CrawlJobs Logo

Defensive Security Engineer

adevinta.com Logo

Adevinta

Location Icon

Location:
Spain, Barcelona

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

As the Defensive Security Engineer, you will be part of the company’s Incident Response (IR) team and collaborate with our Security Operations Centre (SOC) provider. This role is crucial in defending our digital assets, ensuring an effective response to security incidents, and proactively enhancing our defensive posture. This position requires autonomy and pro-activeness skills, and a deep understanding of defensive cybersecurity technologies. You will be instrumental in ensuring that Adevinta’s security strategy covers industry-relevant security standards. The Incident Response team is part of the Information Security department where your team will collaborate with other services such as Vulnerability Management, Bug Bounty programs, and SPLC Security among others.

Job Responsibility:

  • Contribute to the Incident Response (IR) team’s efforts by fostering a culture of proactive defence and continuous improvement through active participation in response processes and initiatives
  • Actively participate in the incident response lifecycle, including preparation, detection, analysis, containment, eradication, recovery and learning, ensuring timely and effective responses to potential threats
  • Support the development and refinement of incident response policies, playbooks, escalation procedures, and tabletop exercises
  • Contribute to post-mortem analyses to improve incident detection and response capabilities continuously
  • Work closely with other relevant teams and roles, such as the DPO, Privacy, Global Incident Teams, the rest of the InfoSec teams, and E&C, ensuring effective communication and alignment during incident response efforts
  • Assist in managing the external MSSP by ensuring alignment with organisational policies, standards, and expectations regarding service quality
  • Collaborate with the SOC team to monitor and assess the performance of security monitoring, triage, and alerting processes, contributing to optimising SOC operations and improving efficiency
  • Participate in the operations and enhance the control of defensive security technologies, including EDR, SIEM, DLP, NIDS, and threat intelligence solutions
  • Gather, analyse, and operationalise threat intelligence information to enhance detection, response, and prevention efforts, ensuring timely identification and mitigation of potential threats
  • Collaborate to prepare periodic reports and collaborate with cross-functional teams to share valuable insights gained from alerts and incidents
  • Report to the Incident Response Manager
  • May be required to travel occasionally, mainly to the EU
  • You will have the possibility of being on-call

Requirements:

  • An experienced security analyst with the mentioned solutions and resolving security incidents in large enterprise environments
  • Familiar with Incident Management At Google (IMAG)
  • Structured, analytical, autonomous and proactive persona
  • Familiar with the Agile methodology
  • Experience with security frameworks and methodologies such as MITRE ATT&CK, ENISA or NIST
  • You have a hacker and an open mindset
  • You have software development skills
  • You have a good understanding of AWS Cloud technologies, services, security capabilities, and controls such as SCPs, Security Groups, IAM, etc.
  • You understand SDLC (coding and development) with modern tooling and ecosystems such as Kubernetes, Github, Github Action, infrastructure as code, etc.
  • You have excellent knowledge of security for networks, protocols, systems and applications
  • You have strong analytical and problem-solving skills, with the ability to synthesise complex data into actionable insights
  • You are fluent in English (spoken and written)
  • You have excellent communication and interpersonal skills, with the ability to build relationships and influence others
  • You have demonstrated an ability to work in a multicultural environment

Nice to have:

  • Public or private presentations
  • Open source contributor
  • Participated in conferences and trainings
  • Certifications
  • Member of bug bounty programs, CTF player or member of ethical hacking communities, recognised in the Hall of Fame, CVE mentions or vulnerability reporter
What we offer:
  • An attractive Base Salary
  • Participation in our Short Term Incentive plan (annual bonus)
  • Work From Anywhere: Enjoy up to 20 days a year of working from anywhere
  • A 24/7 Employee Assistance Program for you and your family

Additional Information:

Job Posted:
December 15, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Defensive Security Engineer

