Plus
Включить Plus
Назад
Company hidden
5 дней назад

DevSecOps Engineer, Technical Referent

Формат работы
hybrid
Тип работы
fulltime
Грейд
lead
Английский
b2
Страна
Spain
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

DevSecOps Engineer, Technical Referent (Cloud IAM): Strengthen identity, access, and endpoint security across multi-cloud environments with an accent on role models, SSO/IAM integrations, and secure-by-default automation. Focus on enforcing least privilege and SoD, building IaC/PaC provisioning workflows, and leveraging AI tools for access analysis and policy improvements.

Location: Hybrid in Barcelona or Madrid

Company

hirify.global enables global companies to collect payments in 40 emerging markets as a payments processor and merchant of record.

What you will do

  • Define and maintain enterprise role models (RBAC/ABAC), ownership, and approval flows aligned with access matrix.
  • Lead SSO and identity integrations (SAML/OIDC, SCIM, MFA) on Microsoft Entra ID and standardize application onboarding.
  • Administer AWS IAM and GCP IAM at organization/account/project levels, enforcing least privilege and SoD.
  • Build automation for provisioning, deprovisioning, and access reviews using IaC/PaC; integrate JIT/PAM workflows.
  • Strengthen endpoint posture with Jamf and Intune, tied to identity controls and conditional access.
  • Implement guardrails, continuous controls, audit trails, and anomaly detection with remediation playbooks.
  • Review Kubernetes RBAC and permissions in Amazon EKS to enforce least privilege.
  • Partner with DevOps, Networking, Security, and Service Desk on workflows and improvements; document architectures and support audits.

Requirements

  • Strong security engineering in IAM/SSO/PAM, role modeling (RBAC/ABAC), least privilege, and SoD.
  • Public cloud expertise: AWS IAM, GCP IAM, Microsoft Entra ID, SAML/OIDC, SCIM; tools like Apono, Jamf, Intune.
  • Automation: IaC/PaC (Terraform/Pulumi/Ansible), scripting (Python/Bash).
  • Audit/compliance experience: PCI DSS, SOX, ISO 27001.
  • Proven delivery of security automations reducing manual tasks and audit effort.
  • Effective collaboration and communication with DevOps, Networking, Security, Service Desk.

Culture & Benefits

  • Flexible schedules focused on impact and productivity.
  • Combine self-managed focus time with in-person collaboration in hubs.
  • Fintech environment with dynamic challenges.
  • Referral bonuses, social budget for team activities.
  • hirify.global Houses for week-long global coworking retreats.

Hiring process

  • Talent Acquisition reviews CV and updates by email at every step.
  • Expect to hear back regardless of outcome.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →