Data Protection Cyber Security Senior Consultant

Senior IT Security Specialist

Barcelona (Hybrid) Negotiable + 10% Bonus + Car Allowance Benefits:

25 Days Annual Leave, Medical Insurance, Life Insurance, Meal Vouchers, Employee Assistance Programme, Flexible Working and Retirement Plan.

My client is the air transport industry's IT provider, delivering solutions for airlines, airports, aircraft, and governments. Their technology powers more seamless, safe, and sustainable air travel. They are looking to hire an experienced Senior IT Security Specialist on a permanent basis.

The Senior IT Security Specialist will strengthen our infrastructure and cloud environments, embed security controls into engineering workflows, and improve operational resilience. This role combines technical depth with a builder mindset—designing secure configurations, automating validation, leveraging AI-assisted security capabilities and supporting incident response. We value diverse perspectives and encourage applications from all qualified candidates, regardless of gender, background, age, disability, or neurodiversity.

Security Hardening and Compliance: Implement and maintain security baselines for Windows and Linux systems (e.g., Integrate security validation into CI/CD pipelines and Infrastructure‑as‑Code (IaC) workflows using tools such as Terraform and Ansible. • Cloud Security: Design and enforce governance policies in Azure. Improve cloud security posture through automation and policy‑as‑code. Leverage AI-assisted tools to improve vulnerability prioritization, alert triage, and security automation. • Platform and Network Security: Secure containerized environments (e.g., Kubernetes) with proper RBAC, network policies, and configuration controls. Incident Response: Use AI-driven analytics and enrichment tools to accelerate incident detection, investigation, and root-cause analysis. • Participate in initial triage and forensic analysis in identifying security related incident. Security Architecture and Solution validation: Analyse new security requirements and emerging technologies. Design and deploy proof‑of‑concept environments for security tools or architectures. Lead security hardening efforts across servers and network devices. • Support compliance initiatives (such as ISO 27001, GDPR, or NIST) by implementing and documenting security processes. • Review and enhance identity and access management (IAM), including MFA, privileged account management, and conditional access.

Practical exposure to security hardening, compliance support, and automation — not just theory. • security incidents, audit findings) and applying lessons learned to improve processes. • Strong knowledge of Windows and Linux security internals and hardening techniques. • Hands‑on experience with Azure security architecture, policy enforcement, and governance. • Practical skills in Kubernetes security and containerized workloads. • Familiarity with CI/CD security integration and IaC tools (Terraform, Ansible). • Ability to perform forensic analysis and support incident response workflows. • Ability to translate security requirements into actionable technical solutions. • Certifications such as AZ‑500 (Azure Security), CKS (Kubernetes Security Specialist), CISSP, or equivalent. • Exposure to AI-enabled security tools (e.g. Background in automating security controls and evidence collection for compliance audits.