Senior DevSecOps Engineer
FAVBET Tech develops software that is used by millions of players around the world for the international company FAVBET Entertainment.
We develop innovations in the field of gambling and betting through a complex multi-component platform which is capable to withstand enormous loads and provide a unique experience for players.
FAVBET Tech does not organize and conduct gambling on its platform. Its main focus is software development.
Main areas of work:
- Betting/Gambling Platform Software Development β software development that is easy to use and personalized for each customer.
- Highload Development β development of highly loaded services and systems.
- CRM System Development β development of a number of services to ensure a high level of customer service, effective engagement of new customers and retention of existing ones.
- Big Data β development of complex systems for processing and analysis of big data.
- Cloud Services β we use cloud technologies for scaling and business efficiency.
Responsibilities:
- Define information security requirements for developed or acquired software
- Test the implementation of security requirements, including compliance with security standards
- Ensure the security of CI/CD processes and Dev/Test environments
- Monitor and enhance the security posture (hardening) of deployed software (on-premise, SaaS, containers)
- Participate in web application penetration testing and collaborate with development teams, internal, and external auditors
- Implement, maintain, and improve security systems (including HashiCorp Boundary, HashiCorp Vault, Cisco Duo)
- Promote secure coding practices and develop training programs for developers
- Create regular reports and metrics to assess the security posture and effectiveness of implemented measures
Skills:
- At least 3 years of experience in application security or DevSecOps
- Deep understanding of application security principles, common vulnerabilities (OWASP Top 10), and the Secure Software Development Life Cycle (SSDLC)
- Understanding of CI/CD processes and build/release systems (e.g., GitLab CI)
- Strong knowledge of AWS, Kubernetes, containerized and microservices architectures, and their security tools
- Proficient in Linux
- Experience working with web servers
- Hands-on experience with infrastructure automation tools such as Terraform, Ansible, Helm, and ArgoCD
- Practical scripting skills (Python, Bash, and others)
- English level: B1 (Intermediate)
Preferred:
- Experience in DevSecOps environments
- Familiarity with SAST, DAST, or SCA tools
- Knowledge and hands-on experience implementing cloud security solutions, including WAF, DDoS protection, IDS/IPS
- Experience with PowerShell
- Ability to create and maintain technical documentation
We offer:
- 30 day off β we value rest and recreation;
- Medical insurance for employees and the possibility of training employees at the expense of the company and gym membership;
- Remote work or the opportunity β our own modern lofty office with spacious workplace, and brand-new work equipment (near Pochaina metro station);
- Flexible work schedule β we expect a full-time commitment but do not track your working hours;
- Flat hierarchy without micromanagement β our doors are open, and all teammates are approachable.
During the war, the company actively supports the Ministry of Digital Transformation of Ukraine in the initiative to deploy an IT army and has already organized its own cyber warfare unit, which makes a crushing blow to the enemyβs IT infrastructure 24/7, coordinates with other cyber volunteers and plans offensive actions on its IT front line.