CrawlJobs Logo

Senior Information Security Engineer

Spain, Madrid Employment contract · Job Posted May 16, 2026
Apply Position
Job Link Share

Job Description

We are seeking a Senior Security Engineer to design, build, and maintain critical security infrastructure and controls across the OneTrust environment. Your work will directly support the delivery of secure enterprise services and customer-facing solutions. This role is hands-on, broad in scope, and spans multiple areas of information security.

Job Responsibility

  • Design, build, scale, and maintain core security infrastructure and controls
  • Respond to security tickets requiring engineering-level configuration changes or enhancements
  • Assist with the investigation and remediation of security incidents
  • Serve as a Security SME for secure cloud infrastructure
  • Provide guidance and feedback on cloud and hybrid security solutions
  • Partner with internal teams to provide security requirements for key initiatives
  • Conduct POCs and collaborate with vendors to evaluate and recommend solutions
  • Implement new security technologies as part of project-based initiatives
  • Communicate project and issue status to management and business stakeholders
  • Create and maintain documentation for security projects and processes
  • Automate repetitive tasks and procedures
  • Update security documentation as threats and techniques evolve
  • Mentor security analysts and junior engineers

Requirements

  • BA/BS in Computer Science, Engineering, Mathematics, or a related field
  • 4+ years of security engineering or related security experience
  • 3+ years of cloud experience
  • Solid understanding of information security principles around confidentiality, integrity, and availability
  • Experience with logging platforms such as Splunk or similar tools
  • Experience with endpoint security platforms (e.g., CrowdStrike, SentinelOne, traditional AV)
  • Scripting proficiency in one or more: Unix/Shell, Python, Golang, Rust, PowerShell
  • Experience with IaC tools such as Terraform or CloudFormation
  • Strong organizational, analytical, and problem-solving skills
  • Ability to make sound decisions in a complex, fast-changing environment

Nice to have

  • Experience with Azure, AWS, or GCP
  • Experience creating CI/CD pipelines for automated security control deployment (e.g., Jenkins, GitLab)
  • Experience with Azure Active Directory
  • Experience writing Splunk SPL or Microsoft KQL queries
  • Background with IDS/IPS, CASB, and DLP technologies
  • Familiarity with SASE solutions (e.g., Zscaler, Netskope, Palo Alto Prisma Access, Cloudflare One)
  • Experience with cloud firewalls such as Palo Alto CNGFW or Fortinet
  • Understanding of Zero Trust networking models
  • Cloud or security certifications (e.g., Azure, AWS, GCP, CISSP, GIAC, CCSP)

What we offer

  • comprehensive healthcare coverage
  • flexible PTO
  • equity RSUs
  • annual performance bonus opportunities
  • retirement account support
  • 14+ weeks of paid parental leave
  • career development opportunities
  • company-paid privacy certification exam fees

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior Information Security Engineer

8 matching positions

Senior Information Security Engineer

Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
July 27, 2026
Flip Icon
Requirements
Requirements
  • 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
Job Responsibility
Job Responsibility
  • Lead or participate in computer security incident response activities for moderately complex events
  • Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
  • Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
  • Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
  • Review and correlate security logs
  • Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
  • Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
  • Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals
  • Fulltime
Read More
Arrow Right
New

Senior Information Security Engineer

SmartRecruiters is looking for a Senior Information Security Engineer to join th...
Location
Location
Poland
Salary
Salary:
Not provided
smartrecruiters.com Logo
SmartRecruiters
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in information security, governance, risk, and/or compliance roles with a technical orientation
  • Demonstrated compliance or auditing experience with at least one major framework
  • Solid understanding of controls auditing principles and evidence management
  • Knowledge of risk management methodologies and experience conducting or supporting risk assessments
  • Ability to manage and deliver on multiple complex projects simultaneously, with minimal supervision
  • The ability to investigate, question, and interpret internal and external IT security and compliance issues at both a governance and technical level
  • A strong understanding of technology, cloud-based products, and SaaS environments
  • Experience working across business units and geographical boundaries to engage engineering, business, and operational teams
  • Experience with ISO 27001
  • Excellent written and verbal communication skills in English
Job Responsibility
Job Responsibility
  • Identify manual, repetitive GRC processes and design automation blueprints to streamline them, including evidence collection, control monitoring, access reviews, policy enforcement checks, and compliance reporting
  • Build and maintain automated workflows using compliance platforms, scripting, or integration tools to reduce manual effort and improve audit-readiness
  • Develop reusable templates, playbooks, and standardised blueprints for recurring GRC activities (e.g., vendor assessments, internal audits, risk reviews) to ensure consistency and scalability
  • Collaborate with engineering and IT teams to integrate security and compliance checks into existing toolchains and CI/CD pipelines where applicable
  • Continuously evaluate and improve GRC tooling, data flows, and reporting to drive operational efficiency across the team
  • Manage stakeholder expectations and partner with internal teams to ensure effective management of IT risks and compliance obligations
  • Maintain regional and local stakeholder relationships, meeting schedules, minutes, and reports
  • Support the maintenance of the SOC 2 Type II framework, including evidence collection, control testing coordination, and audit support
  • Effectively manage ISO 27001 and ISO 22301 audit lifecycles and coordinate with stakeholders on ISMS and BCMS improvements
  • Support the maintenance and continuous improvement of the ISO 42001 (AI Management System) framework in alignment with the EU AI Act
Read More
Arrow Right

