Cloud Attack Surface Management Engineer
Barcelona, SPAIN IT development
Job description
About the Job
Are you a skilled Cloud Engineer with a strong background in cloud security and a passion for protecting organizations from cyber threats? Join the Allianz Cyber Defense Center and play a key role in enhancing our cloud security posture.
As a Cloud Attack Surface Management Engineer, you will help identify security vulnerabilities, integrate security solutions with CI/CD pipelines and SOAR platforms, and collaborate closely with cross-functional teams to strengthen our defenses across AWS, Azure, and other cloud environments. If you're excited to work on cutting-edge security tools and drive innovation in cloud security, we want to hear from you!
What you do
As a Cloud Attack Surface Management Engineer you will play a crucial role in generating security findings within our cloud environments and integrating the cloud attack surface management tool with other applications. Your responsibilities include:
· Security Findings & Vulnerability Management : Develop and implement tools and processes to identify security vulnerabilities, misconfigurations, and compliance issues in AWS, Azure, and other cloud platforms.
· Guardrails & Best Practices : Implement guardrails to enforce security best practices and prevent misconfigurations, collaborating with cloud platform teams for alignment and effectiveness.
· ASM Tool Management : Manage and maintain the ASM tool within the scope of APR, acting as a consultant and liaison to the Cloud Platform team.
· Integration with CI/CD & Security Operations : Integrate security findings with CI/CD pipelines and collaborate with security operations to automate responses and remediation using SOAR platforms.
· Cross-Team Collaboration : Work closely with development and operations teams to facilitate seamless integration of security solutions across the organization.
· Tool Development & Optimization : Design and optimize tools and scripts to improve the efficiency and effectiveness of cloud security posture management, while evaluating new technologies for enhancement.
· Guidance & Support : Provide technical guidance and support to the Cloud Attack Surface Management Analyst and collaborate with cross-functional teams to address security findings and improve cloud security posture.
What you bring
· Cloud Expertise : Extensive experience with AWS, Azure, and other cloud platforms, including managing security across multi-cloud environments.
· Security Tools & CI/CD : Proficiency in cloud security tools for vulnerability scanning and posture management, and experience integrating security into CI/CD pipelines.
· Programming & Automation : Strong programming and scripting skills (e.g., Python, Bash, PowerShell) for automation and tool development.
· SOAR & Automation : Familiarity with SOAR technologies and automation processes.
· Strong analytical, problem-solving abilities, and a keen ability to work independently or as part of a team.
· Excellent communication and collaboration skills, with a strong eagerness to learn and adapt in a fast-paced environment.
· Education & Certifications : Bachelor's degree in Computer Science, IT, Cybersecurity, or related field, with relevant certifications (e.g., AWS Certified DevOps Engineer, Azure DevOps Engineer Expert, CCSP).
What we offer
· We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad.
· We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location).
· From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered.
· Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach.
About Allianz Technology
Allianz Technology is the global IT service provider for Allianz and delivers IT solutions that drive the digitalization of the Group. With more than 13,000 employees located in 22 countries around the globe, Allianz Technology works together with other Allianz entities in pioneering the digitalization of the financial services industry.
We oversee the full digitalization spectrum – from one of the industry’s largest IT infrastructure projects that includes data centers, networking, and security, to application platforms that span from workplace services to digital interaction. In short, we deliver full-scale, end-to-end IT solutions for Allianz in the digital age.
D&I statement
Allianz Technology is proud to be an equal opportunity employer encouraging diversity in the working environment. We are interested in your strengths and experience. We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, race or ethnicity, age, nationality, religion, disability, or philosophy of life.
Join us. Let´s care for tomorrow.
You. IT.
To Recruitment Agencies:
Allianz Technology has an in-house recruitment team that sources great candidates directly. Therefore, Allianz Technology does not accept unsolicited resumes from agencies or search firm recruiters.
When we do work with recruitment agencies, that engagement is formalized by a contract. Fees will only be paid when there is a contract in place. Without a contract in place, we will not accept invoices on unsolicited resumes, even if the candidate was ultimately employed by Allianz.
63237 | Ingeniería informática y tecnológica | Profesional / Senior | Allianz Technology | Jornada completa | Indefinido