We are currently looking for a Head of Information Security who is passionate about what he/she does and is ready to share his/her experience and drive with the team that creates #1 mobile apps in the world in the Health&Fitness category.

Here at Welltech we create mobile applications for the Health & Fitness category. The company is currently in the world’s TOP3 (H&F) in terms of sales revenue.

Grow with us:
• 4+ years on the global market
• 400+ professionals (over the past year we have grown 2 times 😱)
• 5+ apps
• 200M+ downloads
• Our applications are sold all over the world with a focus on the USA, Latin America, Europe, and we are actively entering the Asian markets

Challenges you'll meet:
• Participate in product development as key stakeholder responsible for security requirements and management
• Develop, implement and maintain security regulations (policies and standards) according to established security framework (e.g. CIS Controls v8, CSA Cloud Controls, ISO 27001, SOC2, etc.)
• Cooperate with delivery team to implement security regulations and procedures
• Conduct security risk assessments and compliance checks to identify the effectiveness of controls and the derived risk status within the Company
• Threat modeling
• Analyze and evaluate risks of security relevant changes as well as identify vulnerabilities / security risks and draw up proposals for improvements and/or initiate countermeasures
• Research, evaluate and recommend evolving Information & Cyber Security technologies
• Foster a culture that promotes Information & Cyber Security within the Company and act as a bridge builder in areas of conflicts
• Maintain relationships with key partners within the business units
• Building security awareness and partnership with the management team
• Monitoring of software updates to the latest versions
• Regular penetration and vulnerability tests, including those involving external contractors
• Data leak prevention implementation
• Incident handling process implementation

Goals for 6 months:
• Develop a plan and launch the implementation of an information security system based for example on the selected Security Framework: CIS Controls v8, CSA Cloud Controls or SOC2:
Launch plan developed and approved
The company's key risks assessed
Risk treatment plan developed and agreed upon

• Develop and launch an employee safety rule training process, establish a mechanism for monitoring their knowledge on the subject:
Training program developed and agreed upon
Webinars covering all necessary security domains based on risk assessment results

• Ensure the implementation of a quality Access Management process and technical solution for all employees of the company:
Access Management platform launched

• Implementation of MDM management system (+EDR part) together with IT team:
MDM management system (+EDR part) launched

• Implementation of Security information and event management / Monitoring system & Incident Handling Process:
Monitoring system & Incident Handling Process launched

Your professional qualities:
• Expert knowledge and experience in Information Security with regards to concepts, methodologies, technologies and products
• Have a degree in Security/Engineering, Computer science
• Expert knowledge in technical Information security architecture
• Expert knowledge in security in Web-technologies (e.g. Application Security, API-Security, Mobile Security)
• Practical experience in IT Security area in large enterprises (IT product companies - will be preferred)
• Good command of written and spoken English (upper-intermediate or above)
• Security certifications (e.g. CEH, ECSA/LPT, CISP, CCSP…) are an asset
• 5+ years of IT security experience - executive role
• Knowledge of the principles, methods, and technologies of IT and information security, including existing types of vulnerabilities and threats
• Extensive knowledge of IT and enterprise architecture (TCP/IP network stack and related protocols/technologies (firewall, proxy, etc.)
• Expirience with successful implementation of Vulnerability Management & Application Security processes, Risk Assessment Process, Monitoring and Incident Handling processes, Access Management Process and etc.

Nice to have:
• CISM, CISA, CISSP, CCSP or ISO 27001 certifications
• Experience in training for developers

In our team we value:
• Sociability. Openness to communication, ability to formulate tasks clearly and concisely (written and verbal formats).
• Results orientation, flexibility. Willingness to go beyond the set tasks without limiting the areas of responsibility, as well as bring your tasks in line with the team and company global goals, implement the necessary changes, respond to changes.
• Responsibility. Attention to detail, autonomy, willingness to take on obligations and comply with agreements.
• Proactivity. The ability to set goals and achieve them. Creating opportunities without waiting for them to appear.
• Orientation to development and self-learning, interest in new technologies. A constant desire to learn and develop your skills, gain new experience.

