Jobs

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a talented and motivated Junior Pentester who will join our security team to work on penetration testing and vulnerability/cloud security assessment projects.

We expect a short motivation letter where you can explain your skills, achievements and motivation.

Required skills

- Solid non-commercial cybersecurity experience, such as HTB/THM

- Junior-level cybersecurity certifications would be a plus.

- Comfortable with basic application security testing and common vulnerabilities (like OWASP Top 10, CWE Top 25) and cybersecurity fundamentals

- Strong basic IT skills: Linux, networking (TCP/IP, DNS, HTTP etc.)

- Some experience in scripting/coding languages, such as Java, JS, Python, Shell, etc.

- Strong drive to learn and develop cybersecurity skills

- Technical English (Intermediate)

We offer

- Good salary + bonus system

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Support in obtaining professional certifications, such as BSCP, OSCP, eWPTX, cloud certifications, etc.

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Execute penetration tests and security assessments as part of a team, including internal/external networks, web and mobile applications, Windows and Linux environments, cloud architectures, IoT devices, and more

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Conduct security research

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a Middle/Senior Security Consultant / Penetration tester to work on and lead penetration testing and vulnerability/cloud security assessment projects.

In this role, you will work on technically challenging projects and also spend some time leading/mentoring our junior pentesting colleagues.

Required skills

- 1.5+ years of intensive commercial experience

- OSCP, eWPTx2 or similar would be a plus

- Scripting/coding skills and being comfortable with advanced pentesting tooling

- Strong knowledge of mobile/web security

- Comfortable with cloud and container security

- Basic RE skills

- Ability to mentor/lead colleagues

- Strong ability and drive to learn and develop cybersecurity skills

- Technical English (Intermediate+)

We offer

- Good salary + bonus system

- Diverse project portfolio and technologies to work with

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Participate in various pentesting projects

- Lead junior colleagues

- Perform threat modeling in pentesting and security assessment projects

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Consult clients on efficient issues remediation

- Conduct security researches

- Develop tools and scripts to automate and improve current pentesting processes

We are inviting you, a highly motivated and results-oriented Security Engineer to join our team for ensuring and developing solutions, as well as strengthening the product infrastructure.

Our team has unique expertise in research, analysis, and product development. By relying on technical insights and a data-driven approach, we create disruptive future-defining innovations of the fin-tech industry that remain our basis for success.

Responsibilities

• Develop, implement, maintain, upgrade, and test cybersecurity products
• Provide cybersecurity-related support to users and customers
• Integrate cybersecurity solutions into systems and services, ensuring their stability and performance
• Securely configure systems, services, and products
• Maintain and upgrade the security of systems, services, and products
• Implement cybersecurity procedures and controls
• Monitor and ensure the performance of the implemented cybersecurity controls
• Document and report on the security of systems, services, and products
• Work closely with the Engineering teams on cybersecurity-related actions
• Implement, apply, and manage patches to products to address technical vulnerabilities

Requirements

• 3+ years of experience in information security and cybersecurity roles
• Background in development, DevOps, system administration, etc.
• Hands-on experience in developing, integrating, and testing security solutions
• Experience with vulnerability analysis and incident response
• Proficiency in scripting languages such as Python, Bash, PowerShell, etc
• Solid understanding of secure development lifecycle, operating system security, and computer network security
• Experience with both offensive and defensive security practices
• Knowledge of cybersecurity controls, solutions, and technologies
• Ability to collaborate with cross-functional teams and colleagues
• Effective communication and presentation skills to report to stakeholders
• Strong analytical and problem-solving skills
• Reliability, integrity, and responsibility in handling sensitive information and security tasks

• Upper-Intermediate English

   

Will be a plus

• Experience with Ruby, Go, or other programming languages

• Security certifications 

   

We offer

• Compensation for tax expenses of private entrepreneurs in Ukraine
• Qualified assistance and support for Ukrainian private entrepreneurs
• 10 paid sick leave days per year
• 20 paid vacation days per year
• Public holidays according to current Ukrainian legislation
• Medical insurance for employees
• Compensation for professional education and learning English
• Compensation for a sports subscription or sports equipment

Looking for a security-focused DevOps Engineer to join our CEX.IO team.
We are seeking a DevSecOps professional with a strong security focus to implement security best practices across the SDLC, collaborate with DevOps and IT teams, support audit preparation, and help maintain a balance between security and usability in internal policies.

Requirements

• 2+ years of practical experience in information security as DevSecOps, SecOps, DevOps, or SRE.
• Proven experience in implementing security best practices at every stage of the SDLC.
• Hands-on experience with vulnerability scanning and prevention.
• Strong knowledge of cloud providers: AWS, GCP, Azure.
• Experience with CI/CD tools: GitLab CI, GitHub Actions, Jenkins.
• Knowledge of containerization and orchestration tools: Docker, Kubernetes.
• Knowledge of Infrastructure as Code (IaC) and configuration management Tools, including Terraform and Ansible.
• Participation in projects to prepare infrastructure for compliance with international and industry standards (PCI DSS, ISO 27001, NIST, CIS, SOC2, OWASP, MICA, DORA)

Responsibilities

• Investigate and implement security best practices at every stage of the SDLC (SAST/DAST, image scanning, infrastructure hardening, WAF, secrets management, IAM, data protection, etc.).
• Perform tasks and controls required by compliance standards (PCI DSS, MICA, DORA, etc.).
• Manage vulnerabilities by identifying, assessing, prioritizing, and remediating risks.
• Collaborate with the IT Security department to prepare for and pass audits.
• Monitor CVE reports and security events.
• Work closely with internal teams to achieve a balance between security, flexibility, and cost.
• Participate in information security incident investigations.

