Jobs Security

We are looking for a Cybersecurity Testing Team Lead to join our team!  

Requirements: 
- 5+ years in offensive security/penetration testing
- 2+ years in a technical leadership role (team lead/principal/tech lead)
Hands-on experience with:
- Web, API, Mobile (iOS/Android) pentesting
- Secure code review (at least one backend language)
- Cloud & infrastructure security testing
- Proven experience working with product teams, not only 'report delivery' 

Will be plus: 
- Advanced Offense
- Red Team/Purple Team experience
- Adversary emulation (MITRE ATT&CK)
- Threat modeling from an attacker’s perspective
- Experience with exploit development or advanced bypass techniques

- Cloud & Platform Security
- AWS (Preferred)
- Kubernetes security testing
- CI/CD attack vectors
- Secrets, identity, and supply chain attacks

Responsibilities:  
Leadership and Team Management:
- Lead and grow the Offensive Security team (pentest/red team)
- Define roles, expectations, and competency levels
- Mentor team members and conduct technical reviews
- Own capacity planning and prioritization 

Offensive Security Operations:
- Own the pentest intake process (Jira-based)
- Ensure consistent coverage:
- Web/API/Mobile
- Cloud/Infra
- Enforce quality standards for test depth, reports, risk assessment, and retesting
- Findings & Risk Management 

Ensure:
- Findings are exploitable, reproducible, and actionable
- False positives are minimized
- Risk is clearly communicated

Our benefits to you:
☘️An exciting and challenging job in a fast-growing holding, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and more
🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed
🧑🏻‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided
🏖Paid vacations, sick leave, personal events days, days off
💵Referral program — enjoy cooperation with your colleagues and get the bonus
📚Educational programs: regular internal training sessions, compensation for external education, attendance of specialized global conferences
🎯Rewards program for mentoring and coaching colleagues
🗣Free internal English courses
✈️In-house Travel Service 
🦄Multiple internal activities: online platform for employees with quests, gamification, presents and news, clubs for movie / book / pets lovers and more
🎳Other benefits could be added based on your location 

Required hard skills
• Strong understanding of network security (LAN, WAN, VPN, firewalls, IDS/IPS, proxies)
• Experience securing infrastructure (on-prem, cloud, hybrid environments)
• Knowledge of Zero Trust and least-privilege access models
• Experience with endpoint security (EDR, antivirus, disk encryption)
• OS security knowledge: Windows, macOS, Linux
• Experience with monitoring and logging systems (endpoints, servers, network traffic)
• Understanding of authentication, authorization, IAM
• Experience with security hardening and patch management
• Familiarity with security awareness and training platforms
• Basic scripting skills (Bash, PowerShell, Python)
• Understanding of networking protocols (TCP/IP, DNS, HTTP/S)
Required soft skills
• Ability to explain security concepts to non-technical users
• Strong communication and presentation skills
• Proactive and security-first mindset
• High attention to detail
• Ability to influence user behavior and promote security culture

Responsibilities:

• Design and maintain secure network and infrastructure architecture
• Configure and manage firewalls, VPNs, access controls, and network segmentation
• Secure servers, cloud resources, containers, and virtual machines
• Secure employee workstations and enforce security baselines
• Monitor endpoints and infrastructure for suspicious activity
• Collect, analyze, and correlate security logs
• Detect, investigate, and respond to security incidents
• Perform vulnerability analysis, risk assessment, and remediation
• Conduct system and network hardening
• Develop and deliver internal security trainings and awareness sessions
• Manage and maintain security training platforms and learning content
• Organize phishing simulations and awareness campaigns
• Collaborate with IT, DevOps, Infrastructure, and HR teams
• Complete and review clients security questionnaires and security assessment forms to demonstrate the company’s security posture
• Participate in security and compliance calls with client information security specialists and stakeholders

Monitoring & Incident Response
• Set up and maintain security monitoring and alerting
• Investigate anomalies and security incidents
• Perform root-cause analysis and post-incident reviews
• Improve detection, response, and prevention processes

Security Awareness & Training
• Plan and deliver security awareness programs
• Manage training platforms and user enrollment
• Track training completion and effectiveness
• Continuously improve training materials based on incidents and risks

Nice to have
• Experience with SIEM and SOAR tools
• Experience with MDM solutions
• Knowledge of cloud security (AWS / GCP / Azure)
• Experience running phishing simulations
• Familiarity with security frameworks and compliance standards
• Security certifications (optional)

Required Skills & Experience

Technical Skills
Strong understanding of:
Network security principles
TCP/IP, DNS, HTTP/S, VPNs
Experience with:
Firewalls (hardware or software)
Endpoint security / EDR solutions
Monitoring & logging tools
OS security knowledge:
Windows, macOS, Linux

Experience securing:
On-prem infrastructure
Cloud environments (AWS / GCP / Azure — at least one)

Security Knowledge
Authentication & authorization mechanisms
Identity and access management (IAM)
Security best practices and frameworks
Threat detection and response fundamentals

Knowledge of:
Zero Trust
MDM solutions
Cloud security posture management
Security certifications (e.g., Security+, CEH, CISSP — optional)

About us: 
Devoted Studios is a US-based game development company specializing in Co-development, Porting, and End-to-End Art Production for the global gaming industry. With a distributed team of over 1,900+ skilled professionals, we collaborate across time zones to support projects on all major platforms, engines and styles - from AAA titles to emerging technologies.