New

Cloud Defensive Security Engineer

As a Defensive Security Engineer, you will be part of the Cloud Defense team wit...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
adevinta.com Logo
Adevinta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong hands-on experience designing, operating and troubleshooting Elastic deployments in production (on-prem or cloud-managed)
  • Experience building and operating log/telemetry pipelines into Elastic (Filebeat/Metricbeat/other Beats, Elastic Agent, Logstash, ingest pipelines)
  • Proficiency with Kibana: dashboards, visualisations, Lens, saved searches, alerting and spaces
  • Solid understanding of distributed systems basics relevant to Elastic (indexing, sharding, replication, cluster health)
  • Elastic Certified Engineer (or equivalent depth of experience), however certification is a plus
  • Experience with infrastructure-as-code (e.g. Terraform, Ansible, CloudFormation) to deploy and manage infrastructure
  • Experience with CI/CD pipelines (GitHub Actions, Jenkins, etc…) to automate configuration and infrastructure deployments
  • Hands-on experience with Linux systems, containers and Kubernetes (EKS or vanilla deployments)
  • Experience with public cloud environments, preferably AWS and/or GCP (cloud logging, IAM basics, network fundamentals)
  • Good understanding of core security and SOC concepts: logs vs events vs alerts, detections, triage and investigations
Job Responsibility
Job Responsibility
  • Redesign, evolve and operate our Elastic stack (Elasticsearch, Kibana, Elastic Security/Observability) as a core part of the Defensive platform
  • Own the ingestion pipelines for security and infrastructure telemetry (e.g. AWS/GCP audit logs, EDR telemetry, OS/syslog from Linux fleets and key application logs from our core products), including Beats/Agents, ingest pipelines and index lifecycle management
  • Pragmatically optimise Elastic for performance, scalability, cost and reliability (index strategy, shard planning, hot/warm/cold, retention policies)
  • Define and maintain standards and templates for indices, data streams, mappings and dashboards
  • Implement and maintain detection content in Elastic (KQL/EQL queries, rules, anomaly jobs) following defense-as-code practices: versioning, code reviews, testing and CI/CD
  • Collaborate with engineering teams, SOC and Incident Response to translate threat scenarios and cloud/runtime risks into Elastic rules, alerts and dashboards
  • Improve detections to reduce false positives and improve signal quality, based on feedback from SOC, IR and product teams
  • Contribute to internal tooling that improves detection engineering (e.g. shared rule templates, test harnesses, linters, rule packaging)
  • Manage Elastic infrastructure, data pipelines, and content deployments using IaC tools (Terraform, CloudFormation) and CI/CD platforms (GitHub Actions, Argo CD)
  • Integrate Elastic with other security and cloud services (e.g. EDR agents, cloud-native security tools, ticketing, notification channels, SOAR) to support end-to-end defensive workflows
What we offer
What we offer
  • An attractive Base Salary
  • Participation in our Short Term Incentive plan (annual bonus)
  • Work From Anywhere: Enjoy up to 20 days a year of working from anywhere
  • A 24/7 Employee Assistance Program for you and your family
  • Fulltime
Read More
Arrow Right
New

Senior Defensive Security Engineer – Embedded Systems

Silvus is seeking a Senior Defensive Security Engineer – Embedded Systems who wi...
Location
Location
United States , Los Angeles
Salary
Salary:
140000.00 - 200000.00 USD / Year
silvustechnologies.com Logo
Silvus Technologies (International)
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field (e.g., Mathematics, Computer Engineering)
  • Minimum 5 years in cybersecurity, with at least 2 years in defensive security roles focused on Linux-based systems
  • Expertise in Linux network security, secure coding, or embedded systems security
  • Coding/scripting in C/C++, Python, Bash, or assembly for Linux environments
  • Familiarity with Linux security tools like Auditd, Lynis, or vulnerability scanners
  • Security Clearance: Active U.S. Government SECRET clearance or the ability to obtain one within 12 months of hire
  • Must be a U.S. Person (U.S. Citizen, or U.S. Permanent Resident) due to clients under U.S. federal contracts
Job Responsibility
Job Responsibility
  • Design and implement Linux-based security architectures for embedded systems, focusing on secure boot, and kernel hardening
  • Develop and enforce Linux security features, including iptables, netfilter, and auditd for intrusion detection and prevention
  • Conduct security assessments and audits of Linux-based embedded systems to identify and mitigate vulnerabilities
  • Integrate Linux security best practices into the development lifecycle (DevSecOps), emphasizing secure coding and configuration management
  • Manage vulnerabilities in Linux-based embedded systems, including timely patching and kernel updates
  • Train teams on Linux security practices, including privilege management, file system permissions, and container security
  • Participate in incident response planning and execution for Linux-based embedded systems
  • Implement Linux-native encryption and authentication mechanisms (e.g., dm-crypt, OpenSSL, PAM) for secure communications
  • Fulltime
Read More
Arrow Right
New

