Lead Security Engineer

Who Are We?

Welltech is a global wellness technology company with Ukrainian roots. Our mission is to build and scale wellness apps globally through state-of-the-art, tech-driven performance marketing.

We are one of the most established players in the wellness app space, and we are accelerating. Over 25.5 million people across the world use our apps — Muscle Booster, Yoga-Go, and WalkFit — to build healthier habits, move more, and feel better every day. Every subscription represents a real person making a real change in their life, and we take that seriously.

With 500+ people across hubs in Cyprus, Ukraine, Poland, Spain, and the UK, we combine the scale of a market leader and the drive of a team that's just getting started.

What We're Looking For

Welltech’s success and constant growth is increasingly introducing new challenges to the security of our products. We are looking for a dedicated and experienced Senior/Staff Security Engineer to lead our security initiatives and drive our security strategy forward.

Responsibilities:

• Security Strategy Development: Design and implement mid and long-term security strategies, aligning them with business goals and technology roadmaps to ensure robust protection of digital assets. Collaborate across functions to integrate security practices into the broader organizational strategy.
• Risk Management: Identify, assess, and manage security risks, developing strategies to mitigate potential threats and vulnerabilities. Communicate risks and recommendations to senior leadership.
• Security Observability: Lead the transition from managed detection and response services to an in-house capability, ensuring seamless operational change and continuity. Develop and implement security monitoring and alerting strategies using Datadog and PagerDuty.
• Incident Response: Establish and manage an on-call incident response protocol to ensure swift and effective response to security incidents.
• Data Security Innovation: Partner with the Privacy team to establish foundational data security practices and policies, driving data security initiatives that comply with international industry standards and regulations.

• Certification & Compliance: Provide hands-on expertise to achieve and maintain PCI DSS certification. Ensure that security standards comply with industry regulations and best practices.

   

Requirements:

• Experience:
  • A minimum of 5 years in Security Engineering roles.
  • Demonstrated ability to lead large scale security projects and initiatives effectively.
  • Proven track record in implementing data security initiatives that meet industry standards.
  • Hands-on incident response experience with a track record of managing and mitigating security incidents effectively.
  • Experience with regulatory compliance standards and frameworks such as GDPR, PCI-DSS, or ISO 27001.
• Technical Skills:
  • Strong coding skills, with a focus on security-focused development.
  • Proven proficiency in utilizing Datadog and PagerDuty for detection and response operations.
  • Deep understanding of AWS security frameworks, practices, and tools to protect cloud-hosted environments.
• Soft Skills:
  • Strong communication skills with the ability to articulate complex security issues to technical and non-technical audiences.