Our team includes world-class talents who bring deep expertise in external development, pipeline optimization, and creative problem-solving. Whether it’s porting games to new systems, enhancing gameplay features, or crafting stunning visuals, Devoted Studios operates as a trusted, flexible extension of our partners’ internal teams.

We are proud to be the development partner of choice for industry leaders such as: 2K, Xbox, Meta, Obsidian Entertainment, Turtle Rock Studios, Gearbox Software

At Devoted Studios, we’re committed to making outsourcing more efficient, collaborative, and impactful. If you're passionate about co-development, game art, or solving technical challenges on a global scale. 

PwC is a global network of more than 370,000 professionals in 149 countries that turns challenges into opportunities. We create innovative solutions in audit, consulting, tax and technology, combining knowledge from all over the world.

PwC SDC Lviv, opened in 2018, is part of this global space. It is a place where technology is combined with team spirit, and ambitious ideas find their embodiment in real projects for Central and Eastern Europe.

What do we guarantee?

• Work format: Remote or in a comfortable office in Lviv - you choose.
• Development: Personal development plan, mentoring, English and Polish language courses.
• Stability: Official employment from day one, annual review of salary and career prospects.
• Corporate culture: Events that unite the team and a space where everyone can be themselves.

We are seeking a Security Engineer to provide deep technical expertise, tooling evaluations, and hands‑on engineering support across our security program. This role acts as a builder‑defender, driving practical security control implementation, assessing emerging technologies, and ensuring secure integration patterns for modern applications—including but not limited to AI systems. You will bridge high‑level security strategy with real engineering execution.

Key Responsibilities:
 

• Implement and operationalize security controls, translating policies and theoretical requirements into real, functioning technical solutions.
• Evaluate and integrate modern security tools, performing hands‑on testing and delivering data‑driven recommendations.
• Design and review secure architecture patterns for application and platform integrations (APIs, cloud services, third‑party tools, internal services).
• Conduct threat modeling for complex use cases, identifying risks such as data exposure, API abuse, system compromise, and emerging AI‑related attack vectors.
• Provide technical security guidance to engineering and product teams proposing new solutions or integrations.
• Partner closely with DevSecOps teams to embed security practices into CI/CD pipelines, container workflows, and cloud environments.

Requirements:
 

• 4+ years in Application Security, Cloud Security, Security Engineering, or DevSecOps.
• Strong knowledge of API security, OAuth/OIDC, containers, and cloud‑native services.
• Hands‑on experience with security tools (posture management, vulnerability scanners, SIEM/SOAR).
• Ability to assess third‑party vendors and modern security technologies.
• Proficiency in Python or another scripting language.
• Understanding of generative AI risks (prompt injection, data leakage) is a plus.
• Strong analytical thinking and clear communication skills.
• Self‑driven, adaptable, and proactive in a fast‑changing tech landscape.

Policy statements:
https://www.pwc.com/ua/uk/about/privacy.html

Playson is a leading iGaming supplier operating in multiple regulated markets, delivering engaging casino content and advanced technology. We’re a fast-growing, tech-driven company that values innovation, autonomy, and ownership. At Playson, we welcome people who are curious, proactive, and passionate about solving complex challenges at scale.

We are ISO/IEC 27001 certified and committed to maintaining a robust security and compliance posture across all our operations.

About the Role

We are looking for a Security Lead to strengthen Playson’s information security framework and drive continuous improvement of our security culture. This role combines technical expertise, investigative focus, and process leadership - ensuring that our systems, data, and people remain secure, compliant, and resilient.

What will you be doing?

Information Security & Compliance

• Maintain and continuously improve the ISO/IEC 27001:2022 Information Security Management System (ISMS).
• Foster a strong Security-First mindset across the organization.
• Work closely with the CTO, Head of IT, and DevOps to enhance internal security controls.
• Conduct internal audits, risk assessments, and coordinate certification renewals.
• Update security policies and controls in line with ISO 27001, GDPR, and relevant international frameworks (e.g., NIST CSF and NIS2 principles where applicable).
  Manage integrations and alerting within Datadog SIEM, CrowdStrike, Cloudflare, and Google Workspace.
• Support DLP implementation and maintain central tracking of security events.
• Document risks, incidents, and corrective actions to ensure continuous compliance.

