Senior SecOps Engineer (100% remote-friendly within Spain)

Company Description

Welcome to the good side of tech 👋

You might have heard about us, but with a different name: Doctoralia. It all started 10 years ago, when we asked ourselves: is anyone in healthcare thinking about patients? We jumped in and we empowered patients by giving them access to leave and read reviews about their visit. We then provided doctors with the technology to manage bookings easily and save time, so they could devote themselves to what they always wanted: treating patients. And today is the day in which we ask you: wanna join us in the next step of making the healthcare experience more human?

Docplanner at scale

We are leaders in 13 countries so far, and more than 90 million patients trust us every month (we drive over 1 billion clicks per year globally from search engines!). 

210.000 specialists believe in us and our product, and so do leading venture capital funds such as Point Nine Capital, Goldman Sachs Asset Management and One Peak Partners. And yet, employing over 2.500 people all over the globe, we managed to keep the startup-mindset we started with over 10 years ago.

How does Docplanner Tech fit here?

At Docplanner Tech we are a diverse group of over 400 people working in Engineering, Data, and Product teams. We are responsible for building the product for all locations. Many of us have been here for over 5 years, yet we still welcome each new person with great joy and excitement.

We could tell you about us, but we will let our reviews on Glassdoor speak for themselves. In case you’d like to see how it feels to be 100% yourself at work, here’s a video of us. 

And why should you join us?

Because it feels good to tell your family and your friends how you made the world a little bit better. You go to bed knowing that what you do matters, and that your talents align with your beliefs.

We want to make the healthcare experience more human, and that starts with you being you. We believe that taking the diversity of human experience into account makes a better healthcare experience for all . We’re not just different: we embrace diversity. We will encourage you to come to work your whole self, and that includes not coming to the office at all if you prefer not to, as we're 100% remote friendly.

Job Description

We are looking for a seasoned Senior Security Operations Analyst/Engineer to join our team. In this role, you will lead incident response initiatives and conduct thorough cybersecurity investigations to mitigate risks effectively. You will play a key role in enhancing our security program by refining processes and optimizing tooling to strengthen our overall cybersecurity posture.

As a Senior Engineer, you will be responsible for designing and implementing advanced threat detection and mitigation strategies across diverse technology landscapes. Your ability to communicate complex risks and incidents clearly to stakeholders is crucial for maintaining transparency and building trust. Additionally, you will ensure compliance with industry standards and regulations, such as NIST, ISO 27001, and SOC 2 Type 2.

This is a global position requiring flexibility with occasional out of hours and weekend work.

Responsibilities:

• Helping defining the security operations roadmap by designing and implementing long term strategies

• Improve and maintain processes, tooling, documentation and training to mature and enhance cybersecurity incident response

• Design, implement and maintain security events monitoring systems

• Perform daily alert investigation and incident response in both cloud-native and traditional environments

• Identify, scope, and manage ongoing incidents for our customers, developing remediation plans to improve security maturity

• Normalize, analyze and identify security events from application logs

• Assist our development and operations teams on improving our log monitoring capabilities

• Implement threat intelligence feeds and automation

Qualifications

• 5+ years of security operations experience, including alert triage, investigation, and incident response
• Experience designing, building and maintaining monitoring and alerting systems from scratch
• Proficiency in managing the incident lifecycle with the ability to handle multiple work streams concurrently
• Strong understanding of secure software development practices, including knowledge of common vulnerabilities such as OWASP Top 10.
• Effective communication skills to articulate complex technical issues to diverse audiences (IT professionals, executives, business decision-makers) in a clear, authoritative, and actionable manner
   

Nice to Have:

• Familiarity with scripting languages (Python, Bash…) and APIs

• Awareness of cybersecurity standards and regulations such as NIST, CIS, ISO 27001, and PCI DSS

• A basic understanding of Forensic processes

Tools and Technologies:

• SOC Tech stack deployment and management. 

• Threat detection / Log Analysis and correlation / SIEM platforms

• Application security / WAF platforms 

• Infrastructure as Code, Terraform

• Kubernetes

Additional Information

Let’s talk money

• A salary adequate to your experience and skills between 62,000 and 85,000 EUR annually.The range is broad so that we can accommodate our roles for all levels of experience, but we will show you the career ladder to explain where we see your skills and impact within the company". Your salary will be, now and always, 100% transparent to you;

• Flexible remuneration and benefits system via Flexoh, which includes: restaurant card, transportation card, kindergarten, and training tax savings;

• Share options plan after 6 months of working with us.

True flexibility and work-life balance

• Remote or hybrid work model with our hub in Barcelona;

• Flexible working hours (fully flexible, as in most cases you only have to be on a couple of meetings weekly);

• Summer intensive schedule during July and August (work 7 hours, finish earlier);

• 23 paid holidays, with exchangeable local bank holidays;

• Additional paid holiday on your birthday or work anniversary (you choose what you want to celebrate).

Health comes first 

• Private healthcare plan with Adeslas for you and subsidized for your family (medical and dental);

• Access to hundreds of gyms for a symbolic fee in partnership for you and your family with Andjoy;

• Access to iFeel, a technological platform for mental wellness offering online psychological support and counseling. 

Keep growing with us

• Free English and Spanish classes.