Senior Corporate Security Engineer

TL;DR

Senior Corporate Security Engineer (Cybersecurity): Architecting the security fabric for internal SaaS ecosystem and corporate environment with an accent on identity-centric security, endpoint and infrastructure protection, SaaS integrations, and threat detection/response. Focus on implementing Zero Trust principles, managing EDR/XDR and MDM, securing Azure footprint, and automating incident response workflows.

Location: Hybrid work model balancing office and remote work, based in our Madrid hub

Company

Leader in digital employee experience management software, enabling IT leaders to proactively optimize employee experiences across endpoints, applications, and networks globally.

What you will do

• Design and implement identity-centric security architecture including passwordless authentication, Zero Trust, secure provisioning, and lifecycle management.
• Define security baselines for endpoints (Windows, macOS, mobile) via MDM (Intune/Jamf), manage EDR/XDR, and secure corporate Azure infrastructure.
• Conduct vulnerability management, patch management, security assessments, and automate compliance checks.
• Assess and secure SaaS integrations, configure CASB/DLP policies, and collaborate on vendor vetting.
• Lead incident response, threat hunting, develop automation scripts (Python/PowerShell), SOAR workflows, and incident playbooks.
• Support audits/compliance, act as security liaison to IT/business, and deliver security training.

Requirements

• Fluent in English with ability to explain complex risks to non-technical stakeholders.
• 5-8 years hands-on experience in Corporate Security, IT Security Engineering, or SOC in cloud-first environment.
• Endpoint mastery: hardening macOS/Windows, managing via MDM/UEM tools.
• Vulnerability management experience helping patch systems/infrastructures.
• Proficiency in Python and Terraform for automating APIs/security workflows.
• Experience with EDR tools and SIEM log analysis.
• Ability to influence security best practices across teams; experience with security awareness/phishing tools.

Nice to have

• Deep knowledge of Okta and Microsoft Entra ID (authentication policy, Conditional Access, SSO, SCIM, OIDC/SAML).
• Experience implementing FIDO2/WebAuthn (passwordless).
• Proficient in PowerShell.
• Familiarity with compliance standards (ISO 27001/27701, SOC 2, FedRAMP).
• Experience securing Cloud Infrastructure (Azure/AWS) for corporate workloads.

Culture & Benefits

• Hybrid work model with flexible hours and unlimited vacation plus 22 holidays, 10-30 sick days, bereavement leave, and volunteering days.
• Health insurance via ACKO (OPD coverage for dental, vision, check-ups), personal accident insurance up to 3x annual CTC.
• Professional training platforms access, maternity/paternity/adoptive leave (up to 26/6 weeks).
• Permanent contract, competitive compensation, referral bonuses, gratuity after 5 years.
• Supportive, technical environment valuing "Security as an Enabler"; report to CISO with executive visibility; cloud-native tech stack.