Incident Response & Investigation

• Lead investigations into security incidents such as phishing, data leakage, or unauthorized access.
• Collect and analyze digital evidence across systems (CrowdStrike, Cloudflare, Google, Slack).
• Maintain and enhance incident response playbooks and escalation workflows.
• Collaborate with HR, Legal, and IT teams during internal investigations.
• Produce post-incident reports and recommend remediation measures.

Endpoint & Access Security

• Manage MDM systems (Zoho MDM, Endpoint Central) and ensure full compliance for macOS endpoints.
• Maintain CrowdStrike Falcon configurations and endpoint posture enforcement.
• Oversee SSO, MFA, and 2FA enforcement across services (Google SSO, DUO Mobile, 1Password).
• Implement Just-in-Time (JIT) privilege elevation and regular admin access reviews.
• Perform Quarterly RAS Access Management Reviews.

• Maintain a consistent audit trail for access management throughout the year.

   

To succeed in the role, you will have:

• 3+ years of experience in information security, IT audit, or digital investigations.
• Solid understanding of ISO 27001, GDPR, and modern security frameworks (NIST CSF / NIS2).
• Hands-on experience with SIEM / EDR systems
• Proven ability to manage SSO, MFA, DLP, and MDM environments.
• Strong communication skills in English (B2 or higher).
• Analytical mindset, integrity, and attention to detail.

Preferred additional qualifications:

• Certifications: CISSP, CISM, CEH, ISO 27001 Lead Auditor, AWS Security Specialty.
• Experience with Zero Trust, PAM, DLP/CASB, or SOAR platforms.
• Forensics experience.
• Experience in designing awareness programs or running phishing simulations.

What you get in return:

• Competitive Salary: We offer a competitive salary in EUR, subject to annual performance reviews
• Quarterly Bonuses: Benefit from a transparent and systematic quarterly bonus system
• Flexible Schedule: We offer a flexible work schedule to accommodate your needs
• Remote Work Option: Choose to work remotely, providing greater flexibility and comfort
• Medical Insurance: Receive comprehensive medical insurance for both you and a significant other
• Financial Support for Life Events: We provide financial support during special life events
• Unlimited Paid Vacation: Enjoy unlimited paid vacation leave
• Unlimited Paid Sick Leave: Take unlimited paid sick leave whenever necessary
• Professional Development: Get reimbursement for professional development courses and training

The recruitment process includes the following steps:

1. HR Interview (30-45 mins)

2. Technical interview with Service Desk & Security Lead (60 mins)

3. Final Interview with CTO and People Business Partner (60 mins)

About Playson

Founded in 2012, Playson is a leading iGaming supplier recognized worldwide. We provide our partners with a high-end, microservice-based Platform-as-a-Service capable of processing billions of financial transactions daily. Our global infrastructure is designed for cross-regional performance, with a relentless focus on latency reduction and flawless player experience, regardless of bandwidth or connectivity.

We are now building a Platform & Cloud Security function and are looking for the first hire to launch and lead it. This is a rare opportunity to set the standards from scratch and shape how security is embedded into a modern, high-load, cloud-native environment.

Key Responsibilities

• Establish the DevSecOps function at Playson, defining best practices and security standards across the Platform Tribe.
• Integrate security into CI/CD pipelines (SAST, DAST, dependency scanning, container scanning).
• Harden infrastructure and runtime environments (Linux, Docker, Kubernetes/EKS, RBAC).
• Design and enforce cloud security controls in AWS (IAM least-privilege, GuardDuty, Security Hub, encryption at rest/in transit).
• Define and maintain IaC security policies (Terraform/Terragrunt, drift detection, policy-as-code).
• Implement and manage secrets management solutions (Vault, AWS Secrets Manager).
• Build centralized security monitoring & alerting (Datadog, ELK, CloudWatch, SIEM/SOAR).
• Lead vulnerability management and threat modeling practices.
• Automate workflows through scripting (Python, Bash).
• Partner with backend, infrastructure, and platform engineers to embed security in design & delivery.
• Contribute to compliance readiness (ISO 27001, GDPR, PCI-DSS).
• Act as a security subject-matter expert, mentoring engineers and raising awareness.
• Continuously evaluate and implement new security tools and approaches.