Principal Security Engineer

We’re building a world-class global Security team as part of our Trust Program. ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
highspot.com Logo
Highspot
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of robust, progressive experience in security engineering, application security, DevSecOps, incident detection and response, or closely related fields
  • Advanced proficiency in at least one programming language (Python, Ruby, Go, Rust, JavaScript), with deep experience conducting detailed code reviews and security assessments across multiple languages
  • Hands-on experience with deploying, operating, and interpreting results from security tools such as static analyzers, web vulnerability scanners, supply chain analysis scanners, and host-based intrusion detection systems
  • Demonstrated experience mentoring, coaching and guiding junior and mid-level security engineers, contributing to a strong team culture, and supporting peer development as a senior individual contributor
  • Demonstrated proactive approach, strong continuous learning orientation, and curiosity about emerging threats, security trends, and innovative technologies
  • Extensive expertise securing cloud-native environments (AWS, Azure, GCP, containers, microservices), with in-depth knowledge of modern cloud security risks and defenses
  • Demonstrated ability to embrace being wrong, practice humility, continuously learn from experiences, and actively seek insights through thoughtful questioning and collaboration
Job Responsibility
Job Responsibility
  • Lead comprehensive application security assessments, advanced threat modeling sessions, and secure code reviews across critical product features, internal tooling, endpoints, and third-party integrations
  • Collaborate strategically with product engineering to establish and enhance secure-by-default and privacy-by-design practices within the software development lifecycle (SDLC)
  • Lead and otherwise participate in incident detection, investigation, triage, containment, and root cause analysis for high impact security incidents, providing mentorship and guidance to junior engineers as required
  • Drive the development and continuous improvement of sophisticated detection rules, response automation, and optimized alert management across cloud environments, corporate infrastructure, and SaaS platforms
  • Lead and participate in complex vulnerability remediation processes, and effectively respond to security issues discovered by both internal teams and external sources
  • Document technical findings and strategic decisions in a clear and accessible manner, and procedural enhancements
  • significantly contribute to comprehensive security playbooks and knowledge repositories
  • Manage and oversee asksecurity@ request handling, and actively participate in sprint-based security activities, balancing strategic and tactical execution
  • Actively participate in the security on-call rotation, or provide senior-level guidance as required during an event and aid in rapid response capabilities to protect our 24x7 platform and global workforce
  • Fulltime
Read More
Arrow Right

Security Engineering Lead

Citi's Application, Platform and Engineering team is looking for a Security Engi...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bring your deep-dive application security engineering expertise from building production systems
  • thrive in a results-driven environment, where flexibility fuels impact
  • be a game-changer, ready to step beyond your designated role
  • love the synergy of pair programming
  • seize the opportunity to secure AI applications at scale
  • have a relentless passion to learn more about AI security, LLM attacks, and bringing your knowledge to shape Citi's secure AI future
  • proven track record of architecting and building secure, large-scale production applications and business-facing platforms from the ground up
  • hands-on experience finding and exploiting vulnerabilities, conducting red team exercises, and thinking like an attacker to strengthen defenses
  • experience building security tools and secure production systems with Go, Python, JavaScript
  • deep experience with HashiCorp Vault for enterprise-scale secrets management
Job Responsibility
Job Responsibility
  • Build secure AI products
  • conduct penetration testing and vulnerability research
  • design automated security solutions
  • identify and mitigate AI-specific vulnerabilities
  • lead security practices in development lifecycles
  • mentor engineers on secure coding practices.
What we offer
What we offer
  • 27 days annual leave plus bank holidays
  • discretional annual performance-related bonus
  • private medical care and life insurance
  • employee assistance program
  • pension plan
  • paid parental leave
  • special discounts for employees, family, and friends
  • Fulltime
Read More
Arrow Right

