Destinus

IT Security Engineer

Destinus

full-time

Posted on:

Location Type: Hybrid

Location: Madrid • 🇪🇸 Spain

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

Tech Stack

AWSAzureCloudCyber SecurityDNSFirewallsLinuxMacOSPythonSplunkTCP/IPUnix

About the role

  • **What You´ll Do**
  • - **Security architecture and strategy**
  • - Develop and implement IT security policies, standards, and procedures, evolving IT and cloud environments toward cybersecurity best practices and zero-trust principles.
  • - Translate risk assessments, ISMS requirements, and regulatory obligations (ISO 27001, NIST, export control/defence standards) into technical controls.
  • - Contribute to cybersecurity roadmaps aligned with group strategy, including migration from a Google-centric to a Microsoft-based architecture.
  • - **Cloud and enterprise security engineering**
  • - Design and implement cybersecurity baselines for Microsoft 365, Entra ID, Intune, AWS, and on-prem Unix and Microsoft systems, integrated with existing environments.
  • - Define and maintain secure configurations for identity and access management, conditional access, logging, and monitoring across cloud and on-prem platforms.
  • - Collaborate with IT and engineering teams to harden Windows, macOS, and Linux endpoints using EDR, MDM, and configuration management tools.
  • - **Monitoring, detection, and incident response**
  • - Implement and tune SIEM/SOAR detections (e.g., Microsoft XDR or equivalent) covering key attack surfaces.
  • - Define logging, alerting, and runbooks for IT support and operations teams.
  • - Lead or support investigations of complex cybersecurity incidents, including root-cause analysis and remediation.
  • - Coordinate with the IT SOC team.
  • - **Security operations and projects**
  • - Own end-to-end delivery of major security initiatives, including scoping, solution design, implementation planning, and success metrics.
  • - Collaborate with IT on network segmentation, VPNs, and secure connectivity for offices, labs, and cloud workloads.
  • - Support vulnerability management and patching by providing prioritization and remediation guidance.
  • - Contribute to supplier and SaaS security assessments for tools used by Destinus.
  • - Deliver security awareness training and create user instructions.
  • - **Governance, collaboration, and awareness**
  • - Provide technical input to policies, standards, and procedures for IT, cloud, and endpoint security.
  • - Work with the Global Information Security Manager on ISO 27001, Part-IS, aviation/defence compliance, and customer audit support.
  • - Act as a cybersecurity subject-matter expert for engineering teams, promoting secure-by-design practices in software and hardware development beyond IT.

Requirements

  • **What You’ll Need**
  • - Bachelor’s degree in computer science, information security, engineering, or equivalent practical experience
  • - At least 5 years of solid and hands‑on experience in IT security engineering, systems engineering, or cloud security in a corporate or high‑tech environment.
  • - Demonstrable track record of delivering relevant security projects with measurable impact (e.g. hardening M365/Azure, rolling out EDR/XDR etc., SIEM onboarding, zero‑trust initiatives).
  • - Certifications such as CISSP, CISM, CEH, or equivalent are a plus.
  • - Strong experience with Microsoft 365 / Entra ID / Intune and AWS security configuration (identity, access, conditional access, logging, compliance).
  • - Good knowledge of at least one major cloud platform beyond Azure (e.g. AWS) from a security and operations perspective.
  • - Solid understanding of networking (TCP/IP, routing, VPN, firewalls, DNS) and how to apply segmentation and connectivity securely.
  • - Experience with SIEM/SOAR tools and log management (e.g. Microsoft Sentinel, Splunk, or similar).Experience with endpoint security and management (EDR, MDM, configuration management) across Windows, macOS, and ideally also Linux.
  • - Ability to script/automate (PowerShell, Python, or similar) for policy deployment, hardening, and monitoring.
  • - Familiarity with information security management and risk handling - ISO/IEC 27001/27002, NIST CSF or SP 800‑53, and related controls.
  • - Experience working in or with regulated environments (aviation, defence, safety‑critical systems, or similar) is a strong plus.
  • - Understanding of secure software and infrastructure practices (least privilege, zero trust, secure configuration, change management).
Benefits
  • **Why Join Us?**
  • **✨ The Thrill of the Future – Work on cutting-edge projects that redefine aerospace.** ✨ Global Innovation Hub – Collaborate with top engineers from all over the world.** ✨ Fast-Paced & High-Growth – Experience the rush of working in a rapidly expanding company.** ✨ Real Impact – Your work won’t be theoretical—it will shape the future of flight.**

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
IT security engineeringcloud securitycybersecurity architecturerisk assessmentsecurity configurationendpoint securityscriptingnetworkingvulnerability managementincident response
Soft skills
collaborationleadershipcommunicationproblem-solvingproject management
Certifications
CISSPCISMCEH