Senior Cloud Security Engineer Lisboa

1GLOBAL Overview

1GLOBAL is a technology‑driven global mobile communications provider dedicated to empowering enterprises worldwide to unlock the full growth potential of mobile connectivity. With a best‑in‑class telecom technology platform, a comprehensive suite of globally viable regulatory licenses, and privileged access to the telecom wholesale market, 1GLOBAL connects over 43 million devices globally. Founded in 2022 by Hakan Koç and Pyrros Koussios, it operates as a fully regulated Mobile Virtual Network Operator in ten countries and a regulated telecommunications operator in an additional 31 countries. Headquartered in the Netherlands with R&D hubs in Lisbon, Berlin and São Paulo, it employs over 450 experts across 15 countries.

Position Overview

We are looking for a talented Senior Dev
Sec
Ops / Cloud Security Engineer to join our Technology Department, with a focus on strengthening and automating our security posture across cloud and hybrid infrastructure.

As a Dev
Sec
Ops / Cloud Security Engineer, you will be responsible for embedding security into every stage of our infrastructure lifecycle, from design to deployment. You will lead the implementation of cloud‑native security controls in AWS, harden Kubernetes environments and drive best practices across CI/CD pipelines. Your role includes continuous vulnerability management, network protection, monitoring for threats and working with development, Dev
Ops and IP teams to ensure secure‑by‑default practices. You’ll also proactively identify risks, secure network perimeters and automate remediation wherever possible.

Key Responsibilities

• Design and implement scalable cloud security controls in AWS multi‑account environments
• Lead Kubernetes security architecture, including Pod
  Security, RBAC and network policies
• Enforce zero trust network architecture and secure segmentation across cloud and hybrid environments
• Integrate security automation into CI/CD pipelines (image scanning, SAST, Ia
  C analysis)
• Deploy and manage Crowd
  Strike, Tenable and similar endpoint and vulnerability management tools
• Continuously monitor infrastructure for vulnerabilities, threats and misconfigurations
• Enforce least privilege IAM policies and secure secrets management
• Conduct regular audits, penetration testing and hardening of cloud workloads and host systems
• Conduct network traffic inspection using tools such as VPC Flow Logs, packet capture or Net
  Flow
• Collaborate with Dev
  Ops and IP teams on security‑as‑code principles
• Maintain compliance with internal policies and external standards (CIS, NIST, ISO 27001)
• Tune and respond to alerts from WAF, IDS/IPS and SIEM systems
• Document security controls, incident‑response playbooks and operational runbooks
• Champion a security‑first culture through collaboration, training and awareness

Requirements

• Minimum of 5 years in Dev
  Sec
  Ops, Cloud Security or Infrastructure Security roles
• Strong expertise in AWS security services (IAM, KMS, Guard
  Duty, Config, Security Hub, etc. )
• In‑depth understanding of network security principles (firewalls, routing, segmentation, VPNs, IPsec, etc. )
• Hands‑on experience with Kubernetes security (RBAC, Network
  Policies, OPA/Gatekeeper, Admission Controllers)
• Experience operating Crowd
  Strike Falcon and Tenable Nessus/Tenable. io
• Experience with WAFs, DDo
  S protection, NIDS/NIPS and threat intelligence integrations
• Comfortable with packet inspection, flow analysis and traffic monitoring (tcpdump, Wireshark, Suricata, etc. )
• Proficiency in Infrastructure as Code (Terraform, Terragrunt) and configuration management (Ansible, Packer)
• Strong scripting/programming skills (Python, Go or Bash) for automation
• Solid understanding of Linux security hardening and secure cloud networking
• Familiarity with service mesh security (Istio or similar)
• Experience with Git
  Ops workflows using Argo CD or Flux
• Knowledge of vulnerability management, SSDLC and container security controls
• Exposure to compliance frameworks (ISO 27001, SOC 2, NIST, PCI‑DSS) is a plus
• Excellent analytical and problem‑solving skills with a proactive mindset
• Certifications such as AWS Certified Security Specialty, CKS, OSCP or CISSP are a plus
• Experience with multi‑cloud security (Azure or GCP)
• Background in ethical hacking, bug bounty programs or red teaming
• Familiarity with tools like Falco, Sysdig, Trivy or e
  BPF‑based runtime security tools

Benefits

• Growth Opportunities:Advance your career in a company growing over 100% year‑on‑year.
• Major Transaction Exposure:Be part of high‑impact transactions that shape the telco industry.
• Work with a Talented Team:Collaborate with senior leadership and external advisors.
• Dynamic Work Environment:Fast‑paced, innovative workplace where every contribution matters.
• Professional Development:Learn from industry experts in cutting‑edge security.
• International Experience:Opportunities to work across global offices.
• Open Communication Culture:Ideas are heard and collaboration is encouraged.
• Results‑Driven Mindset:Focus on efficient, impactful outcomes.

Equal Opportunity Employer

1GLOBAL is an equal‑opportunity employer. We value your character as much as your talent. Diversity drives our innovation, and we offer a collaborative, dynamic, and international work environment.

Seniority Level

Mid‑Senior level

Employment Type

Full‑time

Job Function

Non‑profit Organizations and Primary and Secondary Education