Summary: Seeking a Senior DevSecOps Engineer to initiate security awareness, provide robust security solutions, and maintain application integrity across cloud infrastructure. Highlights: 1. Opportunity to influence decisions and see work reach users quickly 2. Integrate security tools and practices into CI/CD pipelines 3. Work with a high-caliber, passionate international team **ABOUT CODEWAY** Codeway builds consumer apps used by millions around the world, spanning AI creativity, wellness, learning, and productivity. Our products are built with a strong focus on user experience, speed, and quality, and are powered by deep in\-house technology and data capabilities. Barcelona is a growing core hub for Codeway. We are building a strong engineering culture here, focused on ownership, fast execution, and high standards of craft. This is a place for engineers who want to stay close to the product, influence real decisions, and see their work reach users quickly. We are now looking for a **Senior DevSecOps Engineer**to join our Barcelona team and help us build and scale high\-quality mobile experiences across our consumer app portfolio. **POSITION** We are seeking a skilled and motivated Senior DevSecOps Engineer to join our team. The successful candidate will be responsible for initiating security awareness in code development and deployment, as well as providing robust security solutions through various security\-oriented tools. This role is crucial to maintaining the integrity, confidentiality, and availability of our applications and data across our extensive cloud infrastructure. **WHAT YOU'LL BE DOING*** **Security Awareness \& Training:** Develop and implement security training programs for development and operations teams to promote best practices in secure coding and deployment. * **Security Policies \& Procedures:** Establish and enforce security policies, standards, and procedures that align with industry best practices and regulatory requirements. * **Vulnerability Management:** Conduct regular security assessments, vulnerability scanning, and penetration testing to identify and mitigate security risks. * **Incident Response:** Lead and coordinate response to security incidents, ensuring quick resolution and thorough investigation to prevent recurrence. * **Cloud Security Architecture:** Design and implement secure cloud architectures, including network security, identity and access management, and data protection strategies. * **DevSecOps Integration:** Integrate security tools and practices into CI/CD pipelines to automate security testing and ensure secure code deployment. * **Monitoring \& Logging:** Set up and maintain security monitoring and logging solutions to detect and respond to potential security threats in real\-time. * **Compliance:** Ensure compliance with relevant legal and regulatory requirements, such as GDPR, and others applicable to Codeway’s operations. * **Collaboration:** Work closely with DevOps, product teams, and other stakeholders to embed security into every stage of the software development lifecycle. **WHAT YOU'LL BRING*** Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. * Minimum 5\-8 years of experience in cloud security engineering or a related role. * Proven experience with public cloud platforms (Google Cloud, AWS). * Strong understanding of Kubernetes security. * Demonstrated experience in mobile application security, including securing mobile APIs, OWASP Mobile Top 10 risks, and mobile secure development practices. * Familiarity with security tools and platforms (e.g., SIEM, IDS/IPS, vulnerability scanners), with the ability to support their integration and follow up on findings in collaboration with relevant teams. * Certifications (Nice to have): Relevant certifications such as CISSP, CISM, CEH, or cloud\-specific certifications like AWS Certified Security \- Specialty, Google Professional Cloud Security Engineer. * Proficiency in scripting and automation (e.g., Python, Bash). * Deep understanding of network security, encryption, and key management. * Familiarity with DevSecOps practices and tools (e.g., Jenkins, GitLab CI, Terraform). * Excellent problem\-solving and analytical skills. * Strong communication skills, with the ability to explain complex security concepts to non\-technical stakeholders. * Proactive and self\-motivated with a strong sense of ownership and accountability. **Nice to Have*** Experience in AI and machine learning security. * Knowledge of data privacy regulations and best practices. * Experience with home\-grown data analytics platforms. **What We Offer*** The chance to work with a high\-caliber, passionate international team building category\-defining products * Full\-time contract with competitive salary * Private health insurance, a generous meal card * Full visa \& relocation support if you’re moving to Barcelona * Annual learning \& development budget for courses, tools, or events that support your growth * Free access to Codeway’s suite of apps across productivity, wellness, and education * A top\-notch office in the heart of the city **THE RECRUITING PROCESS** Application Recruiter Interview Case Study Hiring Manager Interview Final Executive Interview Offer We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.