Senior Platform Security Engineer (100% remotefriendly within Spain)
Offer summary
Qualifications:
At least 5 years of experience in security., Vast experience with Kubernetes and securing container orchestration platforms., Knowledge of vulnerability scanning, Hashicorp Vault, Terraform, and CI/CD tools., Experience building scalable, secure production environments on AWS..Key responsibilities:
- Ensure platform compliance with security standards like ISO27001, C5, SOC2.
- Develop and maintain security tools and policies for the platform.
- Collaborate with various teams to audit systems and support secure migrations.
- Monitor, maintain, and optimize Kubernetes clusters and deployment pipelines.
Job description
Company Description
Welcome to the good side of tech đź‘‹
You might have heard about us, but with a different name: Znanylekarz. It all started 10 years ago when we asked ourselves: is anyone in healthcare thinking about patients? We jumped in and we empowered patients by giving them access to leave and read reviews about their visit. We then provided doctors with the technology to manage bookings easily and save time, so they could devote themselves to what they always wanted: treating patients. And today is the day in which we ask you: wanna join us in the next step of making the healthcare experience more human?
Docplanner at scale
We are leaders in 13 countries so far, and more than 90 million patients trust us every month. 280.000 specialists believe in us and our product, and so do leading venture capital funds such as Point Nine Capital, Goldman Sachs Asset Management, and One Peak Partners. And yet, employing over 2.900 people all over the globe, we managed to keep the startup mindset we started with over 10 years ago.
How does Docplanner Tech fit here?
At Docplanner Tech we are a diverse group of ~325 people working in teams that include engineers, designers, product managers, data and research. We are responsible for building the product for all locations. Taking care about talent matters to us, thats why the engineering team has an amazing balance of new team members and people that have been in DP for years.
We could tell you about us, but we will let our reviews on Glassdoor speak for themselves. In case you’d like to see how it feels to be 100% yourself at work, here’s a video of us.
Job DescriptionThe Internal Platform is a pivotal foundation that accelerates product development by providing a reliable, scalable, and selfservice ecosystem. It supports the entire software lifecycle and is meticulously tailored to meet the organization’s technological needs and strategic direction.
The platform enables development teams to operate autonomously in 80% of cases, reducing dependency on the Internal Platform team, and ensuring that compliance, security, and business continuity are integrated across the entire platform defending general reliability of services, and data integrity.
Overall, a platform engineering team plays a critical role in ensuring a companys technology infrastructure is reliable and scalable.
The Internal Platform team consists of 34 people including 27 individual contributors 2 Staff Engineers, 4 Engineering Managers and Head of Internal Platform. The team is organized in a way to efficiently address Stakeholders needs.
What are the challenges in the team?
Platform Security is a team within the Internal Platform. The team is a first point of contact for the Global Security Team. The team is responsible for security and integrity of the underlying infrastructure that supports the organization, safeguarding the platform from potential vulnerabilities, threats, and attacks.
Developing and maintaining tools for Global Security in order to deliver vulnerability management platforms for application triaging and continuous compliance
The complexity of the Docplanner organization: Docplanner is a complex organization with multiple teams working on various products and services. One of the main challenges for the platform security engineer is to understand and integrate the diverse technology stacks used by different teams.
Scalability and reliability of systems: As Docplanner grows and expands, the demand for the technology infrastructure also increases. The platform engineering team must ensure that the systems are designed to handle high traffic, are scalable, and secure
Who will you work closely with?
Global Security – as the main external stakeholder for security initiatives. You’ll collaborate on platform compliance, risk management, and act as a technical point of contact during escalated incidents such as DDoS or abuse cases.
PMS (Practice Management Systems) teams – to audit existing systems, support secure migration to the central platform, and interpret global security and legal requirements in the context of PMS implementations.
Core Team within Internal Platform – by consulting on technical compliance, networking standards, and resolving misconfigurations or vulnerabilities detected across platform components.
Experience Teams – by providing guidance on infrastructurerelated application security topics, secure encryption practices, and collaborating on secure CSP integrations.
Legal – to ensure alignment with data protection regulations, encryption standards, and locality requirements. You’ll use their insights to assess and improve the security posture of the platform.
How would you be impacting our mission?
