Senior Security Engineer

  • Flexible

    Porto, Portugal

    Lisbon, Portugal

    Barcelona, Spain

    Madrid, Spain

  • 125632

  • Remote

  • Permanent

  • Full Time

  • 37.5-40hrs


TUI Group is the world’s number one integrated tourism business. Customer Domain is a global team within TUI technology responsible for all systems and platform relating to customer service and contact centre technology. We are a multi-disciplinary team of experts across Architecture, Engineering, DevOps and Agile Delivery providing services across the UK, Ireland, Sweden, Norway, Denmark, Finland, Germany, Belgium and The Netherlands. 

At TUI we’re ambitious to become the leader in technology within the travel industry and to achieve this we are looking to build a capable, creative team who want to be a part of accomplishing that goal. 

We never stop looking ahead, seeking new ways to delight our customers and grow our business. We recognise the power of digital and the massive contribution this brings to creating a truly unique and differentiated customer experience.  

We are looking for a talented and dedicated technical enthusiast to join our security team within the technology organisation which will help us continue to secure our systems and platforms and help guide the way with all future platform and product development with a security first mindset.  

A Security Engineer is a practitioner and an advocate of state-of-the-art secure coding, secure design and security automation practices with a broad toolkit of technologies and methods and with a strong DevSecOps mindset, being able to tackle the whole software development cycle of designing, building, testing and deploying applications. Working in an agile environment and keeping up with the ever-evolving technical landscape the Security Engineer is a lifelong learner and likes to think outside the box. 




As a Security Engineer, you will be part of a cross-functional team or a practice team that enables secure coding, secure design, and security automation skills and capabilities in domains. Being an enthusiast in information security, with a strong DevSecOps mindset, and thanks to your excellent collaboration skills you will support your team in delivering the best answers to our customers’ needs and in taking over full responsibility for its applications, from design to operation. 

You will use your deep technical skills to create software products that are secure by default and work collaboratively with software engineers, cloud engineers and architects to ensure information security is considered throughout the design and implementation of software products and services.  

You stay up to date with TUI group practices and foster a “security first” mindset. You work alongside engineering teams to understand the threat landscape, business requirements and to describe security risks and goals.  You provide your team with tooling and automation to identify possible threats and vulnerabilities before they are promoted to production, thereby helping to protect our customers’ data. You work hands-on and can tackle the whole cycle of designing, building, testing, and deploying software on AWS. 

You take an engineering approach to solving security problems, selecting the right tools for the right jobs and thus solving the given business and technical problems in an efficient way. You show a commercial mentality, focusing on solving business problems in the best way. 

You are able to verbalise your thoughts and ideas and take the initiative to translate ideas into outcomes. Together with the domain’s Practice teams as well as the Groups Enabler teams you also will research, evaluate and test new approaches, processes and tools and help teams to use them effectively. 

You love to work in an international, multi-cultural team. You challenge constructively and have high expectations of yourself and others. You always drive for technical excellence, ownership and self-organisation at team and personal level. You love to learn and acquire new skills and keep up to date with latest developments in your focus areas. 

Security is part of everyone’s job. At TUI, we practise secure behaviours first in everything we do. 




  • Deep experience in designing secure, highly available, distributed applications and in secure coding practices in an Amazon Web Services (AWS) environment. 
  • Familiar with information security standards & practices and their practical implications. 
  • Deep automation skills, hands-on with programming languages: Python, GoLang and Bash scripting. 
  • Good experience with CI/CD, preferably GitLab CI. 
  • Ability to design, build, test, and deploy applications on AWS, using Terraform. 
  • Customer-centric, passionate about delivering great digital products and services. 
  • Demonstrating true software craftsmanship mindset. 
  • Passionate about continuous improvement, collaboration and great teams.  
  • Strong problem-solving skills coupled with good communication skills.  
  • Understanding of social and ethical implications of software engineering. 
  • Open-minded, inquisitive, life-long learner.  
  • Comfortable with ambiguity, highly autonomous. 



  • Being a valuable team member of TUI, the No.1 global and socially aware travel company.
  • Competitive salary and benefits.
  • Smart working (Flexible hours) and possibility of working remotely up to 100% or Hybrid from one of our offices.
  • Develop yourself as part of a friendly, richly, diverse and virtual international team.

If you want to know more about why TUI Group is the world’s leading tourism group, and our continuing work in the diversity & inclusion space, simply visit