Security Engineering Manager

Corporate Tools is looking for a Security Engineering Manager who eats vulnerabi...
Location
Location
Salary
Salary:
185000.00 USD / Year
corporatetools.com Logo
Corporate Tools
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Computer Science or equivalent experience
  • 5+ years building and securing software — hands‑on experience with web frameworks (Rails, Django, Node, etc.) and modern architectures
  • Proven application security expertise: secure SDLC, OWASP, threat modeling, exploit mitigation, and vulnerability remediation
  • Experience leading security or engineering teams — setting strategy, running scrums, conducting reviews, and mentoring talent
  • Strong knowledge of cloud environments (AWS, Azure, GCP) and securing databases (SQL/NoSQL) in production
  • Exposure to offensive and defensive security practices — red team, blue team, or incident response experience a plus
  • Ability to communicate risk and solutions to execs, engineers, and auditors — respected by hackers and trusted by leadership
  • Pragmatic mindset: knows when to enable speed, when to block, and how to automate guardrails to keep teams fast and safe
Job Responsibility
Job Responsibility
  • Lead 6 security engineers across three specialized teams: Red (offense), Blue (defense), and Orange (compliance)
  • Own the security strategy and execution for offensive testing, defensive monitoring, and compliance work — ensuring all three disciplines are aligned
  • Act as the technical anchor for the teams: review code, guide exploits, drive secure architecture decisions, and mentor engineers
  • Partner with product and engineering leads to embed security into development (threat modeling, secure coding, CI/CD guardrails)
  • Build internal security tools and automation that make it easier for product teams to ship securely
  • Oversee red team engagements and turn findings into actionable fixes, not just reports
  • Manage defensive capabilities — incident response, detection engineering, monitoring — and continually improve them
  • Ensure compliance frameworks (SOC2, ISO, PCI, etc.) are met without slowing innovation or creating unnecessary bureaucracy
  • Set a high technical bar: coach, mentor, and challenge engineers to pursue elegant, practical security solutions
  • Balance being a builder and a leader: stay hands‑on enough to earn respect from hackers, but prioritize leading and scaling the team’s impact
What we offer
What we offer
  • 100% employer-paid medical, dental and vision for employees
  • Annual review with raise option
  • 22 days Paid Time Off accrued annually, and 4 holidays
  • After 3 years, PTO increases to 29 days. Employees transition to flexible time off after 5 years with the company—not accrued, not capped, take time off when you want
  • The 4 holidays are: New Year’s Day, Fourth of July, Thanksgiving, and Christmas Day
  • Paid Parental Leave
  • Up to 6% company matching 401(k) with no vesting period
  • Quarterly allowance
  • Use to make your remote work set up more comfortable, for continuing education classes, a plant for your desk, coffee for your coworker, a massage for yourself... really, whatever
  • Open concept office with friendly coworkers
Read More
Arrow Right
New

Information Security Engineer

Responsible for maintaining the integrity and security of enterprise-wide cyber ...
Location
Location
United States , Reston
Salary
Salary:
Not provided
ltconsultingllc.net Logo
LT Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI clearance
  • Bachelor’s degree in Computer Science, Engineering or a related field
Job Responsibility
Job Responsibility
  • Maintaining the integrity and security of enterprise-wide cyber systems and networks
  • Supporting cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff
  • Coordinating resources during enterprise incident response efforts, driving incidents to timely and complete resolution
  • Employing advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection and analysis
  • Supporting internal HR/Legal/Ethics investigations as forensic subject matter expert
  • Performing network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks
  • Reviewing threat data from various sources and develops custom signatures for Open Source IDS or other custom detection capabilities
  • Correlating actionable security events from various sources including Security Information Management System (SIMS) data and develops unique correlation techniques
  • Utilizing understanding of attack signatures, tactics, techniques and procedures associated with advanced threats
  • Developing analytical products fusing enterprise and all-source intelligence
Read More
Arrow Right

