**Telefónica España** Do you want to join a leading company in the technology industry? We know you're looking for a change... That's why Telefónica España offers you the opportunity to join our team. **WORK LOCATION:** MADRID. **NUMBER OF OPENINGS:** 1\. **WE WANT PEOPLE LIKE YOU...** Who are attracted by challenges to ensure **continuous software protection** in Telefónica España's Online Channel, designing **secure cloud environments** that guarantee the **confidentiality**, **integrity**, and **availability** of our services. We are looking for someone who enjoys balancing security and operational efficiency: from secure coding (DevSecOps) to the GCP infrastructure protecting it (WAF, API Gateway, ReCaptcha, Networks, SCC…), with the goal of **preventing and mitigating vulnerabilities**. **DAY-TO-DAY CHALLENGES YOU WILL FACE:** * Designing **secure GCP architectures for serverless services** (Cloud Run) with public and private APIs: design and configuration of WAF (Cloud Armor), API Gateway, authentication/authorization, rate limiting... * **Data security** of sensitive data at rest and in transit: access policies (views, labels, schema-level controls), secret management, tokenization / pseudonymization when required. * **IAM and end-to-end access control**: definition of service accounts, principle of least privilege, role and policy organization by environment, approvals and segregation of duties (SoD). * **Networking and perimeters**: VPCs, subnets, firewalls, Serverless VPC Access, Private Service Connect, egress control and NAT. * **Observability and response**: traces/metrics/logs, anomaly detection, actionable alerts, dashboards and post-mortems focused on security. * Conducting **threat modeling** and proposing **mitigations** against common attacks (OWASP API, injection, SSRF, exfiltration). * **DevSecOps**: Static/dynamic analysis, dependency scanning, protection within CI/CD pipelines. * **Compliance by design** (e.g., GDPR): data minimization, retention, audit and traceability of access. * **Collaborate** with development and operations teams to ensure security by design. * Stay up to date on the **latest trends in cybersecurity**. **DO YOU SEE YOURSELF HERE? IT'S TIME TO TAKE THE LEAP!** **EDUCATION:** GCP Security Engineer certification or equivalent (CISSP, CISM, etc.) will be valued. * **KNOWLEDGE AND SKILLS:** The following knowledge and skills will be valued: * Solid understanding of web/API threats (OWASP Top 10, token abuse, replay, bots, SSRF), associated controls, and cookie management. * Ability to draw and defend a secure cloud architecture on a whiteboard, explaining trade-offs. * Secure coding practices, with knowledge of development (Java, JavaScript, TypeScript, Python). * Security in GCP: Cloud Armor, reCAPTCHA Enterprise, Security Command Center, Cloud DLP, IAM, Secret Manager. * Networking in GCP: VPC, subnets, Serverless VPC Access, firewalls, egress control, VPC Service Controls. * Security observability: logs/metrics/traces, alerting and post-mortems. IaC: Terraform. * **EXPERIENCE:** The following experience will be valued: * 5\+ years designing secure architectures in GCP. * Experience with WAF (Cloud Armor), API Gateway, and API authentication / authorization. * Protection of sensitive data: encryption, segmentation and access patterns, RLS, anonymization/pseudonymization where applicable. * IAM in GCP and secret management. * DevSecOps, code vulnerability analysis and prevention. Experience with GDPR in digital products. * **WHY TELEFÓNICA?** If you join Telefónica, you'll be joining one of Spain’s top ten best technology companies to work for, and a team that reinvents itself every day to lead its sector. At Telefónica España, we firmly believe that people like you give meaning to technology, not the other way around. We want to make our world more human by connecting people’s lives. That's why we aim to digitally transform society completely, leaving no one behind. Additionally, we are one of the best employers: * **Immersing you in innovative and challenging projects.** * Driving your **professional development** through **continuous training** tailored to your needs and motivations. * We support the balance between professional and personal life. At Telefónica España, **we promote flexibility**, positioning ourselves as a benchmark in **new ways of working**, schedules, workdays, and work-life balance measures: you can enjoy a **hybrid work model.** * We offer an indefinite contract and a highly attractive compensation package. * **Life insurance**, **pension plan**, and private **health insurance**. * Inviting you to participate in our **volunteer program**. ***Knowledge of our Responsible Business Principles is required. We seek reliable professionals with integrity who commit to ethical and transparent management, promoting fairer and more sustainable social and environmental development.***