Do you want to work in an Agile environment challenged by the latest trends on software engineering?

This is a unique opportunity to be part of an exceptional company that is transforming how thousands of user experience shopping.

You’ll be working within the Information Security Team as a Product Security Engineer. You will be responsible for the end-to-end security of key digital products and you will be working closely with software engineering in achieving product and security objectives. You will be designing security controls and helping to validate that our services, applications, and emerging technologies are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and decisively taking action to mitigate emerging threats throughout a full secure development life-cycle (SDLC).

Main responsibilities:

• Direct report to the Chief Information Security Officer and Domain Tech Lead.

·       Security reviews for new products, technologies, and services

·       Secure design, architecture, and implementation

·       Secure development life-cycle (SDLC) practices including threat modeling and security testing

·       Influence decision-makers and stakeholders to achieve a consistently high security bar

·       Conduct network and/or application penetration testing

·       Create security guidance and documentation

·       Develop security tools and automation

·       Develop and deliver security training and outreach to internal development teams

·       Lead security projects (including security reviews, tool development, and creation of new security practices) with end-to-end ownership

·       Support for mentoring, team building and recruiting activities

Required basic experience:

·  Bachelor (undergraduate) degree in a relevant field (Computer Science, Software Engineer, Security, or others) OR an equivalent combination of education, training, and experience

·       Minimum of 5 years of professional experience with any combination of at least 2 technical disciplines, including the following: cloud security, network security, application security, mobile security, secure development methodologies, software development and coding, identity management, authentication and authorization, network architecture, system administration, and systems engineering

Desired experience:

·      Professional experience conducting security assessments, including penetration testing

·      Ability to lead through influence within a secure development life-cycle for multiple products and technologies, meeting customer expectations for security

·      Experience implementing security solutions that resolve security and business risk trade-offs

·      An understanding of networking and communication protocols (such as TCP/IP, UDP, SSL/TLS, IPSEC, HTTP, HTTPS, BGP)

·     An understanding of cryptography, web service frameworks, mobile application architectures, and service architectures (such as event-driven, service-oriented, or serverless architectures)

·       Familiarity with reverse engineering or vulnerability research

·       Familiarity with physical, infrastructure, or hardware security

·       Experience with one or more programming languages (Microsoft .net, Swift, Kotlin, python, React Native, javascript) for the purpose of code review

·       Strong written and verbal communication skills (Spanish and English)

·      Ability to communicate deep technical issues in terms of business risk with non-experts and senior leaders

·       Strong bias for action balanced with a strong ability to dive deep into problems

·       Strong ownership, urgency, and drive

·       Strong analytical abilities and design skills

·       Able to work in a diverse team

What we offer

• Brand new office located in Plaza Catalunya, the heart of Barcelona.

• Work in one of the top 10 IT hubs in BCN

• Develop your skills even further by working with some of the best talent in Barcelona.

• 23 days of holiday + your birthday 

• Reduced working hours in August: 9-15h.

• 9-15h working hours every Friday of the year.

• Filtered water, biscuits, fresh fruit, wide selection of teas and coffee (Nespresso, what else?)

• Full medical insurance cover 

• Ticket Restaurant for 170€ / month

• Life and disability insurance

• 500€ Wellbeing Voucher

• Tax free benefit for transport and kindergarden.

• Language courses: English, German and Spanish 

Join the challenge!