Senior Security Engineer

CVS Health offers the opportunity to design, build, and operate a world-class Pu...
Location
Location
United States , Work at Home
Salary
Salary:
111240.00 - 222480.00 USD / Year
https://www.cvshealth.com/ Logo
CVS Health
Expiration Date
December 31, 2025
Flip Icon
Requirements
Requirements
  • 5+ years of experience in the offensive security testing space
  • 2+ years in security automation, platform engineering, or DevSecOps
  • 2+ years of strong automation skills using GitHub runners and JIRA
  • 1+ years of experience designing tests for detection robustness and mitigating brittleness
Job Responsibility
Job Responsibility
  • Help maintain and evolve a secure, scalable adversary-emulation platform for campaign scheduling, agent orchestration, payload execution, and results cataloging
  • Review commercial alternatives for Purple Team exercises using custom runners or commercial tools (e.g., Cymulate, Picus)
  • Provision static or ephemeral test environments via Terraform/Kubernetes across cloud and on-prem infrastructure
  • Develop continuous adversarial threat-simulation tests for defensive control validation and resiliency assessment
  • Generate high-fidelity telemetry for EDR, SIEM, and SOAR to measure detection coverage, latency, and control effectiveness
  • Research detection brittleness, design mutation/variant tests, and enhance test cases to strengthen detection logic
  • Manage work intake pipeline and ensure timely closure of ticketed requests within SLA
  • Produce ATT&CK-mapped artifacts, dashboards, and coverage metrics for Detection Engineering and leadership
  • Enforce platform security through RBAC, secrets management, audit logging, and execution safety controls
  • Collaborate with CTI, Threat Hunt, and SOC teams to evolve test cases based on real-world threats and gaps
What we offer
What we offer
  • Affordable medical plan options
  • 401(k) plan with matching company contributions
  • Employee stock purchase plan
  • No-cost wellness screenings
  • Tobacco cessation and weight management programs
  • Confidential counseling and financial coaching
  • Paid time off
  • Flexible work schedules
  • Family leave
  • Dependent care resources
  • Fulltime
Read More
Arrow Right

Cyber Security Engineering Lead

Join Citi's Cloud Technology Services team to lead and execute critical cyber se...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of relevant cybersecurity and/or IT experience
  • Leadership roles across technology or cybersecurity leading large programs or transformational activities
  • Proven track record of delivering security observability platforms such as telemetry data for performance and/or user experience.
  • Thorough understanding of industry and corporate technology standards for Cyber Security services
  • Demonstrated ability to take ownership and work with cross functional teams to manage multiple projects simultaneously under pressure
  • Advanced analytical and problem-solving skills
  • Consistently demonstrates clear and concise written and oral communication as well as strong presentation skills to both technical and non-technical audiences.
  • Bachelor’s degree in relevant subject or equivalent work experience
Job Responsibility
Job Responsibility
  • Lead a virtual team of Infrastructure Defense professionals.
  • Lead CTB transformational and RTB activities across NDCS and act as focal point managing cyber security platforms
  • Lead, design, own and deliver Security Observability Enablement on a global scale focusing on all related perimeter technologies – such as Firewall Telemetry.
  • Deliver end-to-end dashboards of critical security service based data (such as firewall performance)
  • Working with Transformation Program Directors, Senior Architects, Steering Committees on execution of perimeter security and edge security programs
  • Work with global cyber security industry partners on influencing next generation cyber technology, take part in related R&D efforts.
  • Responsible for inventory, accuracy and engineering excellence activities for assigned services and products.
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs Canada Jobs Poland Jobs Ireland Jobs Spain Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy