Company
Founded in 2018 by CPAs, tax attorneys, and software developers, Taxbit is creating an entirely new category to enable widespread compliant adoption of digital assets for the global economy. Taxbit’s Software-as-a-Service (SaaS) platform streamlines and automates customers’ tax reporting and accounting activities for digital assets.
Trusted by leading crypto, tech, and traditional enterprises, Big 4 accounting firms, and government agencies (including the IRS), Taxbit solves compliance challenges at scale amidst an ever-evolving regulatory landscape. Taxbit is backed by leading Silicon Valley VCs with teams located in New York City, San Francisco, Seattle, Salt Lake City, and Europe.
Opportunity for Impact
Taxbit is seeking a Cloud Security Engineer to be a critical partner in securing and scaling our cloud infrastructure. This role combines hands-on security engineering with close collaboration across engineering, product, and customer-facing teams—ideal for someone who thrives at the intersection of security, software, and real-world impact. You will work directly with engineering teams to design secure AWS architectures, build scalable security tooling, and embed security into the development lifecycle. You will act as a trusted advisor, helping teams navigate challenges from infrastructure hardening to application security and threat modeling. You will also build and evolve core security capabilities, including cloud-native security systems, automated detection and response, and scalable platform improvements that strengthen our overall security posture.
We welcome individuals who are humble, hungry, and excited to tackle some of the industry's biggest challenges at the intersection of cloud infrastructure and security!
This role is based in Madrid. Candidates must be legally authorized to work in Spain or another European Union country without company-sponsored visa support (e.g., holders of a valid Residency and Work Visa or Permanent Resident status).
Role and Responsibilities
Security Engineering
- Partner closely with engineering teams to design secure, scalable AWS architectures and services.
- Work directly with customers and internal stakeholders on real-world deployment scenarios across AWS and other cloud environments, designing and implementing secure solutions tailored to their infrastructure.
- Act as a trusted security advisor throughout the software development lifecycle—from design to deployment.
- Lead threat modeling exercises for applications and infrastructure, identifying risks and driving mitigation strategies.
- Collaborate with developers to implement secure coding practices and application security controls.
- Design, build, and operate cloud-native security infrastructure across AWS environments.
- Develop automated security controls, detection mechanisms, and response capabilities.
- Build and maintain Infrastructure-as-Code (Terraform or AWS CDK) to enforce secure configurations at scale.
- Define and implement systems that generate high-quality security signals for threat detection and response.
- Own security problems end-to-end, from identifying gaps to delivering production-ready solutions.
- Contribute to DevSecOps practices by integrating security into CI/CD pipelines and developer workflows.
- Continuously improve security standards, engineering practices, and system reliability.
Security Strategy & Enablement
- Serve as the voice of security across engineering, translating risks into actionable engineering work.
- Drive improvements in cloud security posture, including identity, network, and data protection.
- Educate and mentor engineers on secure design principles, threat modeling, and cloud security best practices.
- Help shape the security roadmap by leveraging insights from real-world engineering challenges.
Professional Qualifications
- 5+ years of professional experience in software engineering or security engineering.
- Strong programming skills, with proficiency in Python.
- Hands-on experience with AWS cloud infrastructure and security.
- Experience with Infrastructure-as-Code (Terraform, AWS CDK, or similar).
- Proven experience conducting threat modeling and working on application security.
- Experience implementing DevSecOps practices and securing CI/CD pipelines.
- Strong analytical and problem-solving skills.
- Ability to work autonomously in a fast-paced, distributed environment with minimal supervision.
- Comfortable working independently across time zones, with the majority of the team based in the United States.
- Bachelor’s degree in Computer Science or equivalent.
Technical Qualifications
- Deep experience with AWS services (IAM, VPC, EC2, S3, Lambda, etc.).
- Experience building security tooling, automation, and detection systems.
- Familiarity with logging, monitoring, and security analytics platforms.
- Experience designing secure distributed systems and APIs.
- Knowledge of modern application security practices.
Personal Characteristics
- Passionate about building secure systems and solving complex problems.
- Strong sense of ownership and accountability.
- Comfortable collaborating across teams.
- Thrives in an agile, fast-paced environment.
- Enjoys mentoring others.
