Cloud Attack Surface Management Engineer
Barcelona, SPAIN IT development
Job description
About the Job
Are you a skilled Cloud Engineer with a strong background in cloud security and a passion for protecting organizations from cyber threats? Join the Allianz Cyber Defense Center and play a key role in enhancing our cloud security posture.
As a Cloud Attack Surface Management Engineer, you will help identify security vulnerabilities, integrate security solutions with CI/CD pipelines and SOAR platforms, and collaborate closely with cross-functional teams to strengthen our defenses across AWS, Azure, and other cloud environments. If you're excited to work on cutting-edge security tools and drive innovation in cloud security, we want to hear from you!
What you do
As a Cloud Attack Surface Management Engineer you will play a crucial role in generating security findings within our cloud environments and integrating the cloud attack surface management tool with other applications. Your responsibilities include:
· Security Findings & Vulnerability Management : Develop and implement tools and processes to identify security vulnerabilities, misconfigurations, and compliance issues in AWS, Azure, and other cloud platforms.
· Guardrails & Best Practices : Implement guardrails to enforce security best practices and prevent misconfigurations, collaborating with cloud platform teams for alignment and effectiveness.
· ASM Tool Management : Manage and maintain the ASM tool within the scope of APR, acting as a consultant and liaison to the Cloud Platform team.
· Integration with CI/CD & Security Operations : Integrate security findings with CI/CD pipelines and collaborate with security operations to automate responses and remediation using SOAR platforms.
· Cross-Team Collaboration : Work closely with development and operations teams to facilitate seamless integration of security solutions across the organization.
· Tool Development & Optimization : Design and optimize tools and scripts to improve the efficiency and effectiveness of cloud security posture management, while evaluating new technologies for enhancement.
· Guidance & Support : Provide technical guidance and support to the Cloud Attack Surface Management Analyst and collaborate with cross-functional teams to address security findings and improve cloud security posture.
What you bring
· Cloud Expertise : Extensive experience with AWS, Azure, and other cloud platforms, including managing security across multi-cloud environments.
· Security Tools & CI/CD : Proficiency in cloud security tools for vulnerability scanning and posture management, and experience integrating security into CI/CD pipelines.
· Programming & Automation : Strong programming and scripting skills (e.g., Python, Bash, PowerShell) for automation and tool development.
· SOAR & Automation : Familiarity with SOAR technologies and automation processes.
· Strong analytical, problem-solving abilities, and a keen ability to work independently or as part of a team.
· Excellent communication and collaboration skills, with a strong eagerness to learn and adapt in a fast-paced environment.
· Education & Certifications : Bachelor's degree in Computer Science, IT, Cybersecurity, or related field, with relevant certifications (e.g., AWS Certified DevOps Engineer, Azure DevOps Engineer Expert, CCSP).
What we offer
· We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad.
· We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location).
· From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered.
· Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach.
About Allianz Technology
With its headquarters in Munich, Germany, Allianz Technology is Allianz's global IT service provider and delivers IT solutions that drive the group's digitalization. With more than 11,000 employees in over 20 countries around the world, Allianz Technology is tasked to run, optimize, transform, and innovate the infrastructure, applications, and services together with Allianz companies to co-create the best customer experience.
We service the entire spectrum of digitalization – from one of the industry's largest IT infrastructure projects that spans data centres, networks, and security, to application platforms ranging from workplace services to digital interaction.
In short: We deliver comprehensive end-to-end IT solutions for Allianz in the digital age. We are the backbone of Allianz.
Find us at: www.linkedin.com/company/allianz-technology .
D&I statement
Allianz Technology is proud to be an equal opportunity employer that embraces diversity and commits itself to creating an inclusive work environment for all.
We therefore welcome applications regardless of race, ethnicity or cultural background, age, gender, nationality, religion, social class, disability or sexual orientation, or any other characteristics protected under applicable local laws and regulations.
Join us. Let´s care for tomorrow.
You. IT.
To Recruitment Agencies:
Allianz Technology has an in-house recruitment team that sources great candidates directly. Therefore, Allianz Technology does not accept unsolicited resumes from agencies or search firm recruiters.
When we do work with recruitment agencies, that engagement is formalized by a contract. Fees will only be paid when there is a contract in place. Without a contract in place, we will not accept invoices on unsolicited resumes, even if the candidate was ultimately employed by Allianz.
63237 | Ingeniería informática y tecnológica | Profesional / Senior | Non-Executive | Allianz Technology | Jornada completa | Indefinido