SecOps Engineer

We are looking for a DevOps Engineer to join our team!

Requirements:

- 3–4+ years of hands-on experience in information security, with a strong focus on network and cloud security.
 - Deep understanding of networking fundamentals: TCP/IP stack, routing (BGP/OSPF), VLANs, VPNs (IPsec, WireGuard, OpenVPN), firewalls (NGFW, IPS/IDS).
 - Proven experience with multi-cloud environments: AWS (VPC, Security Groups, NACLs, Network Firewall), GCP (VPC, Cloud Armor), OpenStack (Neutron networking, security groups).
 - Hands-on experience configuring and managing WAF solutions (Cloudflare WAF preferred: rule sets, whitelists/blacklists, rate limiting, bot mitigation, custom rules).
 - Knowledge of zero-trust principles, network micro-segmentation, and common network-level attacks (DDoS, MITM, ARP/DNS spoofing).
 - Strong Linux administration skills + scripting (Bash/Python) for operational tasks.
 - Experience with SIEM/log management tools (ELK Stack, Splunk, QRadar) for traffic/log analysis and event correlation.
Basic experience with Infrastructure as Code (Terraform) for provisioning secure cloud resources.

Will be plus:

- Hands-on experience securing Kubernetes clusters (EKS on AWS, GKE on GCP, or OpenStack-based Kubernetes): network policies, RBAC, secrets management, ingress security.
 - Deep expertise with Cloudflare (WAF, Zero Trust, Access, Workers) or similar (AWS WAF, GCP Cloud Armor, Akamai).
 - Relevant certifications: AWS Certified Security – Specialty, Google Professional Cloud Security Engineer, CCNP Security, CISSP, PCNSE.
 - Experience automating security tasks (Ansible for configuration management, Terraform modules for secure networking).
 - Familiarity with DevSecOps tools (Checkov for Terraform scanning, Trivy for containers, GitLab Security).
 - Prior work with OpenStack security components (Keystone, Barbican, Neutron extensions).

Soft Skills:

- Strong analytical thinking and ability to investigate complex incidents.
- High attention to detail (especially when tuning WAF rules, reviewing Terraform plans, or auditing cluster configs).
- Excellent communication skills — ability to explain technical concepts to non-technical stakeholders (developers, managers).
- Proactive mindset: identify risks in cloud/network setups and propose practical solutions.
- Comfortable with on-call rotations and handling operational incidents outside regular hours.

Responsibilities:
 - Design, implement, and maintain secure network and cloud architecture across AWS, GCP, and OpenStack.
 - Configure, tune, and monitor security tools: firewalls, WAF (especially Cloudflare — managing whitelists, rules, alerts), IPS/IDS.
 - Perform operational security tasks: traffic monitoring, anomaly detection, incident response, and network forensics.
 - Automate security configurations using IaC (Terraform for cloud resources and security policies; Ansible where applicable).
 - Secure and audit Kubernetes clusters (EKS/GKE): implement network policies, harden configurations, manage secrets.
 - Conduct regular audits of configurations (WAF whitelists, open ports, cloud security groups, OpenStack misconfigurations).
 - Review and audit Terraform code/modules for security best practices and compliance.
 - Collaborate with infrastructure, Dev, and platform teams to embed security into operations.
 - Develop and enforce zero-trust policies and network segmentation in multi-cloud environments.

Technical Stack:

 - Clouds: AWS (VPC, EKS, WAF, GuardDuty), GCP (VPC, GKE, Cloud Armor), OpenStack (Neutron, Magnum for Kubernetes).
 - Network/Security Tools: Cloudflare (WAF, Zero Trust), Palo Alto, Fortinet, Suricata, Zeek, Wireshark, tcpdump.
 - WAF & Protection: Cloudflare rule management (whitelists, rate limiting), AWS/GCP native WAF.
 - IaC & Automation: Terraform (AWS/GCP/OpenStack providers), Ansible.
 - Containers/Orchestration: Kubernetes (EKS/GKE), Helm, Cilium/Calico for advanced networking.
 - Monitoring & Logging: ELK Stack, Splunk, Prometheus/Grafana, NetFlow collectors.
 - Scripting: Python, Bash.

Our benefits to you:
☘️An exciting and challenging job in a fast-growing business group, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and more

🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed

🧑🏻‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided

🏖Paid vacations, sick leave, personal events days, days off

💵Referral program — enjoy cooperation with your colleagues and get the bonus

📚Educational programs: regular internal training sessions, compensation for external education, attendance of specialized global conferences

🎯Rewards program for mentoring and coaching colleagues

🗣Free internal English courses

✈️In-house Travel Service

🦄Multiple internal activities: online platform for employees with quests, gamification, presents and news, clubs for movie / book / pets lovers and more

🎳Other benefits could be added based on your location