Senior Security Engineer in Madrid

Eurovision Services (ES) is seeking a Senior Security Engineer for our Technology department in Madrid, Spain.

ABOUT THE ES TECHNOLOGY TEAM

The Technology Team is the driving force behind all our technical infrastructure, networks, corporate systems, and software IT. It is responsible for planning, implementing, and maintaining the entire technical landscape, which serves as the foundation for all permanent and event-based operational services for our customers (e.g., media organizations, sports federations, and event enterprises). The ES Technology Team ensures secure functionality while delivering cutting-edge technical solutions to provide high-quality services, achieve ambitious objectives, and deliver outstanding value to our customers, all while optimizing costs to improve our bottom line.

ABOUT THE ROLE

The Senior Security Engineer plays a pivotal role in safeguarding the organization's information and technology assets. This role is responsible of the design, implementation and maintenance of Eurovision's security systems along with the IT Security Team, being crucial in safeguarding sensitive data against cyber threats and ensuring compliance with security regulations.

KEY RESPONSIBILITIES

• Plan and execute the organization's information security strategy.

• Collaborate closely with the team to develop standards, procedures, and best practices.

• Ensure the application of security best practices and recommend enhancements.

• Propose strategies to respond to and recover from security breaches.

• Act as the central point of contact for IT security concerns and liaise efficiently with dedicated teams.

• Provide support and response to security events and incidents.

• Improve methods and tools for cyber incident analysis, detection, and response.

• Contribute to the implementation of a continuous threat and incident monitoring program.

• Support technical cyber risk assessments in various operational environments, including threat modeling, architecture and design reviews, vulnerability assessments, application security testing, and penetration testing.

• Follow, assess, and advise on new and emerging cyber threats.

• Manage phishing campaigns and mail security.

• Schedule, execute, and analyze vulnerability scanning, and provide compliance and patching reporting.

• Participate in technical security remediation and mitigation planning.

In detail

Documentation Management:

• Review, update, and maintain all security-related documentation, ensuring alignment with contracts and relevant standards.

• Ensure that all security policies and procedures are documented and communicated effectively across the organization.

Risk Management:

• Identify security risks and develop detailed action plans for mitigation.

• Oversee the execution of action plans to maintain a proactive security posture.

Audit Support:

• Provide comprehensive support for internal and external audits, ensuring all required documentation is available and up to date.

• Collaborate with auditors to facilitate a smooth audit process.

Action Plan Monitoring:

• Oversee the implementation of corrective actions resulting from audits or identified non-conformities.

• Ensure compliance with all recommendations and track progress on action plans.

GDPR Compliance:

• Manage all data protection-related activities to ensure compliance with GDPR.

• Maintain proper documentation and records for GDPR compliance.

Technical Vulnerabilities Management:

• Stay informed on technical vulnerabilities and emerging threats.

• Coordinate timely remediation efforts or exception handling when required.

YOUR SKILLS AND EXPERIENCE

The successful candidate must have the following experience and skills:

• At least +5 years of experience in a similar or related position.

• Bachelor's degree in Information Security, Computer Science, or a related field.

• Proven experience in security management or a similar role.

• Valid security professional certification (such as GIAC, CISSP, CompTIA Security+, CCSP, etc.).

• Strong understanding of security standards and best practices.

• Knowledge of GDPR and ISO27001 regulations.

• Proficiency in English, both written and spoken.

• Excellent documentation and communication skills.

Preferred Technical Skills:

• Deep understanding of common network protocols (DNS, HTTP, SMTP, FTP).

• Deep understanding of SMTP, SSL/TLS, and PKI.

• Deep understanding of Windows Servers and Workstations, Linux Servers (RHEL / Debian) environments.

• Experience in access management (IAM NetIQ, PAM Wallix, etc.).

• Experience in On-prem and Azure AD, Office 365.

• Experience in Antivirus XDR, sandboxes, and malware analysis.

• Experience in vulnerability scanning.

• Strong knowledge of common IT security vulnerabilities and exploitation techniques.

• Knowledge of scripting (Bash, Perl, Python/PowerShell, batch).

• Knowledge of the AWS / Azure cloud environment and SSO / SAML.

• Knowledge of CISCO routing/switching, Check Point, or Palo Alto firewalls.

• Experience with security audits and risk management.

• Familiarity with technical vulnerability management tools and processes.

BENEFITS AND PERKS

•Competitive salary and benefits

•Hybrid working model 2 days from the office, 3 days from home.

•28 working days of vacation for all employees

•A flexible 40-hour working week for work-life balance

•Private health insurance

•Company pension fund

•Ticket restaurant card

•Public transport card

•Sponsored gym membership

•Choose your own laptop backpack

•Start-up culture but with a consolidated business behind it

•A multi-cultural environment, made up of a dynamic and international team

ONCE ON BOARD YOU WILL

•Be part of an outstanding multi-cultural and international team of engineers

•Get involved in Tier-1 media projects with impact and visibility

•Occasionally travel to our headquarters in Switzerland for special projects and training

•Enjoy our technology hub, designed to foster a culture of sharing, openness and creativity

ABOUT EUROVISION SERVICES

Great events don't happen by accident. Event organisers, media organisations and sport federations need adaptable, end-to-end solutions to produce, distribute and personalise content for the right audiences, at the right time, in the right format.

We aim to be the first-choice media services provider to customers by providing new, better and different ways to simply, efficiently and seamlessly access and deliver content and services. Our service portfolio is designed to offer the agility and ability to enhance and adapt content to the needs of all digital platforms. But what really sets us apart is that we see the bigger picture.

We are Eurovision Services. We deliver excellence in everything we do, to leave others free to focus on what really matters – creating truly amazing experiences. Discover more about Eurovision Services at www.eurovision.net.