Requirements

• 5+ years in Security Engineering / DevSecOps roles, with proven success delivering secure infrastructure and applications.
• Strong skills in Python and Bash for building and automating security workflows.
• Cloud Security (AWS focus) - Deep knowledge of IAM least-privilege design, encryption at rest/in transit, GuardDuty, Security Hub, and best practices for securing multi-account environments.
• Implementation of security controls in pipelines (SAST, DAST, dependency scanning, container image scanning, policy-as-code).
• Hardening of Linux systems, Docker, Kubernetes/EKS; strong experience with RBAC, PodSecurity/OPA/Gatekeeper/Kyverno policies.
• Terraform/Terragrunt, including policy-as-code, drift detection, and compliance enforcement.
• Expertise with HashiCorp Vault, AWS Secrets Manager, or equivalent.
• Hands-on with centralized logging, SIEM/SOAR tools (Datadog Security, ELK, CloudWatch, etc.) and incident response workflows.
• In-depth understanding of secure network design, segmentation, and monitoring.
• Experience with tools enabling temporary, approval-based access (Teleport, AWS IAM Identity Center, Okta, etc.).
• Ability to design and enforce zero trust principles (continuous verification, microsegmentation, contextual access).
• Familiarity with SBOM generation (CycloneDX, Syft), artifact signing (Cosign, Sigstore), and applying SLSA/in-toto frameworks.
• Understanding of ISO 27001, GDPR, PCI-DSS (iGaming relevance), plus experience automating compliance checks with IaC and policy engines.

Nice to have:

• Exposure to Kafka or ClickHouse in security-sensitive environments.
• Familiarity with GitOps tooling (FluxCD/ArgoCD).
• Broader knowledge of SOC 2, HIPAA, or other regulatory frameworks.

What We Offer

• Compensation at top industry standards + quarterly bonuses based on transparent evaluation.
• Remote-first flexibility and adaptable working hours.
• Unlimited paid vacation & sick leave.
• Comprehensive medical insurance (for you and your partner).
• Financial support for major life events.
• Professional growth budget for courses, training, and certifications.

Recruitment Process

1. HR Interview – 45 min
2. Hiring Manager Interview – 60 min
3. Technical Interview – 90 min
4. Final Interview with Head of Platform & CTO – 60 min

We are looking for an InfoSec Manager to develop and enforce security strategy, policies, and operations across the company. This role combines governance and hands-on technical responsibility: from Security Risk management and IAM to endpoint protection, security operations, and IT infrastructure. Information Security Manager will work closely with leadership and IT teams to ensure resilience against evolving threats and compliance with data protection requirements.

Responsibilities:

• Develop and maintain corporate information/cybersecurity strategy aligned with business goals.
• Define and enforce security policies, standards, and guidelines for information security, PII protection, and IAM.
• Build and update a cybersecurity plan based on evolving risks and threats.
• Conduct periodical risk assessments of infrastructure, applications, and processes based on the comprehensive asset management.
• Integrate data confidentiality and privacy (PII) protection into daily operations (“privacy by design”).
• Manage Accesses with SSO, MFA, and RBAC implementations on corporate systems.
• Oversee provisioning/deprovisioning and regular access reviews.
• Manage workstation and laptop security, including BYOD policies.
• Establish incident detection, response, and recovery processes.
• Ensure secure configuration of corporate tools (Google Workspace, Slack, etc.).
• Maintain backup, disaster recovery, and business continuity readiness.
• Execute Information Security Awareness campaigns.

Requirements:

• Ability to collaborate with leadership and technical teams, balancing governance and practical controls.
• Proven experience in developing and maintaining corporate information/cybersecurity strategy aligned with business objectives.
• Strong knowledge of security governance, including definition and enforcement of security policies, standards, and guidelines (information security, PII/data privacy, IAM).
• Practical experience building and maintaining a cybersecurity roadmap and adapting to evolving threats.
• Design and implementation of IT asset management and hands-on experience conducting risk assessments across infrastructure, applications, and business processes. 
• Technical expertise with Identity & Access Management (IAM): SSO, MFA, and RBAC implementations for SaaS and on-prem applications.
• Experience managing user lifecycle (provisioning, deprovisioning, and access reviews).
• Knowledge of security operations practices: incident detection, response, and recovery.
• Experience securing corporate IT tools such as Google Workspace, Slack, and similar SaaS platforms.
• Familiarity with backup solutions, disaster recovery planning, and business continuity management.
• Practical experience in running Awareness Campaigns, evaluate its effectiveness and continuously improve them
• Relevant certifications (CISSP, CISM, ISO 27001, or equivalent) are a strong plus.

Paycord is a PayTech company with a high-load platform for payment processing. We combine fintech expertise with merchant insights to create innovative solutions. We’ve successfully developed a strong product that helps businesses succeed in new markets.

Our primary focus is on solution-driven development, and we prioritize the needs of our business clients. We provide access to a wide range of local and international payment methods, supporting businesses in reaching new heights and achieving excellence.

We`re rapidly growing and inviting an Information/System Security Engineer to our team.

