Cloud Security Operations Engineer

At G+D, we are looking for a Cloud Security Operations Engineer to join our Business Cloud Services team, working on highly secure cloud-native platforms running on SysEleven by secunet public and private cloud infrastructures.

In this role, you will help ensure the security of cloud-native services used by central banks and payment providers worldwide, working closely with colleagues in an international Scrum team across Spain, Germany, and India.

Your Responsibilities

Together with the Business Cloud Services team, you will design, implement, and operate cloud security architectures and security controls, embedding security into every stage of the platform and service lifecycle.

Your main duties include:

• Design and implement cloud security architectures, including zero-trust network models and defence-in-depth security controls
• Develop, operate, and maintain security automation pipelines, including SIEM integration, vulnerability scanning, policy-as-code, and automated threat detection and response
• Implement and manage identity and access controls, including IAM, RBAC, and secrets management across Kubernetes and cloud environments
• Implement, tune, and operate security monitoring and alerting stacks, including SIEM, IDS/IPS, log aggregation, and defined security alerting pipelines
• Coordinate incident response activities for security events with the Central Cyber Defence Team (CDC)
• Contribute to security runbooks, post-incident reviews, and continuous improvement of the overall security posture
• Ensure compliance with PCI DSS, SOC2, and relevant cloud security standards through automated policy enforcement and regular audits
• Conduct security reviews and threat modelling for infrastructure-as-code configurations and CI/CD pipelines
• Actively promote DevSecOps practices, security-by-design principles, and automation-first approaches
• Collaborate closely with platform, DevOps, and development teams to ensure security requirements are aligned with operational needs

Your Profile

• Bachelor’s degree in Computer Science, Information Systems, or a related field
• 5+ years of relevant professional experience in cloud security, security operations, or DevSecOps roles
• Deep knowledge of cloud security architecture principles, including zero trust, least privilege, and defence in depth
• Hands-on experience securing infrastructure-as-code, including:
  • Terraform with security policy frameworks (e.g. OPA/Conftest, Checkov)
  • Helm chart security hardening
• Strong experience with compliance and audits (PCI DSS, SOC2) in cloud-native environments
• Practical experience with security tooling, such as:
  • SIEM platforms
  • Vulnerability scanners
  • Secrets management solutions (e.g. HashiCorp Vault)
  • IDS/IPS systems
• Strong Kubernetes security expertise, including:
  • Pod Security Standards
  • RBAC and network policies
  • Image scanning and runtime security (e.g. Falco)
• Experience integrating security into CI/CD pipelines (GitLab CI, ArgoCD) and applying DevSecOps practices
• Scripting skills for security automation (Python and Bash preferred)
• Experience with Linux system hardening and secure configuration management
• Excellent communication skills in English (Spanish is a plus)
• Security-first and automation-first mindset with strong collaboration skills in Agile teams