IT Security Specialist
Summary
Location: Barcelona (Hybrid) OR Paris (Hybrid) OR Poland (Remote)
Rate: Negotiable based on Experience
Duration: 12 Months
Availability: ASAP
About the Client
My client is the air transport industry's IT provider, delivering solutions for airlines, airports, aircraft, and governments. Their technology powers more seamless, safe, and sustainable air travel.
They are looking to hire an experienced IT Security Specialist on a contract basis for an initial 12 month contract.
About the Role
Job Summary:
We are seeking experienced IT Security Specialist to support security related projects within the Aircraft solutions portfolio, working across various teams developing software solutions for customers.
Key Responsibilities:
Security Hardening and Compliance
• Implement and maintain security baselines for Windows and Linux systems (e.g., GPO, SELinux).
• Integrate security validation into CI/CD pipelines and Infrastructure-as-Code (IaC) workflows using tools such as Terraform and Ansible.
Cloud Security
* Design and enforce governance policies in Azure.
* Remediate misconfigurations, vulnerability and
* Improve cloud security posture through automation and policy-as-code.
* Leverage AI-assisted tools to improve vulnerability prioritization, alert triage, and security automation
Platform and Network Security
• Secure containerized environments (e.g., Kubernetes) with proper RBAC, network policies, and configuration controls.
• Firewall rules optimization
Vulnerability and Compliance Management
• Operate and maintain vulnerability scanning tools; ensure coverage and timely remediation.
• Collaborate with engineering teams to automate vulnerability handling and reduce manual effort.
Incident Response
• Use AI-driven analytics and enrichment tools to accelerate incident detection, investigation, and root-cause analysis.
• Participate in initial triage and forensic analysis in identifying security related incident.
Compliance supports
* Understand the compliance structure, such as ISMS, SOC-2 requirements and provide the required support.
* Support compliance initiatives (such as ISO 27001, GDPR, or NIST) by implementing and documenting security processes.
* Review and enhance identity and access management (IAM), including MFA, privileged account management, and conditional access.
What we are looking for
Required Skills and Experience
* 3–5+ years of relevant experience, or equivalent practical expertise.
* Practical exposure to security hardening, compliance support, and automation — not just theory.
* Evidence of handling critical situations (e.g., security incidents, audit findings) and applying lessons learned to improve processes.
* Strong knowledge of Windows and Linux security internals and hardening techniques.
* Hands-on experience with Azure security architecture, policy enforcement, and governance.
* Practical skills in Kubernetes security and containerized workloads.
* Familiarity with CI/CD security integration and IaC tools (Terraform, Ansible).
Key Competencies
* Analytical and problem-solving mindset.
* Ability to translate security requirements into actionable technical solutions.
* Strong communication skills for cross-team collaboration.
* Passion for automation and continuous improvement.
Preferred Qualifications
* Certifications such as AZ-500 (Azure Security), CKS (Kubernetes Security Specialist), CISSP, or equivalent.
* Experience with policy-as-code frameworks (e.g., OPA/Conftest).
* Exposure to AI-enabled security tools (e.g. UEBA, AI-driven SIEM, SOAR, vulnerability prioritization, or automated investigation).
* Experience with Operation mandates in complex environment