You would be running such tasks as:

• Assess cybersecurity risks and develop measures to minimize them.
• Implement and administer SOC tools, and integrate threat monitoring systems.
• Manage vulnerabilities, respond to security incidents, analyze root causes, and mitigate attack impacts.
• Handle identity protection and privileged access management.
• Secure Windows, macOS, and Linux endpoints.
• Ensure information and data protection.
• Conduct cybersecurity awareness training and promote best security practices among staff.
• Collaborate closely with Legal, HR, Business & Product Owners, DevOps, IT specialists, and development teams, providing expertise in information security matters.

Required skills and expertise:

• Higher education in Information Security or a related field (Computer Science, Software Engineering, Information Systems, etc.).
• At least 3 years of experience in a similar position.
• Strong understanding of user authentication principles, access control, and information resource management models.
• Experience with OSINT tools and methodologies.
• Hands-on experience with configuring and administering tools such as SIEM, EDR, SOAR, MISP, IDS/IPS.
• Experience in securing server, network, and cloud infrastructures.
• Familiarity with monitoring and logging systems.
• Experience in scripting and automation.
• Experience in Security Incident Response, ability to analyze and interpret data, and prepare reports based on incident investigation results.
• Experience with IT audits and risk management processes.
• Risk-oriented mindset with the ability to assess consequences and implement systemic improvements.
• English level: Intermediate or higher (ability to read technical documentation and correspond in English).

Will be a plus:

• Relevant security certifications and training.

We offer:
Care for your health and well-being
• 100 % paid sick leaves;
• 20 working days of paid vacation;
• Medical support;
• Benefits Cafeteria (budget for gym/stomatology/psychological service & etc.);
• Ability to work remotely or in the office (as you wish);
• Corporate gifts & events.

Professional growth & development
• Competitive salary with annual salary promotions;
• The annual budget for professional courses, conferences, workshops, and books;
• Internal training courses;
• Work with a team of professionals and have the opportunity to share knowledge.

Corporate Culture
• Dynamic and result-oriented work environment;
• The ability to influence product development at an early stage;
• Openness to new ideas and approaches, healthy team discussions;
• No “red tape” culture.

Candidate journey:
HR Interview — Technical Interview — Final Interview

• Project Description:

  One of the world's largest providers of products and services to the energy industry has a need to develop, support and integrate software system in Oil & Gas domain.
  You will be a member of a cross functional team.
  Key project stakeholders are open for innovative ideas.
  Project is based on SCRUM methodology.
  This is a great opportunity to work in an international team, apply and learn modern IT technologies

   

• Responsibilities:

  Quickly learn new technologies and improve proficiency
  Follow up with Developer on open vulnerabilities
  Share reports of open, closed vulnerabilities
  Develop unique, effective security strategies for software systems, networks, and cloud provider
  Safeguards information system assets by
  identifying and solving potential and actual security problems
  Maintain quality service by following
  organization standards
  Contribute to team effort by accomplishing
  related results as needed

   

• Mandatory Skills Description:

  Understanding of definitions related to cyber security: Vulnerability, attack vector, threat , security risk, SAST, DAST, WAF ets
  Understanding of networking, Operating systems (Windows and Linux)
  Basic concepts in programming Ex: Python
  Very good English as team is multinational

Location: Remote 
Client Domain: Managed IT Services / Cybersecurity / Cloud / MSP 
English level: B2 - strong spoken English required for daily communication and interviews 

About the Project 

We are partnering with a USA-based MSP company that has been delivering managed IT services, cybersecurity solutions, cloud services, and infrastructure management for over 25 years. 
You will work in a modern, security-focused environment supporting multiple small and medium business clients with advanced Microsoft 365 and endpoint security solutions. 

Responsibilities 

Microsoft Intune / Endpoint Manager 

• Manage MDM/MAM for Windows, macOS, iOS, and Android environments. 
• Create, deploy, and troubleshoot Configuration Profiles and Compliance Policies. 
• Implement and manage Windows Autopilot, Apple Business Manager, and other provisioning methods. 

Security & Conditional Access 

• Design and implement Conditional Access policies within Zero Trust frameworks. 
• Work with Microsoft Entra ID (Azure AD), including MFA, Identity Protection, and directory management. 
• Apply and manage Intune Security Baselines. 

Microsoft Defender Suite 

• Administer Defender for Endpoint (MDE), including ASR rules, TVM, and security integrations. 
• Support additional Defender workloads (Defender for Office 365, etc.). 

Automation 

• Use PowerShell for automation, configuration, mass deployment, and remediation scripts. 

Technical Experience (MSP-Focused) 

• Proven experience managing multiple Microsoft 365 / Intune tenants. 
• Implementing security policies following industry standards (HIPAA, CMMC, Cyber Essentials, etc.). 
• Packaging and deploying applications (Win32, LOB, Store Apps) via Intune. 
• Managing Windows Update Rings and patching through Intune. 
• Troubleshooting enrollment issues, policy conflicts, CA blocks, and compliance problems. 

