Security Engineer
hace 1 día
Barcelona
ppAt Bynder, we don’t just store creative assets; we enable brands to deliver exceptional content experiences that drive business impact. /ppIn an era of exploding content volume and complexity, the world’s most iconic brands, including bSpotify, Campari, and Lacoste /b, trust Bynder as their bsingle source of truth for creative content /b. Our industry-leading DAM platform serves as the strategic engine for brand governance and control. /ppWe are leading the shift from management to bAI-powered content orchestration /b. By integrating human-led, customizable bAI Agents /b directly into our enterprise-grade infrastructure, we enable brands to augment their workforce and intelligently automate high-effort workflows without sacrificing brand integrity. We turn creative content into intelligent assets that accelerate personalization and drive measurable business outcomes. /ppbReady to grow your career by helping the world’s leading brands deliver exceptional content experiences? /b Join our global team of 600+ ‘Byndies’ and help 4,000+ organizations work smarter with their content. Explore this opportunity and apply now to join our team. /ppAt Bynder, we believe security should never be an afterthought. We’re looking for a Security Engineer who thrives in a growth-oriented environment, someone who sees security as a starting point, not the finish line. If you’re hands‑on by nature, energized by breadth, and serious about building security that actually scales in a cloud‑native SaaS environment, you’ll feel right at home here. /ph3bMeet the team /b /h3pWe’re Bynder’s Security team: pragmatic, sharp, and relentlessly focused on enabling secure growth. We favor automation over repetition, integrations over point solutions, and smart security design over checkbox compliance. /ppYou’ll report directly to the VP Information Security and work alongside an Associate Security Engineer who brings strong application security and tooling chops. Together, you’ll cover the full security stack: AppSec, cloud, detection, and governance across a modern, cloud‑native SaaS platform used by thousands of brands worldwide. /ppSecurity at Bynder is a team sport. We work hand‑in‑hand with Platform teams, engineering, and business stakeholders to challenge assumptions, take calculated risks, and continuously raise the bar. It’s how we scale securely, and it’s part of how we win together. /ph3bWhat you’ll do /b /h3ullipPlan and (help) execute penetration tests against web applications, APIs, and cloud infrastructure, and manage external pentest engagements including scoping, vendor coordination, and remediation tracking. /p /lilipEmbed security across the full SDLC: leading threat modeling, security assessments, and vulnerability remediation in close collaboration with our engineering and product teams. /p /lilipOwn and evolve our cloud security posture across our AWS environment, working with Wiz (CSPM, CNS, Code, AI Security) to drive risk prioritization, misconfiguration remediation, and shift‑left security workflows. /p /lilipChampion security controls within our CI/CD pipelines, from IaC scanning and SAST integration to secure deployment practices, working closely with DevOps and development teams. /p /lilipSupport security incident response, investigation, containment guidance, and post‑incident review and help mature our detection and response workflows over time. /p /lilipTranslate compliance requirements (SOC2, ISO 42001, GDPR) into concrete technical controls and act as a technical point of contact for customer security discussions, questionnaires, and enterprise onboarding. /p /lilipConduct vendor and third‑party security risk assessments to protect our supply chain and advise on emerging AI/ML security risks as these technologies become more deeply embedded in our product. /p /lilipShare knowledge and raise the craft, you’ll naturally become a technical anchor for your teammate and a collaborative voice across engineering on what good security looks like in practice. /p /li /ulh3bWhat you bring /b /h3ullip3–7 years of hands‑on experience in application security, cloud security (AWS), or a broad security engineering role. /p /lilipProven experience conducting penetration tests on web applications, APIs, and/or cloud environments, with a solid grip on OWASP Top 10 and common vulnerability classes. /p /lilipSolid understanding of AWS security: IAM, VPC design, cloud‑native architecture and a clear intuition for what secure cloud infrastructure looks like. /p /lilipFamiliarity with application security testing tools (SAST, DAST) and a practical understanding of DevSecOps: you know where to plug in and how to make it stick with developers. /p /lilipStrong communication skills, you can explain security risks clearly to both engineers and non‑technical stakeholders, and you don’t default to “no” when there’s a smarter path forward. /p /lilipA growth mindset and genuine curiosity, you’re comfortable operating across domains, actively building skills you don’t yet have, and you see a broad scope as an opportunity, not a burden. /p /li /ulh3bBonus points if you… /b /h3ullipHave hands‑on experience with Wiz, or other CSPM/CNAPP platforms. /p /lilipHold an offensive security certification (OSCP or similar) or have contributed to bug bounty programmes. /p /lilipHave experience with AI/ML security risks and frameworks (OWASP LLM Top 10, MITRE ATLAS). /p /lilipWrite security scripts, tinker with tools, or keep a personal GitHub with automation or research projects. /p /lilipHave experience with Terraform or IaC security scanning. /p /lilipHave hands‑on experience with Kubernetes and container security. /p /lilipAre familiar with common programming languages (e.g. Python, Java, Scala) and can read and reason about code to support security reviews. /p /li /ulh3bWhat’s in it for you? /b /h3ullipA flat organization where your ideas matter and your impact is tangible: you won’t be waiting for sign‑off to make things better. /p /lilipReal breadth and ownership across a modern, cloud‑native security stack across a high‑growth SaaS platform. /p /lilipA clear growth path, we invest in people who step up, and this role has room to evolve as you do. /p /lilipFlexibility to work from home, with weekly office time in Rotterdam and Amsterdam. /p /lilipCompetitive salary and benefits. /p /lilipUnlimited vacation policy. /p /lilipApple gear, daily lunch, and team events organized by our legendary Fun Force. /p /li /ulpbIf you don’t tick every box but you’re the kind of person who figures things out, speaks up, and raises the standard around you, we’d still love to hear from you. /b /ph3bOur commitment /b /h3pBynder Love is the principle that guides the way we grow our teams, support our employees, and celebrate our differences. At Bynder we strive to create a culture that embraces every Byndie because differences in background, experience, and perspective make Bynder even better. At Bynder a diverse, inclusive, and equitable workplace is one where all employees, whatever their ethnicity, color, sex, age, religion, disability, sexual orientation, gender identity, national origin, or physical and mental ability are valued and respected. Our commitment is for all Byndies to have the freedom to be their true authentic selves. /ppJust as we are never finished innovating, Bynder’s commitment to being An Even Better Bynder is a constant, evolving commitment that includes education, listening, and action. /p /p #J-18808-Ljbffr