Codeway

Senior DevSecOps Engineer

Codeway

full-time

Posted on:

Location Type: Hybrid

Location: BarcelonaSpain

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSCloudCyber SecurityJenkinsKubernetesPythonTerraform

About the role

  • Develop and implement security training programs for development and operations teams to promote best practices in secure coding and deployment.
  • Establish and enforce security policies, standards, and procedures that align with industry best practices and regulatory requirements.
  • Conduct regular security assessments, vulnerability scanning, and penetration testing to identify and mitigate security risks.
  • Lead and coordinate response to security incidents, ensuring quick resolution and thorough investigation to prevent recurrence.
  • Design and implement secure cloud architectures, including network security, identity and access management, and data protection strategies.
  • Integrate security tools and practices into CI/CD pipelines to automate security testing and ensure secure code deployment.
  • Set up and maintain security monitoring and logging solutions to detect and respond to potential security threats in real-time.
  • Ensure compliance with relevant legal and regulatory requirements, such as GDPR, and others applicable to Codeway’s operations.
  • Work closely with DevOps, product teams, and other stakeholders to embed security into every stage of the software development lifecycle.

Requirements

  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
  • Minimum 5-8 years of experience in cloud security engineering or a related role.
  • Proven experience with public cloud platforms (Google Cloud, AWS).
  • Strong understanding of Kubernetes security.
  • Demonstrated experience in mobile application security, including securing mobile APIs, OWASP Mobile Top 10 risks, and mobile secure development practices.
  • Familiarity with security tools and platforms (e.g., SIEM, IDS/IPS, vulnerability scanners), with the ability to support their integration and follow up on findings in collaboration with relevant teams.
  • Certifications (Nice to have): Relevant certifications such as CISSP, CISM, CEH, or cloud-specific certifications like AWS Certified Security - Specialty, Google Professional Cloud Security Engineer.
  • Proficiency in scripting and automation (e.g., Python, Bash).
  • Deep understanding of network security, encryption, and key management.
  • Familiarity with DevSecOps practices and tools (e.g., Jenkins, GitLab CI, Terraform).
  • Excellent problem-solving and analytical skills.
  • Strong communication skills, with the ability to explain complex security concepts to non-technical stakeholders.
  • Proactive and self-motivated with a strong sense of ownership and accountability.
Benefits
  • Private health insurance, meal card, and wellness support
  • Annual learning and development budget for courses, tools, and conferences
  • Free access to Codeway’s suite of AI, wellness, and education apps
  • Relocation support for international hires, including visa and housing assistance
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cloud security engineeringKubernetes securitymobile application securityscriptingautomationnetwork securityencryptionkey managementvulnerability scanningpenetration testing
Soft Skills
problem-solvinganalytical skillscommunication skillsproactiveself-motivatedownershipaccountability
Certifications
CISSPCISMCEHAWS Certified Security - SpecialtyGoogle Professional Cloud Security Engineer