Soft Skills & Mindset 

• Ability to communicate clearly and professionally with both technical and non-technical clients. 
• Strong documentation skills — SOPs, configurations, playbooks. 
• Scalability mindset: building reusable, template-based solutions for many clients. 
• Ability to prioritize and manage multiple projects in a fast-paced MSP environment. 
   

Certifications 

(Training completed or certifications in progress are acceptable.) 
Highly valued certifications for this role: 

• MD-102 - Microsoft 365 Endpoint Administrator Associate 
• SC-300 - Microsoft Identity and Access Administrator Associate 
• SC-200 - Microsoft Security Operations Analyst 

We Offer 

• Opportunity to propose solutions and influence technical decisions 
• Dynamic and challenging tasks 
• Team of experienced professionals 
• Competitive salary 
• Low bureaucracy 
• Continuous self-improvement 
• Long-term employment with paid vacation and social benefits 
• A bunch of perks 😊 

We are looking for a highly skilled and strategic Senior DevSecOps Engineer to lead our security operations and infrastructure automation initiatives. In this role, you will bridge the gap between development, security, and operations, ensuring our on-premise environment remains secure, resilient, and efficient.

You will act as a subject matter expert, leveraging cutting-edge tools like CrowdStrike to automate threat detection and response, while maintaining robust perimeter security via Cloudflare.

KEY RESPONSIBILITIES:

• Implementation and automation of security tools in the CI/CD process (SAST, DAST, SCA).
• Analysis of vulnerabilities in code, infrastructure and containers.
• Development and configuration of security monitoring systems, incident response.
• Monitoring and improving the security level of on-prem infrastructures.
• Interaction with developers, DevOps and security teams to implement secure practices.
• Active participation in the processes of IAM configuration, management of certificates, secrets and access policies.
• Conducting internal security audits, participation in external (e.g. penetration) tests.

REQUIRED QUALIFICATIONS:

• Experience: 5+ years of experience in DevSecOps, Security Engineering, or a related field, with at least 2 years in a Senior role.

• Tooling Expertise: Deep hands-on experience with the following specific tools:

  - Baremetal/on-premise infrastructure

  - Docker (Docker Swarm is a strong plus)

  - Gitlab CI

  - CrowdStrike

  - Cloudflare

  - ELK.

• SIEM Proficiency: Proven experience deploying and tuning SIEM solutions (e.g., Splunk, Elastic Security, Datadog, or similar).
• Infrastructure: Strong background in managing on-premise infrastructure (physical servers, data centers, virtualization, networking).
• Scripting: Proficiency in Python, Go, or Bash for automation and tooling.

NICE-TO-HAVE:

• Experience with Kubernetes and such tools as Wiz.io and Torq.
• Previous involvement in high-load, regulated, or 24/7 production environments (e.g., iGaming, FinTech, telecom or similar).

WE OFFER:

• Fully remote work opportunity

• Enhanced leave benefits:

  - 20 days of paid vacation

  - 5 paid days off

  - 14 paid sick leaves

• Company clubs & communities
• Celebration gifts for personal milestones
• Corporate online events, raffles & challenges
• Corporate English program
• Corporate yoga classes
• Team-building activities
• Coworking compensation
• Training and development programs (internal & external).

RISK inc: An International iGaming Company Pushing the Boundaries of Entertainment
 

Who We Are:

An international iGaming company specializing in identifying and fostering the growth of high-potential entertainment markets. With 1000+ professionals in 20+ locations, we operate in 10 countries, serving over 300,000 customers.
 

Always Pushing the Boundaries? You Already Belong at RISK!

Our global-scale operations are based on strong internal expertise, analytics, and data research. We have expertise in iGaming operations (sports betting, online casino), digital and affiliate marketing, tech solutions, and data analytics.

Your main responsibilities will be:

• Provide exceptional operational management and support for the analysis and investigation of security incidents;
• Respond promptly to alerts, perform triage operations, and determine the appropriate level of response;
• Decide on and implement the best course of action in response to cyber attacks, initiating suitable recovery procedures;
• Investigate, document, and report on information security issues and emerging trends;
• Maintain, monitor, and operate security infrastructure and related technologies;
• Conduct security assessments for newly acquired systems and technologies to ensure compliance with security standards.

Essential professional experience:

• Understanding of network and systems security, security testing, and software security;
• Experience with Windows & *nix platforms;
• Familiar with scripting languages (Bash, Python, Powershell);
• Knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS and HTTP Protocols, network analysis;
• Knowledge of common malware threats and attack methodologies;
• Analytical and observational skills;
• Threat Hunting experience;
• Strong communication skills, team player, able to function independently and as part of a team;
• Endless will to learn something new.

