DevSecOps Engineer (AWS)

TL;DR

DevSecOps Engineer (AWS): Building and maintaining security monitoring and alerting capabilities for the hirify.global Experiences platform with an accent on proactive security engineering and reactive incident response. Focus on automating security operations, triaging vulnerabilities, and ensuring a resilient cloud infrastructure.

Location: Flexible hybrid position in Portugal; occasional travel to company offices in Lisbon as necessary.

Company

Global travel marketplace connecting people to experiences via brands like hirify.global, Viator, and TheFork.

What you will do

• Monitor, analyze, and investigate security alerts originating from AWS infrastructure, application logs, and security tooling (WAF, SIEM).
• Respond to security incidents such as potential data breaches, application-layer attacks, or infrastructure compromises.
• Build and maintain security monitoring capabilities and automate security operations tasks using Python or Go.
• Configure, tune, and manage security tools including Web Application Firewall (WAF), AWS GuardDuty, and Security Hub.
• Operationalize findings from SAST, DAST, and SCA tools by collaborating with engineering teams to prioritize and remediate vulnerabilities.
• Conduct threat modeling for new features to identify and mitigate risks before they reach production.

Requirements

• Hands-on experience securing production environments in AWS using GuardDuty, Security Hub, WAF, and CloudTrail.
• Strong understanding of core AWS services including VPC networking, EC2, RDS, S3, Lambda, and EKS.
• Proficiency with Terraform for managing and securing cloud infrastructure.
• Proven experience with the full lifecycle of security incident response from detection to post-mortem.
• Proficiency in at least one scripting language (Python, Go, or Bash) for automation.
• Solid understanding of OWASP Top 10 and common web application vulnerabilities.

Nice to have

• Demonstrated ability to use AI tools to improve efficiency and decision-making.
• Proven ability to operate effectively with a global-first mindset.

Culture & Benefits

• Competitive compensation packages including base salary and annual bonuses.
• Remote-friendly collaboration approach with flexible schedules to support work-life balance.
• Comprehensive health benefits with competitive premiums and an employee assistance program.
• Annual lifestyle benefit for travel, wellness, or personal use.
• Tuition assistance for qualified professional development programs.
• Annual matching for qualifying charitable donations.