Role overview

Senior DevSecOps Engineer (Spain)

Requirements and responsibilities

Readable role content extracted into sections for faster review.

Base salary range: 85,000 - 110,000 EUR

  • Stock options are part of every full-time offer, granted on top of the base salary range above. We want everyone here to be a genuine stakeholder in what we're building.
  • We conduct two performance reviews annually. The first addresses performance ratings, bonuses, and promotions. The second encompasses these elements along with salary adjustments reflecting inflation and market conditions.

Cloud and Infrastructure Security

  • Own security across our AWS environments (primary), with additional exposure to GCP and Vercel: IAM, Security Hub, CloudTrail, GuardDuty, KMS, and related controls.
  • Design, maintain, and monitor security controls across cloud infrastructure: logging pipelines, alerting thresholds, key management, and privileged access workflows.
  • Manage security-relevant access controls across cloud environments and internal systems, including service accounts, credential rotation, and periodic access reviews.
  • Provide security input to IT & Infrastructure on network segmentation, endpoint security baselines, and cross-system access policies, without owning those systems yourself.

Application and Developer Security

  • Secure our CI/CD pipelines and GitHub Actions environments: secrets management, supply chain risk, and dependency vulnerability workflows.
  • Perform secure code reviews and provide hands-on application security support to engineering teams.
  • Review authentication flows, payment logic, and API security with human judgment, not just automated scanners.
  • Partner with engineers to remediate vulnerabilities and embed security practices into the development lifecycle.

Vulnerability and Incident Management

  • Own vulnerability management end-to-end: identification, prioritization, remediation tracking, and verification.
  • Coordinate our external security review program with third-party audit and penetration testing firms.
  • Support incident response through internal triage and investigation, working alongside our external 24/7 response partners.

Compliance and Audit Support

  • Support SOC 2 and other compliance efforts by collecting evidence, documenting controls, and maintaining audit-ready processes for engineering and security-related controls.
  • Contribute to DORA compliance initiatives where applicable.
  • Maintain clear, auditable documentation of security processes to support audit cycles and long-term knowledge transfer.

Must Haves

  • 4–8 years of experience as a security engineer, with a clear security-first background rather than a generalist infrastructure background.
  • 3+ years of hands-on experience securing AWS environments: IAM, Security Hub, CloudTrail, GuardDuty, and KMS.
  • Strong practical knowledge of CI/CD security: GitHub Actions, secrets scanning, and dependency management.
  • Experience with secure code review or core application security concepts (OWASP, auth flows, API security).
  • Experience working within at least one compliance framework, SOC 2 preferred, with ISO 27001 or similar acceptable.
  • Fluent communicator across technical teams — you can work productively with developers and IT engineers without needing to own their domains.
  • Self-directed and organized. You track your own work and do not drop threads.
  • Experience using AI-assisted tools such as Claude or GitHub Copilot for security automation or research.
  • Ability to work flexible hours if an incident arises.

Nice to Haves

  • Experience at a fintech, payments, or crypto company.
  • Familiarity with DORA or MiCA compliance requirements.
  • Exposure to blockchain or crypto-specific security considerations.
  • Prior experience where security work regularly intersected with IT or infrastructure teams.

How to Succeed

  • Take a security issue from identification through remediation with minimal guidance.
  • Prioritize based on risk and impact, not on who is asking the loudest.
  • Contribute meaningfully to Engineering and IT conversations without needing to own those functions.
  • Document clearly enough that an auditor or a teammate can follow the trail six months later.
  • Push back when something is insecure, and offer a practical alternative.
  • Know when to escalate versus handle independently.

Benefits

  • Extensive access to leading AI tools and subscriptions, with AI actively encouraged and integrated into daily workflows.
  • Unlimited Paid Time Off.
  • Parental Leave program.
  • Company laptop and allowance for any necessary home equipment.
  • Daily stipend for in-office meals and/or commuting to the office.
  • Three company-paid off-sites each year. Recent ones include: Miami, Lisbon, Medellín, Panamá.
  • Health + Dental insurance fully covered by Crossmint.
  • Flexible retribution with tax benefits through Cobee.

Our Principles

  • Results and delivery: Ship high quality work fast.
  • Build for the long term: Build scalable, secure, and reliable solutions. Use AI.
  • Extreme Ownership: Be an effective Directly Responsible Individual (DRI). Be proactive.
  • Be a team player: Be an effective and kind colleague providing credible challenge. Be present and reliable.

Who will be in contact with you

  • Adolfo Fernández - Head of People Ops
  • Gloria Alogo - People Ops, Onboarding & Benefits
Similar roles

Keep a backup shortlist.

Browse stack
FocusDevSecOps EngineeringRole area
Seniority signalSeniorCandidate level
StackAWS, CI/CD, GCPPrimary skills
Location2 accepted countriesEligibility

Stack

Use these tags to compare similar remote roles.

Location eligibility

Candidates should apply only when their profile country is listed here.

Your profileCountry not setSign in to check your country against this role.

Hiring flow

WithMira shows the role, then sends candidates to the company application.

1Check role fit, stack, and location eligibility in WithMira.
2Open the company application page from the tracked apply link.
3Save the role or subscribe for similar opportunities before leaving.
Apply on company siteCompany siteOpen link