Senior Information Security Engineer

Mastercard is seeking candidates to join the Data Protection team with a focus o...
Location
Location
Ireland , Dublin 18
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
October 10, 2026
Flip Icon
Requirements
Requirements
  • Experience operating or designing security governance or enforcement programs in large, complex environments
  • Strong understanding of information security, data protection, and risk management, particularly as applied to SaaS and third party technologies
  • Demonstrated ability to make and defend risk based decisions that balance security, policy, and business impact
  • Experience working cross functionally with Legal, Privacy, Compliance, and Technology teams
  • Ability to clearly document decisions and articulate technical and business impact to diverse audiences
  • Strong verbal and written communication skills, including executive ready summaries
  • Demonstrated technical competency in security engineering through hands on experience or relevant qualifications
  • Design and implement data models and analytics frameworks to support Shadow IT blocking decisions, escalation tracking, and governance reporting
  • Develop automated processes and dashboards to provide visibility into blocking activity, unblock requests, escalation outcomes, and trend analysis
  • Evaluate and integrate data sources (e.g., SaaS discovery tools, cloud telemetry, intake systems) to ensure accurate and timely Shadow IT decisioning data
Job Responsibility
Job Responsibility
  • Contribute to the execution of the Shadow IT and Data Protection roadmap, with primary ownership of enforcement, escalation, and governance processes
  • Develop and maintain a Shadow IT blocking strategy framework for unapproved applications, including: Blocking criteria and decision thresholds, Risk scoring aligned to data sensitivity, access, and exposure, Defined escalation paths for exceptions and high impact cases
  • Document all blocking decisions with clear business justification, technical impact assessment, and alignment to security and data protection policy
  • Establish and maintain communication protocols to notify stakeholders of application blocks, including timelines, approved alternatives, and available support resources
  • Manage unblock requests and escalations and exception processing, coordinating with Security Operations and business stakeholders to evaluate risk and determine outcomes
  • Partner with application, platform, and business teams to define paths to compliance, including remediation, onboarding to approved services, or decommissioning
  • Track and report Shadow IT metrics, including blocking trends, unblock volumes, escalation outcomes, incidents, and stakeholder satisfaction
  • Work side by side with other team members to build and mature the Shadow IT governance process, while taking lead ownership of defined processes such as: Escalations and exception handling, Cross functional coordination, Technical impact assessment, Policy alignment and enforcement
  • Build and operationalize a next generation Shadow IT governance model that provides transparency, consistency, and defensibility across the enterprise
  • Develop a way to automatically tag approved apps
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

The Sr. Information Security Engineering job collaborates with various business ...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Information Security or IT Technology
  • 3+ years of experience leading complex enterprise-wide integration programs and efforts as an individual contributor
  • 3+ years of engineering experience with vulnerability management tools such as Nexpose, Tenable
  • 3+ years of engineering experience with operating systems such as Linux and Windows Server
  • 2+ years of self-leadership experience
  • 2+ years of experience writing Python, GRAPH (GQL)
  • 2+ years of experience working with services in AWS, GCP, OCI, and Azure
Job Responsibility
Job Responsibility
  • Provides operations and engineering support for critical security systems and services including servers, endpoint security, computer forensics, vulnerability/penetration assessment/mitigation, and security event management
  • Leads the cost/benefit evaluation of cloud solutions compared to virtual private networks, dedicated hosting, and in-house solutions
  • Reviews technical feasibility of adopting external cloud based IT platform and infrastructure services within the organization
  • Leads the identification of portions of the organization's IT platform/infrastructure with the highest potential return for cloud deployment
  • Facilitates implementation of the organization's global strategies and initiatives to enhance Information Technology plans, operations and procedures
  • Ensures the execution of vulnerability analysis and exploitation of applications, operating systems and networks
  • Reports identified intrusion or incident paths and methods discovered through testing and evaluation procedures
  • Designs, develops and implements countermeasures, systems integration and tools specific to cyber and information operations
  • Resolves and documents complex malware and intrusion issues within the system as they occur
  • Functions as an internal information security consultant on the standards, complex issues and best practices for the organization
Read More
Arrow Right

