Senior Cyber Security Engineer

Sliema / Amsterdam / Barcelona / Belgrade / Berlin / Bucharest / Dublin / Lisbon / London / New York / Paris / Rome / Sofia
Engineering – InfoSec /
Freelancer /
Remote
Apply for this job
We seek an experienced, technically strong, and highly hands-on Senior Cyber Security Engineer to secure our websites, digital assets, and cloud infrastructure, focusing on AWS security, web application security, and practical threat prevention.

This is not a policy or governance role: we're looking for someone who enjoys rolling up their sleeves, solving security issues directly, working alongside engineers and DevOps, and implementing robust protective measures to prevent real-world attacks.

Responsibilities

    • Harden and maintain the security of our websites and web applications.
    • Implement, monitor, and optimise WAFs (AWS WAF, Cloudflare) — focusing on real-world traffic filtering and rule fine-tuning.
    • Perform regular application security scans, vulnerability assessments, and coordinate annual third-party penetration tests.
    • Fix and patch vulnerabilities proactively in collaboration with developers.

      • AWS & Cloud Security
    • Own the security of our AWS environments: IAM, networking, patch management, secure configurations, change control, and monitoring.
    • Action recommendations from our security tools and track remediation.
    • Enforce best practices for infrastructure as code, deployment pipelines, and container security.

      • Threat Detection & Incident Response
    • Deploy and operate SIEM (Security Information and Event Management) tools to detect and respond to security threats in real-time.
    • Develop and maintain runbooks for incident handling and forensic investigation.
    • Perform root cause analysis of security incidents and implement preventive measures.

      • Risk & Assurance
    • Produce regular security status reports and product risk assessments for General Managers and senior leadership.
    • Stay ahead of emerging threats relevant to our industry (affiliate marketing and crypto) and adapt controls accordingly.

      • Collaboration & Knowledge Sharing
    • Work closely with engineering and DevOps to embed security into the development lifecycle and deployments.
    • Provide hands-on guidance and training to engineers on secure coding, secrets management, and AWS security.
    • Foster a culture of practical security awareness across the company.

Requirements

    • Minimum 5 years of practical cybersecurity experience in a hands-on technical role.
    • Deep knowledge of AWS security, web architecture, and cloud-native security patterns.
    • Proven experience deploying and tuning WAFs (AWS, Cloudflare) and handling real security incidents.
    • Solid understanding of DevOps pipelines and how to secure CI/CD processes.
    • Proficient with modern security tooling: SIEM, vulnerability management, endpoint security, firewalls, 2FA, email/web security.
Apply for this job
Jobs powered by Lever logo