Making sure that our platform is compliant with the best industry practices and standards for security (ISO27001, C5, SOC2)
Help us to introduce security on every step of our platform lifecycle
Ability to vigilantly understand and mitigate security threats before they arise
Optimize system scalability and cost efficiency
Development, monitoring, and maintenance of Kubernetes clusters on several continents.
CI CD development and maintenance.
Make sure that all of our services are deployed in a way that makes them highly available.
Fixing urgent issues and optimizing performance.
Support other team members in their daily work.
QualificationsWhat will help you thrive?
At least 5 years of experience related with security
Vast experience with container orchestration platforms like Kubernetes and how to secure them (musthave).
You know how to maintain, develop policy for securityfocused CNIService Mesh (eg. Calico, Cilium).
You know how to scan for and manage vulnerabilities at scale.
You have experience with Hashicorp Vault.
You know why and how to use Terraform and popular CICD tools.
You know about building scalable and secure production HA environments using AWS.
You know your ways around network security services eg. AWS WAFCloudflare.
You are not afraid of developing tools or scripts in Bash or GO to automate work.
You can communicate in English (both spoken and written min. B2 level).
You know how to bring people on your side when talking about security and best practices.
Additional InformationLet’s talk money
- A salary adequate to your experience and skills. The range is broad so that we can accommodate our roles for all levels of experience, but we will show you the career ladder to explain where we see your skills and impact within the company. Your salary will be, now and always, 100% transparent to you;
- Flexible remuneration and benefits system via Flexoh, which includes: restaurant card, transportation card, kindergarten, and training tax savings;
- Share options plan after 6 months of working with us.
True flexibility and worklife balance
- Remote or hybrid work model with our hub in Barcelona;
- Flexible working hours (fully flexible, as in most cases you only have to be on a couple of meetings weekly);
- Summer intensive schedule during July and August (work 7 hours, finish earlier);
- 23 paid holidays, with exchangeable local bank holidays;
- Additional paid holiday on your birthday or work anniversary (you choose what you want to celebrate).
- Private healthcare plan with Adeslas for you and subsidized for your family (medical and dental);
- Access to hundreds of gyms for a symbolic fee in partnership for you and your family with Wellhub;
- Access to iFeel, a technological platform for mental wellness offering online psychological support and counseling.
Welcome to the good side of tech đź‘‹
You might have heard about us, but with a different name: Znanylekarz. It all started 10 years ago when we asked ourselves: is anyone in healthcare thinking about patients? We jumped in and we empowered patients by giving them access to leave and read reviews about their visit. We then provided doctors with the technology to manage bookings easily and save time, so they could devote themselves to what they always wanted: treating patients. And today is the day in which we ask you: wanna join us in the next step of making the healthcare experience more human?
Docplanner at scale
We are leaders in 13 countries so far, and more than 90 million patients trust us every month. 280.000 specialists believe in us and our product, and so do leading venture capital funds such as Point Nine Capital, Goldman Sachs Asset Management, and One Peak Partners. And yet, employing over 2.900 people all over the globe, we managed to keep the startup mindset we started with over 10 years ago.
How does Docplanner Tech fit here?
At Docplanner Tech we are a diverse group of ~325 people working in teams that include engineers, designers, product managers, data and research. We are responsible for building the product for all locations. Taking care about talent matters to us, thats why the engineering team has an amazing balance of new team members and people that have been in DP for years.
We could tell you about us, but we will let our reviews on Glassdoor speak for themselves. In case you’d like to see how it feels to be 100% yourself at work, here’s a video of us.
Job DescriptionThe Internal Platform is a pivotal foundation that accelerates product development by providing a reliable, scalable, and selfservice ecosystem. It supports the entire software lifecycle and is meticulously tailored to meet the organization’s technological needs and strategic direction.
The platform enables development teams to operate autonomously in 80% of cases, reducing dependency on the Internal Platform team, and ensuring that compliance, security, and business continuity are integrated across the entire platform defending general reliability of services, and data integrity.
Overall, a platform engineering team plays a critical role in ensuring a companys technology infrastructure is reliable and scalable.
The Internal Platform team consists of 34 people including 27 individual contributors 2 Staff Engineers, 4 Engineering Managers and Head of Internal Platform. The team is organized in a way to efficiently address Stakeholders needs.
What are the challenges in the team?
Platform Security is a team within the Internal Platform. The team is a first point of contact for the Global Security Team. The team is responsible for security and integrity of the underlying infrastructure that supports the organization, safeguarding the platform from potential vulnerabilities, threats, and attacks.
