Job Summary: This role involves designing, implementing, and operating cloud security architectures and controls, ensuring the security of cloud-native services for central banks and payment providers worldwide. Key Responsibilities: 1. Design and implement cloud security architectures 2. Develop and maintain security automation 3. Promote DevSecOps practices and security-by-design **G\+D makes life safer for billions of people worldwide. We create trust in the digital age with integrated security technologies across three business areas: Digital Security, Financial Platforms, and Monetary Technology. For over 170 years, we have been a trusted partner to our customers with innovative SecurityTech solutions! We are an international technology group and a traditional family-owned company with more than 14,000 employees in 40 countries. Creating Trust is our path to success. Trust is the foundation of our cooperation at G\+D.****In Payment Technology, our mission is to be at the beginning of every transaction and make it secure and simple. We also create contemporary payment and banking solutions for our digital era. As a single point of contact, we produce and personalize hundreds of millions of payment cards each year and store their "digital twins" \- mobile and digital. Would you like to actively shape the digital transformation with us?** Giesecke\+Devrient is a global company that offers security technologies, both in the physical and digital world. Every day, billions of people benefit from G\+D innovations in their personal and business lives. With around **14,000 employees across 41 countries**, we develop, manufacture, and distribute products and solutions for the safeguarding of **payment processes, identities, connectivity, and data**. At G\+D, we are looking for a **Cloud Security Operations Engineer** to join our **Business Cloud Services team**, working on highly secure cloud\-native platforms running on **SysEleven by secunet public and private cloud infrastructures**.In this role, you will help ensure the security of cloud\-native services used by **central banks and payment providers worldwide**, working closely with colleagues in an **international Scrum team across Spain, Germany, and India**. **Your Responsibilities** ------------------------- Together with the Business Cloud Services team, you will design, implement, and operate **cloud security architectures and security controls**, embedding security into every stage of the platform and service lifecycle. Your main duties include:* Design and implement **cloud security architectures**, including zero\-trust network models and defence\-in\-depth security controls * Develop, operate, and maintain **security automation pipelines**, including SIEM integration, vulnerability scanning, policy\-as\-code, and automated threat detection and response * Implement and manage **identity and access controls**, including IAM, RBAC, and secrets management across Kubernetes and cloud environments * Implement, tune, and operate **security monitoring and alerting stacks**, including SIEM, IDS/IPS, log aggregation, and defined security alerting pipelines * Coordinate incident response activities for security events with the **Central Cyber Defence Team (CDC)** * Contribute to security **runbooks**, post\-incident reviews, and continuous improvement of the overall security posture * Ensure compliance with **PCI DSS, SOC2**, and relevant cloud security standards through automated policy enforcement and regular audits * Conduct **security reviews and threat modelling** for infrastructure\-as\-code configurations and CI/CD pipelines * Actively promote **DevSecOps practices**, security\-by\-design principles, and automation\-first approaches * Collaborate closely with platform, DevOps, and development teams to ensure security requirements are aligned with operational needs **Your Profile** ---------------- * Bachelor’s degree in **Computer Science, Information Systems**, or a related field * **5\+ years of relevant professional experience** in cloud security, security operations, or DevSecOps roles * Deep knowledge of **cloud security architecture principles**, including zero trust, least privilege, and defence in depth * Hands\-on experience securing **infrastructure\-as\-code**, including: + Terraform with security policy frameworks (e.g. OPA/Conftest, Checkov) + Helm chart security hardening * Strong experience with **compliance and audits** (PCI DSS, SOC2\) in cloud\-native environments * Practical experience with **security tooling**, such as: + SIEM platforms + Vulnerability scanners + Secrets management solutions (e.g. HashiCorp Vault) + IDS/IPS systems * Strong **Kubernetes security expertise**, including: + Pod Security Standards + RBAC and network policies + Image scanning and runtime security (e.g. Falco) * Experience integrating **security into CI/CD pipelines** (GitLab CI, ArgoCD) and applying DevSecOps practices * Scripting skills for security automation (**Python and Bash preferred**) * Experience with **Linux system hardening** and secure configuration management * Excellent **communication skills in English** (Spanish is a plus) * Security\-first and automation\-first mindset with strong collaboration skills in Agile teams * **Culture and Diversity:** Join a people oriented environment with different nationalities and a great team spirit, flat hierarchies (everyone speaks to everyone). Equal Opportunity Employer and LGBT\+ friendly. * **Global Collaboration:** Enjoy collaborative work in Agile/SCRUM teams and with stakeholders around the globe. * **Open working space** with Best\-in\-class equipment: High\-performance PC with huge monitors. * **Innovative Products:** Design and develop business processes and IT solutions for innovative products and digital solutions. * **Career Development:** Continuous training and coaching, talent program. * **Social Benefits:** flexible compensation (transport tickets, childcare vouchers, training, private insurance) and in\-house parking. * **Flexible work time and remote work:** M\-Th 8\.30 – 17\.30 and Fri 8\.30 – 15\.30, hybrid model. * **Own Canteen:** Take a break with our breakfast and lunch service: Choose between a big range of menus, salad desk and sandwich service. Fruit packages. * **Location:** El Prat de Llobregat. Easy communication by public transport (Bus 88 and 110, Metro L10 Riu Vell from Barcelona, PR4 from El Prat) o private transport. **Learn more about G\+D** ------------------------- Explore what makes G\+D unique – check out this video:Giesecke\+Devrient – We make the lives of billions of people more secure. **Privacy Notice** ------------------ The personal data you provide will be processed to manage your application in accordance with the GDPR and our Privacy Policy, available at Data Privacy \| G\+D.### ### **Contact** **HR Team Spain** seleccion.gdi@gi\-de.com ### **JOB OFFER****Job Details** --------------- **Job Title** Cloud Security Operations Engineer **Business Sector** Giesecke \+ Devrient ePayments Iberia S.A C/ 114 nº 27 Polígon Pratenc **Requisition ID** 26991 **Location** Prat de Llobregat (BCN), ES **Career level** Experienced **Job Type** Full-time **Contact** HR Team Spain seleccion.gdi@gi\-de.com We are an equal opportunity employer committed to diversity in all its forms and foster an inclusive workplace free of prejudice, discrimination, and harassment, where all employees feel valued and part of the community. We welcome all applications regardless of gender, age, race, ethnic origin, social and cultural background, religion, disability, or sexual orientation.