Senior DevSecOps Engineer (Spain)
ExternalPrepare for this interview
EliteAI-generated questions, company research, and talking points tailored to this role
About the role
About CrossmintGlobal financial rails are undergoing a once-in-a-generation transformation. Instant settlement. Programmable. Agent-first. Crossmint is the infrastructure helping companies build for that future.We are the leading all-in-one stablecoin and wallet infrastructure platform, enabling fintechs, enterprises, and agentic platforms to integrate stablecoin rails with speed, compliance, and scale. Crossmint provides everything enterprises need to ship smart financial rails, including smart wallets, cross-chain stablecoin orchestration, on/offramps, token checkout, and more, all through a single developer-friendly API.Trusted by more than 40,000 clients including global leaders like MoneyGram, Western Union, and Paga to nation states like the Marshall Islands, Crossmint powers stablecoin flows that move billions from cross-border remittances, global payroll, to the world s first digital UBI program.MiCA-authorized, PSD2-licensed, and SOC2 Type II certified, Crossmint serves 150+ countries globally across 50+ blockchains. Backed by Ribbit Capital, Franklin Templeton, NYCA, First Round, and Lightspeed Faction.We re building the infrastructure for the era of programmable finance. Join us!LocationWe have offices in Madrid, and we are also open to a full remote setting from Spain.Type of employmentFull-timeSeniority6-8 years of experience as a security engineer, with a clear security-first background.CompensationBase salary range: 85,000 - 110,000 EURNote: This range reflects base salary only. Final level and compensation are determined during the interview process based on experience and fit. Stock options are part of every full-time offer, granted on top of the base salary range above. We want everyone here to be a genuine stakeholder in what we re building. We conduct two performance reviews annually. The first addresses performance ratings, bonuses, and promotions. The second encompasses these elements along with salary adjustments reflecting inflation and market conditions. About The RoleWe are looking for a Senior DevSecOps Engineer to own the operational execution of security at Crossmint. Security is your core discipline. Cloud infrastructure and IT are the environments you secure, and you will work alongside the teams that operate them, but you are here first and foremost as a security practitioner.You will be the hands-on owner of our day-to-day security posture: cloud environments, developer pipelines, application security, vulnerability management, and compliance operations. You will partner regularly with Engineering and IT & Infrastructure, contributing security expertise into their work rather than running their functions. This is not a generalist infrastructure role with security responsibilities bolted on.ResponsibilitiesCloud and Infrastructure Security Own security across our AWS environments (primary), with additional exposure to GCP and Vercel: IAM, Security Hub, CloudTrail, GuardDuty, KMS, and related controls. Design, maintain, and monitor security controls across cloud infrastructure: logging pipelines, alerting thresholds, key management, and privileged access workflows. Manage security-relevant access controls across cloud environments and internal systems, including service accounts, credential rotation, and periodic access reviews. Provide security input to IT & Infrastructure on network segmentation, endpoint security baselines, and cross-system access policies, without owning those systems yourself. Application and Developer Security Secure our CI/CD pipelines and GitHub Actions environments: secrets management, supply chain risk, and dependency vulnerability workflows. Perform secure code reviews and provide hands-on application security support to engineering teams. Review authentication flows, payment logic, and API security with human judgment, not just automated scanners. Partner with engineers to remediate vulnerabilities and embed security practices into the development lifecycle. Vulnerability and Incident Management Own vulnerability management end-to-end: identification, prioritization, remediation tracking, and verification. Coordinate our external security review program with third-party audit and penetration testing firms. Support incident response through internal triage and investigation, working alongside our external 24/7 response partners. Compliance and Audit Support Support SOC 2 and other compliance efforts by collecting evidence, documenting controls, and maintaining audit-ready processes for engineering and security-related controls. Contribute to DORA compliance initiatives where applicable. Maintain clear, auditable documentation of security processes to support audit cycles and long-term knowledge transfer. About YouMust Haves 4-8 years of experience as a security engineer, with a clear security-first background rather than a generalist infrastructure background. 3+ years of hands-on experience securing AWS environments: IAM, Security Hub, CloudTrail,
Your Match
How well this role fits your profile.
Company Intel
What employees say
Worked at Crossmint? Share your experience