For your success we offer:
• Flexible start: the day can start from 8:00 to 11:00, focusing on personal preferences and team meetings
• Social guarantees: timely compensation, paid day-offs, and paid sick leave
• Individual budget for training/courses
• Free use of our mobile apps (yoga, running, fitness, etc.)
• Endless opportunities for professional and personal growth
• Strong team of professionals, sharing experience and knowledge

Check out some of our products:
Muscle Booster — https://musclebooster.fitness/
Yoga-Go — https://yoga-go.fit/
FitCoach — https://fitcoach.fit/
WalkFit — https://walkfit.pro/
Omo - https://bit.ly/OMOio

Candidate journey: ⭕️ Intro call --- ⭕️ Interview --- ⭕️ Final interview

In our team, you'll find an opportunity to develop and implement your ideas, as well as to make the world a better place.

About Welltech

Welltech is about creating mobile applications that improve the Health of Millions of People around the World.

We currently have 400+ people in our team 😊
The main distinguishing feature of our people is their desire to constantly grow, develop and learn new things.

Why do people like to work at Welltech?
• We work on creating and developing our own projects. There is no outsourcing.
• The company values the initiative of its workers and their ability to work independently.
• The ideas and suggestions of everyone are heard, and good ideas are quickly implemented and tested out.
• Clearly stated goals and priorities help workers focus on important tasks and organize their work properly.
• Weekly meetings with managers give employees the opportunity to get feedback about their work and understand how to achieve the best results.

About our technologies.

Swift, SwiftUI, Combine, MVVM, Dependency Injection, UIKit, Autolayout, REST API, Alamofire, In-App Purchases, Local and Remote notifications, Core Data, Realm, Fastlane, Frameworks management (Cocoapods, SPM), Code generation (Sourcery), HealthKit, Tuist, async/await.

Kotlin, Kotlin coroutines, Flow, Android Jetpack (Arch components, Compose, Navigation, Room, Hilt), MVVM, Dependency Injection, REST API, Push Notifications, Crashlytics, Play Billing.
We use Python3, JS, TypeScript, React JS, Redux, Redux Saga, Router, Sentry, SQL/NoSQL, PostgreSQL, SQLAlchemy, SAM, MongoDB, Redis, AWS services (Lambda/API Gateway/SQS/SES/CloudFormation/CloudWatch/Cognito), Docker, Kubernetes.
The company has successfully implemented CI on all projects.

Welltech is a data-driven company. The analytics department uses different tools.
Data storage: Amazon redshift + Spectrum
Data processing — R, Python
BI — Data studio, Tableau
Data sources — platform APIs, incoming data streams

Our Expertise

Discover more about our working cases and approaches:
dou.ua/forums/topic/35145/ — Решаем стандартные задачи с Result API на примере смены аватарки
dou.ua/forums/topic/35690/ — Разрабатываем и отлаживаем serverless-приложения на AWS Lambda локально
dou.ua/forums/topic/35822/ — In-app платежи в iOS. Что нового принес StoreKit2

Press about us:
ain.ua/special/amazing-apps-improving-the-health/ — Створюємо застосунки, які покращують здоров’я мільйонів людей

🤝 What we offer
• Flexible start: the day can start from 8:00 to 11:00, focusing on personal preferences and team meetings
• Social guarantees: timely compensation, paid day-offs, and paid sick leave
• Individual budget for training/courses
• Free use of our mobile apps (yoga, running, fitness, etc.)
• Endless opportunities for professional and personal growth
• Strong team of professionals, sharing experience and knowledge

Company website:

DOU company page:

Job posted on 21 June 2022
18 views    3 applications

To apply for this and other jobs on Djinni login or signup.
  • home_work Office/Remote of your choice
  • shopping_basket Product