ARCHIVED
This job listing has been archived and is no longer accepting applications.
MisuJob - AI Job Search Platform MisuJob
Login Sign Up

Senior Security Engineer

Bsport

Location not specified Remote

Posted: March 2, 2026

Interested in this position?

Create a free account to apply with AI-powered matching

Register to Apply

Quick Summary

We're looking for a Senior Security Engineer to join our team and contribute to the development and deployment of our all-in-one platform which combines boutique fitness and advanced technology.

Required Skills

Security AWS IAM WAF Kubernetes Containers Authentication Email Security Vulnerability Management Secrets Detection

Job Description

We are bsport. The place to be!
bsport is an all-in-one platform combining boutique fitness and advanced technology. Our platform helps partners manage their bookings, payroll, marketing and more, to streamline operations and boost their commercial success.
Since we launched in 2019, we've achieved remarkable growth:
Built a community of over 10 million users
Closed a €30 million Series B in December 2024
Grown to over 200 employees across Europe
We're scaling rapidly to become the #1 tech partner for boutique studios in Europe and beyond. With this growth comes the critical need to strengthen our security posture, protect our users' data, and build a security-first culture across the organization.

The role: building Security from the ground up
We're looking for a hands-on Senior Security Engineer who will be the driving force behind bsport's security transformation. This is not a purely strategic role - you'll be rolling up your sleeves to implement security controls, respond to incidents, and build our security program from fundamentals.
We need someone who can immediately reduce our exposure to data leaks, phishing, and unauthorized access while building sustainable security practices that scale with our growth.
This role is critical because:
You'll directly protect ~10 million users' personal data
You'll enable our sales team to confidently answer security questionnaires as we pursue enterprise clients
You’ll work in the SRE team, with close collaboration with SWE teams and exposure to most if not all department leaders
You'll reduce business risk in a fast-scaling environment where security incidents can damage trust and revenue
What you'll do
️ Hands-on Security Engineering (60% of your time)
Immediate priorities (first 3-6 months):
Harden our AWS infrastructure and application security
Audit and improve IAM configurations and policies
Enhance WAF rules to block sophisticated attacks
Implement automated security scanning in CI/CD pipelines (SAST/DAST)
Work with the SRE team to secure our Kubernetes clusters and container images
Drive and maintain state-of-the-art security posture across backend, frontend, and user data management in collaboration with SWE teams, ensuring best-in-class protection for our systems and users.
Strengthen authentication infrastructure and identity management
Deploy and configure email security solutions within existing Google Workspace
Deploy and enforce strong authentication methods across the organization's applications and services (SSO, MFA)
Create automated alerting for suspicious behaviors patterns using Grafana/ELK
Establish vulnerability management
Set up automated vulnerability scanning for infrastructure and applications (leveraging open-source tools as much as possible)
Create a prioritised remediation workflow integrated with the engineering team's sprint cycles
Implement dependency scanning for our Python/Django backend and React frontend
Expand secrets detection coverage
Incident response and monitoring
Design and implement security alerting using our existing Grafana/ELK stack
Create runbooks for common security incidents (data leaks, phishing, unauthorized access)
Respond to security incidents and conduct post-incident reviews
Handle customer security inquiries and support sales with security questionnaires
Security Culture & Training (40% of your time)
Build security awareness across 200 employees:
Design and deliver security training programs
Create engaging, practical security training for all employees
Develop role-specific training (engineering, sales, customer success, operations)
Run simulated phishing campaigns and use results to improve training
Conduct quarterly security awareness sessions
Hardware and endpoint security management
Define and enforce security standards for employee devices (Mac, Linux, Windows)
Work with IT/HRs to ensure secure device provisioning using Primo
Implement endpoint protection and mobile device management policies
Create security baseline configurations for different roles
Manage device lifecycle security (onboarding, off-boarding, lost/stolen devices)
Security champion network
Identify and train security champions in each department
Create self-service security documentation and guidelines
Foster a culture where security is everyone's responsibility, not a blocker
Policy and governance
Develop pragmatic security policies that balance security with business needs
Create incident response procedures that the entire company understands
Establish a security review process for vendor and third-party tools
Maintain security documentation and update it as we scale
Who you are
Must-have experience
5+ years in security engineering, infrastructure security, or security software engineering roles
Strong hands-on experience with AWS or GCP security (IAM, security groups, WAF, etc.)
Deep understanding of application security (OWASP Top 10, secure coding, API security)
Experience building security programs from scratch in fast-growing startups or scale-ups
Proven track record in incident response and handling data breach scenarios
Good programming skills (at least one of Python, Typescript, Golang)
Experience with infrastructure security (Kubernetes, container security, IaC security)
Prior experience training employees on Security
Strong bonus points
Experience with GDPR compliance and data protection regulations
Background in penetration testing or offensive security
Familiarity with our tech stack (Django, React, PostgreSQL, Terraform)
Experience responding to security questionnaires for enterprise sales
SOC2 or ISO27001 implementation experience

