Cloud Security Architect, DevSecOps & AI

Description

Job Summary: Urbaser is seeking a Cloud Security & DevSecOps Architect to strengthen the security of multi-cloud applications, integrating security from design through the entire software lifecycle. Key Highlights: 1. Cloud security design and governance (Azure, GCP) under Zero Trust. 2. Integration of DevSecOps into CI/CD with automated security. 3. Experience in security applied to AI/ML and secure MLOps. At Urbaser, we enhance the value of planetary resources every day to build a more sustainable tomorrow. We are global leaders in delivering comprehensive environmental solutions for citizens, businesses, and society. Furthermore, our nature as a global company—with presence in approximately 15 countries—enables us to drive real circularity. Our goal is to create a better future by jointly challenging current standards and anticipating solutions, ensuring everything functions across the value chain to drive meaningful transformation. We are currently looking to incorporate a **Cloud Security Architect \& DevSecOps** into our Madrid team to reinforce the security of our applications and **multi‑cloud** platforms, integrating security **from design** and throughout the entire **software lifecycle**. **What would your responsibilities be?** * **Design and govern** cloud security (focus on **Azure**, GCP preferred) under **Zero Trust** and corporate frameworks. * **Integrate DevSecOps into CI/CD** with **automated security** (from commit to deployment). * **Secure containers and Kubernetes**: secure images, policies, and **runtime** protection. * **Secure identities, secrets, and keys** (IAM/PIM, Key Vault/KMS) with **least privilege** and rotation. * **Automate controls as code** (Terraform/Bicep, OPA/Azure Policy), including *drift detection* and remediation. * **Manage vulnerabilities by risk**, and plan *threat modeling*, *security reviews*, and **pentesting**. * **Oversee new developments and architectures**: *security design reviews*, *security gates*, and standards. * **Coordinate external services/vendors** (SaaS/partners): security criteria, *due diligence*, SLAs, and *follow‑up*. * **Ensure secure deployment of language models** and agents in cloud ecosystems. You will serve as the technical lead responsible for configuring and implementing **security guardrails**, defining content filters for prompt and response control. You will manage agent access to corporate data via **secure connectors**, ensuring prevention of information leakage and maintaining **full traceability** of all interactions. Your objective will be to mitigate operational and reputational risks, ensuring AI-driven innovation complies with the company’s compliance and audit standards. * **Respond to incidents** in development/pipelines/containers and lead **structural improvements** (*post‑mortems*, *playbooks*). * **Train and support** Development/Infrastructure teams on **secure coding** and *shift‑left* culture. **What are we looking for?** * **University degree.** Higher Diploma in Computer Systems Administration or equivalent. * **Minimum B2 English** (spoken and written: documentation, technical foundation, and some experience). * **5 years** in Cybersecurity/Development, with at least **3 years** in direct **DevSecOps Architecture/Engineering** roles. * **Advanced Azure expertise with DevSecOps focus**: cloud security design and governance; integration of security into **CI/CD** (SAST/DAST/SCA, *IaC scanning*, and *policy as code*); protection of **containers/Kubernetes**; **IAM/PIM**, secret and key management (**Key Vault/KMS**); and use of **CSPM**. * **Proven experience in AI/ML security**: **secure MLOps** (governance of *datasets* and models, **SBOM/artifact signing**, protection of **model registry**), design of **guardrails** (mitigation of *prompt injection* and exfiltration), and integrated **monitoring/response** (SIEM/XDR). **What do we offer?** * Permanent contract and career development plan. * Competitive financial compensation and flexible remuneration plan. * Hybrid work model (6 remote working days per month) and flexible hours. * The opportunity to work and learn alongside industry-leading professionals. * The opportunity to gain experience in a rapidly growing sector: sustainability and waste management. **Who are we?** At Urbaser, we are one of the world’s leading providers of environmental solutions—a global company dedicated to enhancing the value of planetary resources to build a more sustainable tomorrow. Through our cleaning and collection services, we serve over 64 million people across approximately 15 countries via an extensive network of over 50\.000 employees and 150 facilities that drive real circularity every day. At Urbaser, we are committed to the principle of absolute equal opportunity, promoting balanced representation between women and men and encouraging labor inclusion of vulnerable groups; applications from candidates for roles with female underrepresentation are especially welcome. We respect diversity in gender, disability, age, ethnic, cultural or racial origin, marital status, as well as gender identity and sexual orientation of all applicants.