Software Security Engineer

Description

Summary: Seeking an experienced Security Engineer to embed security from design across digital products, working globally with development and DevOps teams. Highlights: 1. Global, transversal role in Digital Research & Innovation 2. Focus on shifting security left and automating security checks 3. Opportunity for personal development in a unique organization **Req ID:** 29865 **Posted on:** 24 Apr 2026 **Location:**Madrid, Spain **Department:** DIGITAL R\&I We are looking for an experienced Security Engineer to join our Digital Research \& Innovation organization and help embed security from the design phase across SICPA’s digital products worldwide.You will play a global, transversal role, working closely with development and DevOps teams to identify vulnerabilities early, streamline security practices, and integrate security controls into modern cloud‑native environments. **SOFTWARE SECURITY ENGINEER** **KEY OBJECTIVES** * Shift security left by addressing security early in the design and development process * Automate and maintain security checks within CI/CD pipelines * Reduce vulnerabilities before deployment * Ensure compliance with security regulations and standards * Promote collaboration between development, security, and operations teams worldwide **KEY RESPONSABILITIES** * Define and review security requirements and architectural designs across application, infrastructure, and network layers * Provide security support during design and development phases of digital products * Develop, maintain, and improve security and vulnerability scanning tools integrated into build pipelines * Perform security reviews of pull requests, analyze vulnerabilities, and support remediation actions * Execute preliminary audits, document findings, and contribute to risk mitigation strategies * Identify vulnerabilities in applications and cloud‑native environments, including Kubernetes / OpenShift platforms and public cloud (AWS) * Support secure deployment in public cloud environments * Monitor industry security trends and assess potential impacts on products * Contribute to quarterly planning and long‑term security improvement roadmaps * Provide visibility on the security level per product and team * Collaborate actively with global security teams across departments and regions * Report security incidents and escalate issues when required * When relevant, organise security workshops for technical teams **PROFILE** * University degree in Computer Science, Engineering, or equivalent * 5\+ years of experience in security engineering, application security, or secure software architecture * Experience in application security testing tools (e.g. SonarQube is a plus) * Experience in penetration testing or offensive security * Software development experience, preferably in Java, JavaScript, and Python * Experience with automation and infrastructure‑as‑code tools (Ansible, Terraform) is a plus * Knowledge of Kubernetes / OpenShift is a strong advantage * Knowledge of AWS security is a strong advantage * Security certifications (OSCP, CEH, CISA) are a plus * Strong communication and analytical skills in a global, cross‑functional environment * Fluent in English; French is an asset **JOIN US!** * Our success comes from our highly skilled and talented employees * Respectful entrepreneurship and a long\-term vision are key for success * Our people contribute to a more secure world * Diversity at all levels of an organisation is a strengths We offer an exciting and challenging role, with great potential for personal development within a unique organization in a fascinating industry. Your file will be handled with upmost confidentiality and discretion.