lastminute.com is looking for an experienced and highly motivated Security Engineer to join our growing IT Security Team with a particular focus on the AWS company's cloud infrastructure.
For lastminute.com Privacy and Cyber Security are not only a need but a fundamental pillar of the relationship with our customers, as clearly stated in our ESG principles.
With this approach, the ideal candidate is passionate about cybersecurity and constantly looking for a new ways to improve it. He/she has excellent communication and organizational skills and ideally has previous experience in managing complex projects at the international level.
Reporting directly to Chief IT Security Engineer, the Cloud Security Engineer is responsible for defining, implementing, and developing security solutions to create and maintain the safest operating environment.
He/She is in charge of ensuring our Cloud architecture, Systems and Software are designed and implemented with a Security by Design approach to reach the highest security standards. He/she will perform technical security assessments, configuration audits, code reviews and vulnerability testing to highlight risks, supporting lastminute.com tech department in discovering security issues and preserving international security certifications.
- Identify and engineer technical solutions to work towards a secure-by-default by switching toward a defensive mindset
- Define Cloud Governance and Controls Framework guidelines to deploy a secure cloud infrastructure in AWS, Azure or GCP
- Work with Site Reliability Engineer team to implement and secure cloud infrastructure
- Be a driving element and enable greater cooperation between product teams, cybersecurity and compliance functions; helping quantify the risk, define relevant control objectives and activities to of securing cloud workloads.
- Perform technical security assessments, code audits, and design reviews.
- Communicate and influence Product teams on assessment outcomes.
- Produce metrics and insights to help monitor vulnerability management strategy and programs.
- Enable better security decisions with actionable and relevant threat intelligence.
- Provide security guidance to the tech organization.
- Work with strategic/technology partners and other stakeholders.
- Minimum 3y experience in a similar role
- Cloud automation with Terraform
- Security Network architecture
- AWS Security Hub
- Audit processes for cloud infrastructure
- Application Security and DevSecOps
- Coding and Scripting experience
- AWS Security Certification
- Incident Response Best Practices
- Experience with attacks and mitigation methods
- Solid project management experience in security complex projects, including defining scope, setting project timelines and milestones, driving team and deliverables, identifying risks, and managing issues.
- Ability to work collaboratively and independently while managing multiple projects, assignments, and/or responsibilities
By joining our company, you will have the chance to:
- Join a dynamic team in an inclusive-international environment
- Grow thanks to the career journey and our internal mobility perspective
- Manage your own schedule thanks to the flexible start and end of the working day
- Work a shorter working week (36h), of which 4 hours on Friday morning
- Get focus time for learning, development and deep work on Friday mornings
- Work partially or fully remote according to local laws
- Enjoy continuous training thanks to our company platform
- Welfare platform (Corporate Benefits) where you will found dedicated discounts with more than 1500 partners
- Benefit from employee discounts on travel
- Receive 2 days off per year for the purpose of volunteering
- Get free snacks / fruit / hot drinks / water / beverages at our offices
- Participate in amazing winter and summer corporate events
- Benefit from extended parental or marriage leave
*Salary range is based on infosec-jobs.com