learning weekly initiatives. Share is caring, join us for our weekly Learning Meetings. Be the driver or the attendant, you choose!
  • 💬 Be an active part of the tech community. Opportunity to attend and participate in local and international technological events. We are doing really cool things and we feel really proud to share them!
  • 👕 Our culture is our aim to be: A young and upbeat work environment. Leave your suit behind; we’re a t-shirt and converse kind of place.
  • 🌍 International environment for developing your cross-cultural skills. A truly international team: 10 languages, 15 nationalities working in the same company. Also, our company language is English and all internal communication and open meetings are in English.
  • 💻 Configure your workstation. Whether you prefer Mac or Linux (or Windows…), 1 additional screen or 2… enjoy your brand-new work from home set-up essentials.
  • 🏡 We like overcoming barriers, bring your talent and work from home. (After COVID situation, now we are fully remote). We are able to look for the best combination of remote and office-days. From 3 days WFH per week up to 3 days per month working in the office with your team we are happy to configure your perfect scheme.
  • ⚖️ Work-life balance. If you have kids or you want to go to the gym at the morning… Your work-life balance is really important for us! Our work-time scheme is flexible and you only need to share your preferences with your manager. We will find the best fit for you!
  • 🏐 Health and Wellness. We care about you! You can choose between the gym membership, physiotherapy sessions or private health insurance, 100% free! Also, we have psychological assistance free of charge.
  • 🏟️ Company events. Work hard, play hard! We do our best every day even in our regular team-building events. Now it will be remote but we hope to come back again!
  • 💰 Flexible Salary. We work with Cobee in order to save taxes with our reflex plan: transport, restaurant and kindergarten.
  • 💸 Great and transparent compensation policy. We included the salary ranges in all job offers in order to be clear about our expectations. In addition, we will discuss this range with you in the first recruiting call to assure that we are aligned.
 

About Packlink

  • Logistics

Packlink company page is empty
Add a description and pictures to attract more candidates and boost your employer branding.

Other cybersecurity jobs that might interest you...