IT Security Expert creating and managing SIEM solutions to strengthen Europe's defence capabilities. Collaborating in a small elite team to solve significant security challenges rapidly.
About the role
- Professional focused on Cloud Security solutions and DevSecOps at innovative tech consulting firm Leega. Implementing security for AWS services and integrating security analysis tools.
Responsibilities
- Develop and implement AuthN/AuthZ mechanisms for APIs, microservices, and enterprise integrations using mTLS and OAuth2
- Design and implement security solutions integrated with the cloud and DevOps pipelines
- Automate deployment of security resources and solutions using Infrastructure as Code (IaC) — Terraform and GitHub Actions
- Integrate security analysis tools (SAST, DAST, SCA, IAST) into CI/CD pipelines
- Apply and automate hardening for EKS, Istio, Lambda, and infrastructure provisioned via Terraform
- Implement security policies and encryption controls for S3, DynamoDB, and other AWS services
- Manage digital certificates via ACM and secrets via Secrets Manager
- Support development teams in adopting secure patterns and remediating vulnerabilities
- Automate security validations and drive continuous improvement
- Document technical standards and security best practices
Requirements
- Strong experience in AWS Cloud Security, including IAM (RBAC/ABAC), KMS, Secrets Manager, Certificate Manager (ACM), CloudTrail, GuardDuty, WAF, Macie, and Security Hub
- Experience developing and implementing security solutions, including building reusable components, automating controls, and securing integrations between systems
- Hands-on experience with DevSecOps, integrating SAST, DAST, SCA, IAST, and IaC security into CI/CD pipelines (GitHub Actions)
- Knowledge of Authentication and Authorization (AuthN/AuthZ) for APIs and enterprise integrations, using OAuth2, OpenID Connect, JWT, JWE, and mTLS
- Experience securing APIs and microservices
- Experience with AWS services: API Gateway, Cognito, Lambda, DynamoDB, S3, and Load Balancers (ALB/NLB)
- Knowledge of Kubernetes (EKS) and Istio, including mTLS between services, network policies, access control, and workload hardening
- Experience with Infrastructure as Code (Terraform), applying policy-as-code, automated validation, and secure configurations
- Strong knowledge of cryptography, digital certificates (PKI), TLS/mTLS, and protection of data in transit and at rest
- Experience with SDLC/SSDLC and secure development practices
- Intermediate/advanced English and Spanish
- AWS or security certifications (AWS Security Specialty, Solutions Architect, DevOps Engineer, Security+, or similar) — desirable
- Experience with Threat Modeling and MITRE ATT&CK — desirable
- Development of internal security frameworks or libraries — desirable
- Use of AI applied to security automation and analysis — desirable
- Experience in regulated environments (financial sector) — desirable
Benefits
- Porto Seguro medical insurance
- Porto Seguro dental insurance
- Profit Sharing (PLR)
- Childcare assistance
- Alelo meal and food vouchers
- Home office allowance
- Partnerships with educational institutions
- Support for certifications, including cloud certifications
- Livelo points
- Total Pass membership
- Mindself
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Manager in Regulatory Compliance ensuring effective risk management within the Information Security Group. Overseeing regulatory compliance and governance while leading automation efforts.
Information Security Engineer overseeing security tasks, ensuring implementation of security controls. Collaborating with legal and technical teams in a professional office environment.
Security Administrator managing security across cloud and on - premises environments at Homecare Homebase. Collaborating with teams for patient care systems security and compliance.
Principal Security Engineer shaping security strategy for enterprise IT systems and software products at RedCloud. Leading a team to ensure robust security practices for business growth.
Security Lead at Qargo overseeing security strategy and implementation for a cloud - native transport platform. Collaborating with engineering to ensure compliance and resiliency across Europe.
Project Manager for cybersecurity at Consort Group, leading security solution implementations and client engagement. Collaborating within teams to execute comprehensive cybersecurity projects while ensuring client satisfaction.
Infrastructure Security Consultant deploying and implementing network security solutions at Consort Group. Responsible for analyzing and producing comparative syntheses of security solutions with a hybrid work arrangement.
Cyber Security Engineer responsible for application security and vulnerability management for Consort Group. Supporting secure development practices and collaborating with development teams to identify and mitigate security risks.
Cybersecurity Intern supporting Keenova's security program through hands - on experiences and mentorship. Engaging in various cybersecurity functions and contributing to meaningful projects.