Developing and maintaining tools for Global Security in order to deliver vulnerability management platforms for application triaging and continuous compliance
The complexity of the Docplanner organization: Docplanner is a complex organization with multiple teams working on various products and services. One of the main challenges for the platform security engineer is to understand and integrate the diverse technology stacks used by different teams.
Scalability and reliability of systems: As Docplanner grows and expands, the demand for the technology infrastructure also increases. The platform engineering team must ensure that the systems are designed to handle high traffic, are scalable, and secure
Who will you work closely with?
Global Security – as the main external stakeholder for security initiatives. You’ll collaborate on platform compliance, risk management, and act as a technical point of contact during escalated incidents such as DDoS or abuse cases.
PMS (Practice Management Systems) teams – to audit existing systems, support secure migration to the central platform, and interpret global security and legal requirements in the context of PMS implementations.
Core Team within Internal Platform – by consulting on technical compliance, networking standards, and resolving misconfigurations or vulnerabilities detected across platform components.
Experience Teams – by providing guidance on infrastructurerelated application security topics, secure encryption practices, and collaborating on secure CSP integrations.
Legal – to ensure alignment with data protection regulations, encryption standards, and locality requirements. You’ll use their insights to assess and improve the security posture of the platform.
How would you be impacting our mission?
Making sure that our platform is compliant with the best industry practices and standards for security (ISO27001, C5, SOC2)
Help us to introduce security on every step of our platform lifecycle
Ability to vigilantly understand and mitigate security threats before they arise
Optimize system scalability and cost efficiency
Development, monitoring, and maintenance of Kubernetes clusters on several continents.
CI CD development and maintenance.
Make sure that all of our services are deployed in a way that makes them highly available.
Fixing urgent issues and optimizing performance.
Support other team members in their daily work.
QualificationsWhat will help you thrive?
At least 5 years of experience related with security
Vast experience with container orchestration platforms like Kubernetes and how to secure them (musthave).
You know how to maintain, develop policy for securityfocused CNIService Mesh (eg. Calico, Cilium).
You know how to scan for and manage vulnerabilities at scale.
You have experience with Hashicorp Vault.
You know why and how to use Terraform and popular CICD tools.
You know about building scalable and secure production HA environments using AWS.
You know your ways around network security services eg. AWS WAFCloudflare.
You are not afraid of developing tools or scripts in Bash or GO to automate work.
You can communicate in English (both spoken and written min. B2 level).
You know how to bring people on your side when talking about security and best practices.
Additional InformationLet’s talk money
- A salary adequate to your experience and skills. The range is broad so that we can accommodate our roles for all levels of experience, but we will show you the career ladder to explain where we see your skills and impact within the company. Your salary will be, now and always, 100% transparent to you;
- Flexible remuneration and benefits system via Flexoh, which includes: restaurant card, transportation card, kindergarten, and training tax savings;
- Share options plan after 6 months of working with us.
True flexibility and worklife balance
- Remote or hybrid work model with our hub in Barcelona;
- Flexible working hours (fully flexible, as in most cases you only have to be on a couple of meetings weekly);
- Summer intensive schedule during July and August (work 7 hours, finish earlier);
- 23 paid holidays, with exchangeable local bank holidays;
- Additional paid holiday on your birthday or work anniversary (you choose what you want to celebrate).
- Private healthcare plan with Adeslas for you and subsidized for your family (medical and dental);
- Access to hundreds of gyms for a symbolic fee in partnership for you and your family with Wellhub;
- Access to iFeel, a technological platform for mental wellness offering online psychological support and counseling.
The Internal Platform is a pivotal foundation that accelerates product development by providing a reliable, scalable, and selfservice ecosystem. It supports the entire software lifecycle and is meticulously tailored to meet the organization’s technological needs and strategic direction.
The platform enables development teams to operate autonomously in 80% of cases, reducing dependency on the Internal Platform team, and ensuring that compliance, security, and business continuity are integrated across the entire platform defending general reliability of services, and data integrity.
Overall, a platform engineering team plays a critical role in ensuring a companys technology infrastructure is reliable and scalable.
The Internal Platform team consists of 34 people including 27 individual contributors 2 Staff Engineers, 4 Engineering Managers and Head of Internal Platform. The team is organized in a way to efficiently address Stakeholders needs.