Senior Information Security Engineer

At Qualia, we've built the leading B2B real estate technology that transforms th...
Location
Location
United States
Salary
Salary:
180000.00 - 200000.00 USD / Year
qualia.com Logo
Qualia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of professional information security experience, with both a strong defensive foundation and familiarity with offensive techniques
  • Genuine curiosity about how systems work and how they break
  • The ability to write code—whether it's a quick automation script or a more substantial detection tool
  • Hands-on experience with: Security operations tooling (e.g., SIEMs, IDS/IPS, WAFs, log monitoring platforms)
  • Core IT domains, including endpoint management, networking, web applications, and cloud infrastructure
  • Identity and access management concepts (e.g., SSO, MFA, role-based access controls)
  • Navigating the security implications of emerging technologies—including AI and large language models—as the company evaluates and adopts new tools
  • Security automation and orchestration: experience connecting tools, writing integrations, or building workflows that reduce response times and manual effort
  • Penetration testing tools (e.g., Nmap, Nessus, Metasploit, Burp Suite, or similar)
  • The ability to translate complex security concepts into clear, actionable language for technical and non-technical audiences alike
Job Responsibility
Job Responsibility
  • Partner with stakeholders across the business to identify gaps and strengthen Qualia's security posture
  • Uncover security weaknesses in technologies and processes through threat modeling, security assessments, and the development of practical security baselines
  • Build and operate tooling across the full security lifecycle: prevention, detection, investigation, and response
  • Evaluate the security posture of cloud environments, including reviewing configurations, monitoring for drift, and ensuring alignment with organizational security baselines
  • Serve as a point of escalation for customer-reported security concerns, triaging issues, communicating clearly with affected parties, and driving issues to resolution
  • Triage and reproduce vulnerability findings from penetration tests, internal tooling, and external reports—and communicate associated risk clearly to the right audiences
  • Scale security impact through automation and education, making the whole organization more security-aware
What we offer
What we offer
  • competitive equity and benefits package
  • comprehensive health plans
  • a 401k program
  • commuter benefits
  • professional development
  • parental leave
  • a flexible time off policy
  • robust online onboarding program
  • biweekly all hands meetings
  • a variety of internal virtual events to keep employees connected
  • Fulltime
Read More
Arrow Right
New

Senior Information Security Engineer - Firewall Micro-segmentation

Wells Fargo is seeking a Micro-segmentation Senior Information Security Engineer...
Location
Location
United States , Irving; Chandler; Charlotte
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
July 12, 2026
Flip Icon
Requirements
Requirements
  • 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • Experience with Micro-Segmentation security solutions including policy management
  • Experience with scripting
  • Strong understanding of APIs and proficiency in working with JSON, including the ability to interpret, construct, and troubleshoot queries and payloads in support of automation and integration efforts
  • Experience with one or more: Guardicore (Akamai), VMware NSX T, Cisco Secure Workload, Calico/Cilium
  • Experience with Hybrid cloud segmentation in Azure/AWS/GCP (NSG/ASG, SG/NACL, tags/labels)
  • Experience with Service Mesh (Istio/Envoy), Kubernetes NetworkPolicies, OPA/Gatekeeper
  • Scripting skills such as Python/PowerShell, Terraform/Ansible, Git/GitHub, CI/CD
  • ServiceNow IntegrationHub
  • Telemetry (NetFlow/IPFIX/eBPF, VPC Flow Logs) and SIEM analytics (Splunk/Sentinel/Elastic
Job Responsibility
Job Responsibility
  • Design, document, test, maintain, and provide issue resolution recommendations for highly complex security solutions related to Micro-Segmentation
  • Implement requirements and engage teams to create automation / orchestration for the enterprise's Micro-Segmentation solution
  • Help identify new tools and/or features to strengthen enterprise Micro-Segmentation capabilities
  • Serve as a POC for enterprise Micro-Segmentation deployment
  • Implement security designs on large projects for internal clients to ensure conformity with corporate information, security policy, and standards
  • Utilize subject matter knowledge in industry leading security solutions and best practices to implement components of information security
  • Collaborate and provide influence with all members of the microsegmentation team
  • Define and coordinate automation strategies to integrate micro-segmentation with CMDB and user-facing portals, translating business and security requirements into actionable deliverables for development teams
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer (SOC)