Additional Information

Our Benefit Cafeteria is Packed with Goodies:

• Children Allowance
• Mental Health Support
• Sport Activities
• Language Courses
• Automotive Services
• Veterinary Services
• Home Office Setup Assistance
• Dental Services
• Books and Stationery
• Training Compensation
• And yes, even Massage!

We are looking for an endpoint/workstation support engineer to support multiple mixed MacOS/Windows/Lin remote working environments. You should maintain a high level of user satisfaction, as well as properly document your work.

Your primary tasks will include:

* Enduser remote support for agents installation

* AV alerts investigation

* Ensuring security compliance policies are in place (e.g. full disk encryption, firewall)

* Implementing updates on agent installation packages whenever new version arrives

* Testing of Windows/Win/Lin endpoint agent updates

The candidate should have a proof records of successful projects in the following areas:

* support of AV/EDR/VPN and other security agents on multiple platforms

* Intune MDM

* Apple Business Manager

* Windows, MacOS and Linux endpoint support

* Basic Unix shell and Powershell scripting

* MS Graph API and other REST API basic experience

* Windows and MacOS troubleshooting with the aid of Sysinternals tools and different set of MacOS tools (netstat, lsof, vmstat, top, dtruss, etc.)

* Fluent English

* Teamwork and problem solving mind

* Compliance framework basic awareness (ISO27001/PCI-DSS/HIPAA etc.)

* ITIL and IT service basic awareness and ability to write end-user documentation/procedures/instructions

A big plus if have all or any of the following:

* Microsoft Intune certification or other Microsoft Security/Endpoint certificationi

* Any AV vendor certification

* Any security related certification (e.g. ISO27001LA, CISSP, CISA)

The role

As an Intern, you will assist in the development and implementation of our security controls, gaining hands-on experience in information security. In this role, you will support the security team in conducting security audits, risk assessments, and vulnerability testing. You will work closely with our security experts to learn about security best practices, threat analysis, and compliance regulations.

You will contribute to the protection of sensitive customer data and the development of secure solutions that meet global security standards.
 

Requirements

• Currently pursuing a degree in Computer Science, Information Assurance, or a related field
• Basic understanding of security principles, including threat analysis and vulnerability assessment
• Familiarity with security frameworks and regulations (e.g. HIPAA, GDPR)
• Excellent analytical and problem-solving skills
• Ability to work in a fast-paced environment and prioritize tasks effectively
• Passion for information security and protecting sensitive data
   

Responsibilities

• Assist in conducting security audits and risk assessments to identify vulnerabilities
• Support the development of security policies and procedures to ensure compliance with regulations
• Participate in vulnerability testing and penetration testing activities
• Collaborate with cross-functional teams to develop secure software development practices
• Assist in the development of incident response plans and disaster recovery procedures
• Participate in security awareness training and education activities
   

About HelloBiome

HelloBiome is an innovative B2B biotech startup at the forefront of AI-powered microbiome innovation. We are dedicated to revolutionizing consumer health by leveraging the microbiome. Through democratizing access to microbiome data, HelloBiome utilizes advanced AI technologies to develop targeted health solutions, transforming these insights into commercial applications for our business clients. Trusted by over 20 clients, including industry giants like Unilever, we are not just predicting the future of consumer health; we are actively shaping it. At HelloBiome, every step we take is towards a healthier future, optimizing well-being one microbiome at a time.
 

Our Culture

At HelloBiome, we thrive in a globally connected, remote work environment with team members distributed across Europe, the US, Canada, and Korea. Our headquarters are in San Francisco and Our dynamic and international team embodies a culture of kindness paired with a drive for innovation and excellence. We value proactive individuals who bring a self-starter mindset to their roles, always seeking new ways to advance our mission. Attention to detail is crucial in our work, as we are committed to delivering precise and impactful health solutions to our B2B clients.
 

This remote and flexible work structure not only fosters a diverse and inclusive atmosphere but also encourages a balance between personal growth and professional excellence. Join us and be part of a team that is shaping the future of consumer health through groundbreaking AI-powered microbiome innovation.

We are looking for a Head of Product Security to join our teams!

