SecOps Engineer - Barcelona
Barcelona, Spain
papernest
This year marks 10 years since we launched the idea that simplifying our customers' lives is possible by offering an innovative solution that allows them to easily subscribe to, manage, and switch all types of contracts through a unique and intuitive platform.
In that time, we have supported more than 1.5 million customers in France, Spain, and Italy, while investing in new verticals and positioning ourselves as a highly efficient, innovative, and competitive scale-up in a rapidly growing market.
With over 900 employees across 3 locations, we are solidifying our position as a market leader in Europe. We are always on the lookout for talent ready to join a dedicated and motivated team driven by a meaningful project. Working with us means embracing a culture of excellence, innovation, and real impact.
As a SecOps Engineer, you will play a key team role in ensuring the organisation and its technology infrastructure remain secure.
Your responsibilities :
- Collaborate with the DevOps team to enhance the security of our AWS cloud infrastructure, integrating robust security measures into our CI/CD pipelines.
- Work closely with the IT team to ensure security coverage of internal systems, including devices, networks, and account management, aligned with industry best practices and regulatory requirements.
- Develop, implement, and enforce security policies and procedures to meet cloud and internal IT security needs effectively.
- Monitor and analyze security alerts, identify potential threats, and lead incident response efforts across both cloud and internal environments.
- Conduct regular security assessments and audits across AWS and internal systems, identifying vulnerabilities and devising robust mitigation strategies.
- Oversee and support third-party penetration tests and facilitate the achievement of essential security certifications.
- Stay updated on the latest security trends and emerging threat landscapes, applying this knowledge to strengthen our security posture.
- Communicate complex security concepts to a range of stakeholders, from technical teams to non-technical colleagues, ensuring security policies are understood and adopted.
- Act as the owner of NIS2 compliance initiatives within the security team, managing requirements specific to essential entities, including mandatory risk management and incident reporting protocols.
- Create and maintain detailed compliance documentation, regularly reviewing and updating it to reflect any regulatory changes, and coordinating with national cybersecurity authorities for compliance alignment.
Our Stack :
- Cloud: AWS
- Compliance frameworks and security standards (e.g., PCI DSS, ISO 27001, GDPR)
Your profile :
- Proven experience in cloud security (preferably within AWS) and internal IT security.
- Familiarity with compliance frameworks and security standards (e.g., PCI DSS, ISO 27001, GDPR) with an emphasis on risk management, vulnerability management, and incident response.
- Strong skills in network security, encryption, security monitoring tools, and conducting security assessments.
- Ability to manage compliance audits, including developing and maintaining documentation for regulatory reviews.
- Relevant certifications (e.g., CISSP, CEH, AWS Certified Security).
- Experience in infrastructure automation, scripting languages, and container security.
- You are speaking fluently English and a second language (Spanish or French is a big plus).
What we offer :
Thrive in an international and inclusive environment: everyone has a place at papernest. With over 46 different nationalities, it’s not uncommon here to start a sentence in English and finish it en français or en español ¡
💸 Compensation: a plan for Subscription Warrants for Company Creators (BSPCE) in accordance with company regulations, as well as a Pluxee card to manage your tax level through a voluntary compensation system across different services (transportation, dining, and childcare).
🏆 Benefits: as a home insurance provider and a supplier of green electricity and gas, we offer attractive deals to our employees. After all, there’s no reason why things should only be simpler for our customers!
🩺 Health: medical insurance through Alan or Sanitas to manage your healthcare expenses in an ultra-simple, paperless way, with up to 50% coverage by papernest (after 6 months in the company).
🍽️ Meals & partnerships: a healthy breakfast offered every Tuesday, as well as partnerships with various services in Barcelona (restaurants, sports, leisure, and care centers).
📚Training: the development of our employees is essential. You'll have access to online training platforms dedicated to Tech. As well as Tech-Fridays twice a month, a day dedicated to innovation, your personal training or your technical watch.
📈Career Development: numerous opportunities are available for you to grow, whether by deepening your expertise or exploring new paths. We support you in your professional ambitions.
✨ Remote Work: enjoy 2 days of remote work per week to optimize your focus and efficiency.
Hiring process:
- A first call with Julie, Talent Acquisition Manager.
- Interview with Andrea, Head of infrastructure and your future manager.
- A technical test with a feedback interview.
- Final interview with Cyril, our CTO.
Interested in this challenge? 🙂
Don’t hesitate any longer—we look forward to meeting you! Regardless of your age, gender, background, religion, sexual orientation, or disability, there’s a place for you with us. Our selection processes are designed to be inclusive, and our work environment is adapted to everyone’s needs.
We particularly encourage applications from women. Even if you feel that you don’t meet all the criteria outlined in this job posting, please know that every application is valuable. We strongly believe that diverse and varied backgrounds enrich our team, and we will carefully consider your application. Parity and diversity are essential assets to our success.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation AWS CEH CI/CD CISSP Cloud Compliance DevOps Encryption GDPR Incident response ISO 27001 Monitoring Network security NIS2 PCI DSS Risk management Scripting SecOps Security assessment Vulnerabilities Vulnerability management
Perks/benefits: Career development Competitive pay Health care Insurance Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.