We are looking for a Senior SOC Engineer to strengthen our Security Operations c...
Location
Location
Qatar , Doha
Salary
Salary:
Not provided
qic.digital Logo
QIC digital hub
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Information Security as an L2/L3 SOC Analyst/Engineer with strong focus on Incident Response
  • Strong understanding of the incident lifecycle, detection engineering, and response escalation
  • Hands-on experience with SIEM/SOAR platforms (e.g., Splunk, Sentinel, Chronicle, QRadar, Wazuh)
  • Experience conducting security investigations and root cause analysis, as well as documenting those
  • Understanding of common log sources (network, endpoint, identity, application)
  • Experience developing detection rules and playbooks (Sigma, KQL, YAML, etc.)
  • Knowledge of ISO 27001 standards, MITRE ATT&CK and threat intelligence practices
  • Basic scripting or automation skills (Python or Bash)
  • Strong documentation, communication, and cross-team collaboration skills
Job Responsibility
Job Responsibility
  • Define and continuously improve security processes, procedures, and incident response playbooks
  • Optimize security event and log collection based on risk and detection relevance
  • Oversee and improve incident response workflows through post-incident analysis and lessons learned
  • Collaborate with L1-L2 security team members to expand detection coverage and develop new use cases
  • Participate in major security incident investigations, providing technical analysis and remediation guidance
  • Standardize automation and orchestration across SIEM, SOAR, EDR and related tools
  • Ensure alignment of security operations with security policies and frameworks (ISO 27001, NIST, MITRE ATT&CK)
  • Review security architecture for cloud and on-prem environments and recommend improvements
  • Lead investigation and response for high and critical severity incidents
  • Track remediation actions and ensure closure of identified security gaps
What we offer
What we offer
  • Extra paid leave
  • Language classes
  • Meeting with experts
  • Professional development
  • QIC running club
  • Relocation support
  • Remote health insurance
  • Tax consultations
  • Travel discounts
  • USD, EUR, or AED salary payouts
  • Fulltime
Read More
Arrow Right

Information Security Senior Engineer

To lead the organisation’s security assurance and standards capability. The role...
Location
Location
United Kingdom , Coventry
Salary
Salary:
70000.00 - 78000.00 GBP / Year
the-mtc.org Logo
Manufacturing Technology Centre
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in information security assurance, governance or audit‑facing security roles
  • Strong understanding of network security principles and the ability to challenge and validate technical designs
  • Led enterprise classification approach, technically and assured
  • Demonstrable experience supporting customer audits and completing security questionnaires & bid assurance responses
  • Ability to produce clear, evidence‑led documentation that stands up to scrutiny
  • Strong influencing and communication skills
  • Self‑starting approach with high ownership
Job Responsibility
Job Responsibility
  • Own the interpretation and day‑to‑day operation of relevant standards and assurance frameworks (Defence, CE/CE+)
  • Maintain an evidence library and control narratives suitable for customer audits and formal assessments
  • Lead responses to customer security audit requests and new business Security Assurance Questionnaires (SAQs), working closely with technical colleagues
  • Strengthen the organisation’s network security assurance capability: challenge designs, validate controls, and support secure integration into enterprise facilities
  • Coordinate internal assurance activities supporting annual Cyber Essentials Plus including readiness reviews, remediation tracking and evidence pack quality
  • Support incident response governance: ensure playbooks, communications templates and post‑incident learning are maintained
  • Contribute to the cyber security communications channel: support awareness campaigns, targeted briefings and lessons‑learned messaging
  • Support the maintenance of ITSM, and address security governance and design related tickets
  • Play an active role in maintaining & contributing to Security related Dev Ops
What we offer
What we offer
  • Excellent Pension Scheme
  • Flexible Working
  • Fulltime
Read More
Arrow Right