Requirements:

- 8+ years of experience in Product Security, Application Security, or DevSecOps
- Proven experience building or scaling a Product Security function in a product-based organization
- Strong expertise in Secure SDLC and security integration into modern development workflows
- Hands-on experience with application security testing, threat modeling, and secure architecture reviews
- Strong understanding of cloud-native architectures and product-related cloud security risks
- Experience managing multi-disciplinary security teams across AppSec, Pentest, DevSecOps, and Cloud Security
- Experience owning vulnerability lifecycle management with risk-based prioritization
- Ability to translate technical security risks into business impact and decisions
- Strong written and verbal communication skills in English

Will be a plus:

- Experience in iGaming, FinTech, SaaS, or other regulated industries
- Hands-on experience with Kubernetes and containerized environments
Exposure to red teaming or adversary simulation
- Familiarity with security-related compliance frameworks (e.g. ISO 27001, PCI DSS, SOC 2)

Responsibilities:

- Build and own the end-to-end Product Security lifecycle across all company products
- Define, implement, and enforce Secure SDLC, embedding security from design through production
- Lead and manage Product Security teams including Pentesting, Application Security, Application Security Architecture, DevSecOps, and Cloud Security Operations
- Drive security architecture reviews and threat modeling for new and existing products
- Own product vulnerability management, including discovery, triage, prioritization, remediation tracking, and verification
- Define and oversee pentesting and offensive security strategy, scope, cadence, and remediation follow-up
- Ensure secure usage of cloud-native services, APIs, and third-party dependencies within products
- Partner with Engineering, Product, and Infrastructure leadership to align security with business objectives
- Lead product-related security incidents, including root cause analysis and long-term corrective actions
- Define and report Product Security KPIs and metrics to executive stakeholders

Technical Stack:

- Application & Product Security: SAST, DAST, SCA, secrets scanning, secure code review, threat modeling
- Cloud Security: AWS, GCP; cloud-native services, IAM, least-privilege models; zero trust tools and approach.
- DevSecOps & CI/CD: CI/CD pipelines, security automation, Infrastructure as Code, secrets management
- Container & Platform Security: Docker, Kubernetes, container image and runtime security
- Pentesting & Offensive Security: Web, API, mobile, and cloud pentesting, remediation validation
- Monitoring & Incident Response: Centralized logging, product-level detection, SOC integration

Our benefits to you:

☘️An exciting and challenging job in a fast-growing holding, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and more
🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed
🧑🏻‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided
🏖Paid vacations, sick leave, personal events days, days off
💵Referral program — enjoy cooperation with your colleagues and get the bonus
📚Educational programs: regular internal training sessions, compensation for external education, attendance of specialized global conferences
🎯Rewards program for mentoring and coaching colleagues
🗣Free internal English courses
✈️In-house Travel Service 
🦄Multiple internal activities: online platform for employees with quests, gamification, presents and news, PIN-UP clubs for movie / book / pets lovers and more
🎳Other benefits could be added based on your location
 

We are Dynamica Labs (Microsoft Gold Partner), an IT company focused on implementing Microsoft Dynamics 365 CRM for our clients.  
 
We are looking for a Founder’s Associate/Executive Assistant — someone who will work closely with the COO and co-founders on a daily basis, helping to maintain focus across multiple tasks and turn operational and management priorities into clear actions.  

You will be involved in various aspects of company management, including business processes, operational efficiency, team development, client relations, building the founder's personal brand, as well as financial and legal matters. This role is ideal for those who enjoy wearing multiple hats, thrive on efficiency, and hands-on work in a dynamic environment. It demands a high level of trust, autonomy, and direct engagement with real business challenges. 
 

Your responsibilities 

• Coordinate workflows and support collaboration across different departments. 
• Manage correspondence and communications efficiently. 
• Assist in client and partner interactions. 
• Prepare presentations and materials for internal and external meetings. 
• Handle documentation, reporting, and administrative tasks. 
• Support problem-solving and contribute to process improvements. 
• Manage calendars, meetings, and events. 
• Participate in special projects, tasks, and initiatives, including those that do not yet have a dedicated owner. 

What we expect from you 

• 2+ years of experience in Business Assistant / Executive Assistant with business focus, Operations, Project or related roles 
• Experience working in fast-growing or dynamic environments 
• Quick learner, able to quickly adapt to new tools and business contexts 
• Ability to organize and structure complex and changing contexts 
• Strong communication skills: concise, clear, and to-the-point in speaking and writing 
• Structured thinking and attention to detail 
• High level of autonomy — able to work independently without micromanagement 
• Responsibility in handling information 
• English level B2+ for emails and calls 

Benefits 

• Microsoft Gold Partner — experienced business system integrator 
• Work with UK and US clients 
• Opportunities for self-realization, professional development, and career growth 
• Skilled management and mature processes supporting your work 
• Exposure to interesting and diverse projects 
• Friendly and supportive team environment 
• Transparent payment system 
• Flexible work schedule and remote work 
• Paid public holidays, annual leave, and sick days 
• Guidance, mentoring, and training in Dynamics 365 and PowerApps 

About the role 

This position is ideal for someone who wants to work not just as support but as a partner in operational and management tasks, gradually becoming more involved in the business and taking on increasing responsibility.