Senior Security Engineer
hace 2 días
Barcelona
At The Knot Worldwide, we champion celebration – and that starts with celebrating our people. Our employees are passionate dreamers, thoughtful doers, and lifelong learners who power meaningful moments for millions around the world. We’re united by authentic connection, shared purpose, and a deep commitment to the global community we serve. Here, flexibility and belonging go hand in hand with high performance. ¿Tiene las siguientes habilidades, experiencia e impulso para tener éxito en este puesto? Descúbralo a continuación. About the Role and Our Team The TKWW InfoSec Team is seeking a Senior Security Engineer to lead strategic security initiatives, mentor team members, and address the most complex and ambiguous technical and programmatic security challenges. You will act as a subject‑matter expert, take ownership of critical security domains, influence architectural decisions across engineering teams, and help set the long‑term vision for security at TKWW. Successful Senior Security Engineers at TKWW are recognized as technical leaders who work with full autonomy, solve ambiguous problems, mentor junior team members, and effectively drive cross‑functional change. You must possess exceptional problem‑solving and communication skills, a comprehensive understanding of advanced cloud security architectures and emerging threats, the ability to influence technical and executive stakeholders, and a proven track record of delivering highly secure platforms and technologies. Responsibilities • Lead and drive the strategy, design, and implementation of security controls and secure patterns across all TKWW corporate and production environments., • Mentor junior security engineers and provide technical guidance on complex security issues, fostering a culture of security within engineering., • Architect and implement advanced, secure, and scalable containerized architectures in multi‑cloud environments., • Collaborate with engineering leads to define product and platform roadmaps, ensuring security requirements are integrated from the initial design phase., • Own and continuously improve threat detection, application security, vulnerability management, and assessment procedures, acting as the final escalation point for complex remediation efforts., • Act as a Subject Matter Expert (SME) for one or more critical security domains (e.g., Identity and Access Management, Data Protection, Cloud Network Security)., • Lead the response and post‑mortem analysis for high‑severity security incidents, driving long‑term preventative measures., • Identify and implement strategic opportunities to improve process maturity and automation, including developing sophisticated internal security tools and procedures., • Provide continuous technical support and escalation management for security‑related issues throughout TKWW. Required Qualifications • Bachelor's Degree in Computer Science or a related field (Master's degree preferred)., • A minimum of 5+ years of progressive security engineering or security architecture experience is required, with a focus on large‑scale, production environments., • 5+ years of hands‑on experience securing cloud applications and infrastructure (AWS strongly preferred, multi‑cloud experience a plus)., • Proven track record of leading or mentoring major cross‑functional projects to their successful completion., • Deep and comprehensive understanding of security vulnerabilities, attacker exploit techniques, and methods for large‑scale, automated remediation., • Expert‑level understanding of public cloud infrastructure and services in Akamai, AWS (IAM, VPC, KMS, CloudWatch, Systems Manager, S3, RDS, Route53, Lambda, AWS Config, etc.)., • Expert‑level understanding of Docker and container orchestration with Kubernetes and hands‑on experience securing production EKS/GKE clusters., • Proven experience with advanced application security concepts, including designing and securing microservice and API‑based architectures., • Experience with security tooling, including WAF and Bot Management platforms., • Excellent written and verbal communication skills, with the ability to articulate complex security risks and technical requirements to both non‑technical executive stakeholders and highly technical engineering/DevOps teams., • Proven ability to operate with a high degree of autonomy, acting as a self‑starter who drives projects to successful completion with minimal oversight. Nice to Have • Experience with scripting and automation (Python, Go, or other modern languages)., • Relevant industry certifications (e.g., CISSP, CISM, AWS/Azure Security, GSEC)., • Advanced experience in security engineering, DevOps, or IT operations roles, with expertise in CI/CD pipeline security., • Experience in defining and enforcing security policies across a diverse, global organization. What We Love About You • Commit to our customers: You act as one team on behalf of our customers. You lead with head and heart, and build what matters for life's most meaningful moments., • Raise the bar: You define "great" and work backwards. You don't just accept how it’s been done, but boldly define how it should be. You are unafraid to innovate, learn, and keep moving forward toward our shared vision., • Be all in: You believe in our mission and take ownership of your work. You debate openly to reach the best outcomes, speaking with clarity and care, embracing diverse perspectives, then commit fully., • Celebrate impact: You measure success by the outcomes you create. You hold yourself accountable to delivering value, while recognizing progress and the lessons learned along the way. You love to win, together. What You Love About Us We believe in a wide range of holistic offerings to support our employees so that they can live our values day in and day out. From mental wellbeing, physical health and financial planning, to engaging perks and discounts, we are in the business of celebrating and supporting the Moments that Matter, both in and out of the office. We offer flexible vacation, generous parental leave, and prioritize initiatives that support the growth, development, and happiness of our people. is our approach to hybrid work. It’s designed to support how we work best: combining the flexibility we value with meaningful opportunities to connect in person. Whether a role is ‑eligible or not, we believe in purposeful moments to come together, build strong relationships, and drive bold ideas forward. • For ‑eligible roles, this includes regular in‑office time to foster collaboration and connection., • For roles not eligible for in‑office expectations, we support connection through virtual collaboration and intentional gatherings. To facilitate in‑person collaboration, we have office spaces in Barcelona, Spain; Delhi, India; Galway, Ireland; London, England; New York, NY; and Washington, D.C. US Notice The Knot Worldwide provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, or disability. In addition to federal law requirements, The Knot Worldwide complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. The Knot Worldwide expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Privacy Notice: The Knot Worldwide (TKWW) processes your personal data to evaluate your application, based on the legal ground of taking steps prior to entering into a potential employment contract. Only the data strictly necessary for this purpose is collected. In some cases, your data may also be processed based on TKWW’s legitimate interests (e.g., to improve recruitment practices or manage candidate pools), to which you can object at any time. You have the right to access, rectify, or delete your data, and to object to certain uses. To learn more about your rights, please consult our Privacy Policy. xcskxlj If you wish to file a complaint, you may contact the competent data protection authority. #J-18808-Ljbffr