Technical environment
AWS
Infrastructure as Code: Terraform, Helm
Container orchestration: Kubernetes, Docker
Monitoring: Grafana, ELK stack
Backend: Python Django, FastAPI, Celery
Frontend: React, TypeScript (mono-repos, module federation)
Databases: PostgreSQL, Redis, RabbitMQ, Kafka
CI/CD: GitLab CI, ArgoCD
Diversity is one of our most valuable assets, and we are committed to fostering an inclusive environment where everyone can contribute their best work. We welcome applicants from all backgrounds, identities, and experiences to help us build a more inclusive, equitable team.
If you’re excited about this role but don’t meet every qualification, we encourage you to apply-curiosity, adaptability, and a willingness to learn are just as important to us as specific skills.

What We Offer

We believe great work comes from happy, supported people-that’s why we offer meaningful perks designed to promote balance, growth, and connection.

Attractive compensation package
Competitive salary packages based on your experience and role.
Work-Life harmony
Hybrid model with remote days to support balance and flexibility.
Work from anywhere
Enjoy up to 15 days of remote work from abroad each year.
❤️ Private health insurance
We offer fully-funded Alan private health coverage so you can focus on what matters most.
Exclusive fitness perks
Stay active with a specially discounted DIR gym membership.
Diverse fun loving team
Multicultural colleagues, after-work events, team-building & more.


Departments
Software Engineering
Locations
Barcelona Tasso
Remote status
Hybrid
Employment type
Full-time

CONTACT

Franco de Udaeta
Senior Talent Acquisition Specialist – Transformation Office

Why Apply Through MisuJob?

AI-Powered Job Matching: MisuJob uses advanced artificial intelligence to analyze your skills, experience, and career goals. Our matching algorithm compares your profile against thousands of job requirements to find positions where you have the highest chance of success. This saves you hours of manual job searching and ensures you only see relevant opportunities.

One-Click Applications: Once you create your profile, applying to jobs is effortless. Your resume and cover letter are automatically tailored to highlight the most relevant experience for each position. You can apply to multiple jobs in minutes, not hours.

Career Intelligence: Beyond job matching, MisuJob provides valuable career insights. See how your skills compare to market demands, identify skill gaps to address, and understand salary benchmarks for your experience level. Make data-driven decisions about your career path.

Frequently Asked Questions

How do I apply for this position?

Click the "Register to Apply" button above to create a free MisuJob account. Once registered, you can apply with one click and track your application status in your dashboard.

Is MisuJob free for job seekers?

Yes, MisuJob is completely free for job seekers. Create your profile, get matched with jobs, and apply without any cost. We help you find your dream job without any hidden fees.

How does AI matching work?

Our AI analyzes your resume, skills, and experience to understand your professional profile. It then compares this against job requirements using natural language processing to calculate a match percentage. Higher matches mean better fit for the role.

Can I apply to jobs in other countries?

Absolutely. MisuJob features jobs from companies worldwide, including remote positions. Filter by location or look for remote opportunities to find jobs that match your preferences.

Ready to Apply?

Join thousands of job seekers using MisuJob's AI to find and apply to their dream jobs automatically.

Create Free Account Sign In
← Browse all jobs
Register to Apply