Security Engineering Lead at Outset overseeing security policies, compliance, and hands - on security engineering. Collaborating with teams to ensure secure product infrastructure and practices.
About the role
- IT Security Engineer designing and implementing cybersecurity measures for aerospace innovations at Destinus. Collaborating with IT engineering and Global Information Security Manager to ensure compliance with standards.
Responsibilities
- **What You´ll Do**
- **Security architecture and strategy**
- Develop and implement IT security policies, standards, and procedures, evolving IT and cloud environments toward cybersecurity best practices and zero-trust principles.
- Translate risk assessments, ISMS requirements, and regulatory obligations (ISO 27001, NIST, export control/defence standards) into technical controls.
- Contribute to cybersecurity roadmaps aligned with group strategy, including migration from a Google-centric to a Microsoft-based architecture.
- **Cloud and enterprise security engineering**
- Design and implement cybersecurity baselines for Microsoft 365, Entra ID, Intune, AWS, and on-prem Unix and Microsoft systems, integrated with existing environments.
- Define and maintain secure configurations for identity and access management, conditional access, logging, and monitoring across cloud and on-prem platforms.
- Collaborate with IT and engineering teams to harden Windows, macOS, and Linux endpoints using EDR, MDM, and configuration management tools.
- **Monitoring, detection, and incident response**
- Implement and tune SIEM/SOAR detections (e.g., Microsoft XDR or equivalent) covering key attack surfaces.
- Define logging, alerting, and runbooks for IT support and operations teams.
- Lead or support investigations of complex cybersecurity incidents, including root-cause analysis and remediation.
- Coordinate with the IT SOC team.
- **Security operations and projects**
- Own end-to-end delivery of major security initiatives, including scoping, solution design, implementation planning, and success metrics.
- Collaborate with IT on network segmentation, VPNs, and secure connectivity for offices, labs, and cloud workloads.
- Support vulnerability management and patching by providing prioritization and remediation guidance.
- Contribute to supplier and SaaS security assessments for tools used by Destinus.
- Deliver security awareness training and create user instructions.
- **Governance, collaboration, and awareness**
- Provide technical input to policies, standards, and procedures for IT, cloud, and endpoint security.
- Work with the Global Information Security Manager on ISO 27001, Part-IS, aviation/defence compliance, and customer audit support.
- Act as a cybersecurity subject-matter expert for engineering teams, promoting secure-by-design practices in software and hardware development beyond IT.
Requirements
- **What You’ll Need**
- Bachelor’s degree in computer science, information security, engineering, or equivalent practical experience
- At least 5 years of solid and hands‑on experience in IT security engineering, systems engineering, or cloud security in a corporate or high‑tech environment.
- Demonstrable track record of delivering relevant security projects with measurable impact (e.g. hardening M365/Azure, rolling out EDR/XDR etc., SIEM onboarding, zero‑trust initiatives).
- Certifications such as CISSP, CISM, CEH, or equivalent are a plus.
- Strong experience with Microsoft 365 / Entra ID / Intune and AWS security configuration (identity, access, conditional access, logging, compliance).
- Good knowledge of at least one major cloud platform beyond Azure (e.g. AWS) from a security and operations perspective.
- Solid understanding of networking (TCP/IP, routing, VPN, firewalls, DNS) and how to apply segmentation and connectivity securely.
- Experience with SIEM/SOAR tools and log management (e.g. Microsoft Sentinel, Splunk, or similar).Experience with endpoint security and management (EDR, MDM, configuration management) across Windows, macOS, and ideally also Linux.
- Ability to script/automate (PowerShell, Python, or similar) for policy deployment, hardening, and monitoring.
- Familiarity with information security management and risk handling - ISO/IEC 27001/27002, NIST CSF or SP 800‑53, and related controls.
- Experience working in or with regulated environments (aviation, defence, safety‑critical systems, or similar) is a strong plus.
- Understanding of secure software and infrastructure practices (least privilege, zero trust, secure configuration, change management).
Benefits
- **Why Join Us?**
- **✨ The Thrill of the Future – Work on cutting-edge projects that redefine aerospace.** ✨ Global Innovation Hub – Collaborate with top engineers from all over the world.** ✨ Fast-Paced & High-Growth – Experience the rush of working in a rapidly expanding company.** ✨ Real Impact – Your work won’t be theoretical—it will shape the future of flight.**
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Penetration Tester working on TIBER and Red Team assignments in high - security sectors. Collaborate with experts to deliver comprehensive security assessments and enhance organizational security.
Senior Security Delivery Engineer safeguarding digital infrastructure at nbn by embedding security into CI/CD pipelines. Collaborating within DevSecOps teams to ensure resilient platforms.
Senior Cloud Security Engineer at Semperis focusing on preventative security and cloud architecture. Collaborating with teams to enhance security around cloud environments and regulatory requirements.
Product Manager driving secure communications solutions in a highly regulated environment. Collaborating with cross - functional teams to deliver product lifecycle from planning to field adoption.
Manager overseeing Identity and Access Management services at PwC. Collaborating with stakeholders to drive cyber resilience and compliance in complex environments.
Cybersecurity Shift Lead at PwC focusing on overseeing cybersecurity operations for clients. Leading teams and ensuring operational excellence during shifts across cybersecurity towers.
Director of Physical Security building security function for Swarmer, a tech company developing autonomous drone software. Overseeing security measures and fostering a proactive security culture.
Director of Physical Security managing comprehensive corporate security strategies for a defense tech company. Leading physical security operations, ensuring safety across facilities and collaboration with international defense bodies.
OT Cybersecurity Engineer tasked with maintaining security for Operational Technology environments. Evaluating incident response, monitoring solutions, and ensuring compliance in cybersecurity frameworks from SBM Offshore in Brazil.