What are the challenges in the team?
Platform Security is a team within the Internal Platform. The team is a first point of contact for the Global Security Team. The team is responsible for security and integrity of the underlying infrastructure that supports the organization, safeguarding the platform from potential vulnerabilities, threats, and attacks.
Developing and maintaining tools for Global Security in order to deliver vulnerability management platforms for application triaging and continuous compliance
The complexity of the Docplanner organization: Docplanner is a complex organization with multiple teams working on various products and services. One of the main challenges for the platform security engineer is to understand and integrate the diverse technology stacks used by different teams.
Scalability and reliability of systems: As Docplanner grows and expands, the demand for the technology infrastructure also increases. The platform engineering team must ensure that the systems are designed to handle high traffic, are scalable, and secure
Making sure that our platform is compliant with the best industry practices and standards for security (ISO27001, C5, SOC2)
Help us to introduce security on every step of our platform lifecycle
Ability to vigilantly understand and mitigate security threats before they arise
Optimize system scalability and cost efficiency
Development, monitoring, and maintenance of Kubernetes clusters on several continents.
CI CD development and maintenance.
Make sure that all of our services are deployed in a way that makes them highly available.
Fixing urgent issues and optimizing performance.
Support other team members in their daily work.
At least 5 years of experience related with security
Vast experience with container orchestration platforms like Kubernetes and how to secure them (musthave).
You know how to maintain, develop policy for securityfocused CNIService Mesh (eg. Calico, Cilium).
You know how to scan for and manage vulnerabilities at scale.
You have experience with Hashicorp Vault.
You know why and how to use Terraform and popular CICD tools.
You know about building scalable and secure production HA environments using AWS.
You know your ways around network security services eg. AWS WAFCloudflare.
You are not afraid of developing tools or scripts in Bash or GO to automate work.
You can communicate in English (both spoken and written min. B2 level).
You know how to bring people on your side when talking about security and best practices.
- A salary adequate to your experience and skills. The range is broad so that we can accommodate our roles for all levels of experience, but we will show you the career ladder to explain where we see your skills and impact within the company. Your salary will be, now and always, 100% transparent to you;
- Flexible remuneration and benefits system via Flexoh, which includes: restaurant card, transportation card, kindergarten, and training tax savings;
- Share options plan after 6 months of working with us.
- Remote or hybrid work model with our hub in Barcelona;
- Flexible working hours (fully flexible, as in most cases you only have to be on a couple of meetings weekly);
- Summer intensive schedule during July and August (work 7 hours, finish earlier);
- 23 paid holidays, with exchangeable local bank holidays;
- Additional paid holiday on your birthday or work anniversary (you choose what you want to celebrate).
- Private healthcare plan with Adeslas for you and subsidized for your family (medical and dental);
- Access to hundreds of gyms for a symbolic fee in partnership for you and your family with Wellhub;
- Access to iFeel, a technological platform for mental wellness offering online psychological support and counseling.
True flexibility and worklife balance
Additional Information
Let’s talk money
Qualifications
What will help you thrive?
Who will you work closely with?
Global Security – as the main external stakeholder for security initiatives. You’ll collaborate on platform compliance, risk management, and act as a technical point of contact during escalated incidents such as DDoS or abuse cases.
PMS (Practice Management Systems) teams – to audit existing systems, support secure migration to the central platform, and interpret global security and legal requirements in the context of PMS implementations.
Core Team within Internal Platform – by consulting on technical compliance, networking standards, and resolving misconfigurations or vulnerabilities detected across platform components.
Experience Teams – by providing guidance on infrastructurerelated application security topics, secure encryption practices, and collaborating on secure CSP integrations.
Legal – to ensure alignment with data protection regulations, encryption standards, and locality requirements. You’ll use their insights to assess and improve the security posture of the platform.How would you be impacting our mission?
Required profile
Experience
Other Skills
- Collaboration
- Communication
Security Engineer Related jobs
Satellite Innovations
- From: Belarus (Full Remote)
- Full time
Hostaway
- From: Brazil (Full Remote)
- Full time
Concentrix
- From: Egypt (Full Remote)
- Full time
Logicalis Spain
- From: Spain (Full Remote)
- Full time
Concentrix
- From: United States (Full Remote)
- Full time