Giesecke+Devrient is a global company that offers security technologies, both in the physical and digital world. Every day, billions of people benefit from G+D innovations in their personal and business lives. With around
Experiencia, cualificaciones y habilidades interpersonales, ¿tiene todo lo necesario para triunfar en esta oportunidad? Descúbralo a continuación.
14,000 employees across 41 countries, we develop, manufacture, and distribute products and solutions for the safeguarding of
payment processes, identities, connectivity, and data .
At G+D, we are looking for a
Cloud Security Operations Engineer
to join our
Business Cloud Services team, working on highly secure cloud-native platforms running on
SysEleven by secunet public and private cloud infrastructures .
In this role, you will help ensure the security of cloud-native services used by
central banks and payment providers worldwide, working closely with colleagues in an
international Scrum team across Spain, Germany, and India .
Your Responsibilities
Together with the Business Cloud Services team, you will design, implement, and operate
cloud security architectures and security controls, embedding security into every stage of the platform and service lifecycle.
Your main duties include:
Design and implement
cloud security architectures, including zero-trust network models and defence-in-depth security controls
Develop, operate, and maintain
security automation pipelines, including SIEM integration, vulnerability scanning, policy-as-code, and automated threat detection and response
Implement and manage
identity and access controls, including IAM, RBAC, and secrets management across Kubernetes and cloud environments
Implement, tune, and operate
security monitoring and alerting stacks, including SIEM, IDS/IPS, log aggregation, and defined security alerting pipelines
Coordinate incident response activities for security events with the
Central Cyber Defence Team (CDC)
Contribute to security
runbooks, post-incident reviews, and continuous improvement of the overall security posture
Ensure compliance with
PCI DSS, SOC2, and relevant cloud security standards through automated policy enforcement and regular audits
Conduct
security reviews and threat modelling
for infrastructure-as-code configurations and CI/CD pipelines
Actively promote
DevSecOps practices, security-by-design principles, and automation-first approaches
Collaborate closely with platform, DevOps, and development teams to ensure security requirements are aligned with operational needs
Your Profile
Bachelor’s degree in
Computer Science, Information Systems, or a related field
5+ years of relevant professional experience
in cloud security, security operations, or DevSecOps roles
Deep knowledge of
cloud security architecture principles, including zero trust, least privilege, and defence in depth
Hands-on experience securing
infrastructure-as-code, including:
Terraform with security policy frameworks (e.g. OPA/Conftest, Checkov)
Helm chart security hardening
Strong experience with
compliance and audits
(PCI DSS, SOC2) in cloud-native environments
Practical experience with
security tooling, such as:
SIEM platforms
Vulnerability scanners
Secrets management solutions (e.g. HashiCorp Vault)
IDS/IPS systems
Strong
Kubernetes security expertise, including:
Pod Security Standards
RBAC and network policies
Image scanning and runtime security (e.g. Falco)
Experience integrating
security into CI/CD pipelines
(GitLab CI, ArgoCD) and applying DevSecOps practices
Scripting skills for security automation ( Python and Bash preferred )
Experience with
Linux system hardening
and secure configuration management
Excellent
communication skills in English
(Spanish is a plus)
Security-first and automation-first mindset with strong collaboration skills in Agile teams
What We Offer
Culture and Diversity:
Join a people oriented environment with different nationalities and a great team spirit, flat hierarchies (everyone speaks to everyone). Equal Opportunity Employer and LGBT+ friendly.
Global Collaboration:
Enjoy collaborative work in Agile/SCRUM teams and with stakeholders around the globe.
Open working space
with Best-in-class equipment: High-performance PC with huge monitors.
Innovative Products:
Design and develop business processes and IT solutions for innovative products and digital solutions.
Career Development:
Continuous training and coaching, talent program.
Social Benefits:
flexible compensation (transport tickets, childcare vouchers, training, private insurance) and in-house parking.
Flexible work time and remote work:
M-Th 8.30 – 17.30 and Fri 8.30 – 15.30, hybrid model.
Own Canteen:
Take a break with our breakfast and lunch service: Choose between a big range of menus, salad desk and sandwich service. Fruit packages.
Location:
El Prat de Llobregat. Easy communication by public transport (Bus 88 and 110, Metro L10 Riu Vell from Barcelona, PR4 from El Prat) o private transport. xpzdshu
Learn more about G+D
Explore what makes G+D unique – check out this video:
Giesecke+Devrient – We make the lives of billions of people more secure.
Privacy Notice
The personal data you provide will be processed to manage your application in accordance with the GDPR and our Privacy Policy, available at
Data Privacy | G+D .