Would be a plus

• Higher education in Computer Science
• Experience in fintech or crypto domains
• Hands-on penetration testing experience
• Practical experience administering network infrastructure, databases, and on-prem systems
• Security and relevant certifications

Who We’re Looking For You’re an accomplished IT Audit leader with a passion for cybersecurity, a sharp strategic mind, and the ability to inspire and guide a high-performing team. You're proactive, detail-oriented, and thrive in environments that challenge you to lead, build, and innovate. Your Strengths: • Deep understanding of assurance and cybersecurity frameworks (PCI DSS, SOC, HITRUST, ISO 27001, etc.) • Proven leadership and mentoring ability • Strategic thinker with hands-on problem-solving skills • Strong client engagement and relationship-building experience • A self-starter who thrives in a collaborative, remote-first environment Key Responsibilities Strategic Leadership • Drive the vision and delivery of assurance services across diverse projects • Inspire and mentor a team of cybersecurity and IT audit professionals • Foster a culture of quality, collaboration, and innovation Client Engagement • Develop deep knowledge of client industries and needs • Build long-term client relationships and deliver tailored, high-impact solutions • Lead high-profile engagements and serve as a trusted advisor Service Delivery Excellence • Oversee high-quality delivery of assessments and consulting services • Lead assurance engagements across standards like PCI DSS, SOC 2, ISO 27001, NIST, GDPR, and CCPA • Ensure alignment with client goals, timelines, and compliance obligations Training & Compliance • Stay current on evolving regulations and industry trends • Design and lead internal training initiatives to enhance team capabilities What You Bring • Education: Bachelor’s or Master’s degree in Computer Science, Business, Accounting, or related field • Certifications (preferred): CISSP, CISA, CISM, PCI QSA, ISO 27001 Lead Auditor • Experience: Minimum 10 years in IT audit, cybersecurity, or assurance, including leadership in professional services • Skills: o Outstanding written and verbal communication o Strong technical acumen in cybersecurity and IT audit o Ability to manage multiple projects in a fast-paced, high-growth environment o Confidentiality, professionalism, and common sense in all matters

As a Security Engineer, you will own end-to-end security across multiple enterprise and mid-market cloud projects. Your initial mission is to embed automated controls and best practices into every AWS- and Azure-based delivery, shifting the organisation from reactive fixes to a proactive security posture. Reporting directly to the Director of Engineering, Cloud, you will partner daily with Technology, Cloud, Engineering and Account-Management teams and act as a client-facing security authority - able to brief both technical staff and C-level executives.

Your Responsibilities

• Design, implement and enforce comprehensive Secure SDLC processes, integrating automated security controls, threat modeling, secure coding standards, and continuous security testing throughout the entire development lifecycle.
• Develop, document and enforce security policies in our Confluence-based knowledge base and project DMS.
• Harden multi-account AWS and Azure estates (EC2, S3, IAM, VPC, CloudTrail, CloudFront; Virtual Machines, Storage Accounts, Key Vault, NSG, Policy, Monitor).
• Deploy and tune SIEM/log-management platforms (Splunk, ELK, Microsoft Sentinel); craft queries and dashboards that surface actionable threats.
• Run scheduled and continuous vulnerability scans (Qualys, Rapid7, Defender), interpret results and drive remediation with Engineering.
• Configure and manage security edge controls—firewalls, WAFs (Akamai, AWS/Azure WAF) and IDS/IPS—tailored to each client’s risk profile.
• Integrate SCA (Trivy, Grype, Snyk) and DAST (OWASP ZAP) tooling into build pipelines; champion secure-by-design coding practices.
• Lead security architecture reviews and threat-model sessions with cross-functional, multi-country delivery teams.
• Present findings, roadmaps and risk mitigation strategies directly to enterprise clients, translating technical issues into clear business impact.
• Continuously evaluate emerging threats, Zero-Trust patterns and supply-chain risks; recommend tooling and process improvements that keep us ahead of third-party scans.
• Application Security Reviews: Conduct security assessments of applications, APIs, and services to identify misconfigurations, design flaws, and vulnerabilities.
• Secure API Integrations: Validate that connections to external and internal APIs are implemented securely (authentication, authorization, rate limiting, data validation, etc.).
• Code & Dependency Security: Review application code, libraries, and dependencies to ensure secure coding practices, remediation of vulnerabilities, and alignment with security standards.

Requirements

• 7 + years of hands-on security engineering in cloud-native, agile environments.
• Expert knowledge of core AWS and Azure services and how to secure them at scale.
• Proven SIEM experience—log ingestion, correlation rule creation and dashboarding.
• Deep understanding of vulnerability management tools and remediation cycles.
• Practical experience with WAF/IDS/IPS configuration, network protocols (TCP/IP, DNS, HTTP) and Zero-Trust/IAM best practices (AD, Azure AD, Okta).
• Comfort operating as a solo security function: you set the standards, choose the tools (budget approved) and drive adoption company-wide.
• Consultative mindset with excellent written and verbal English; able to brief board-level stakeholders and guide client teams through complex security topics.

Will be a plus

• Container and Kubernetes hardening, DevSecOps pipeline design, CNAPP familiarity, compliance frameworks (SOC 2, ISO 27001, PCI DSS) and industry certifications (CISSP, AWS Security Specialty, Azure Security Engineer Associate, CKS).

Benefits

• Experience working with US clients
• Competitive compensation depending on experience and skills
• Unlimited, paid time off and vacation
• Budget for certifications and IT conferences
• Friendly team to work with around the world
• Be a team player in an agile software development environment focused on collaboration and continuous integration

We are seeking a highly skilled DevSecOps Engineer with expertise in integrating security practices into DevOps pipelines and cloud-native environments. You will be responsible for building secure, automated CI/CD processes, implementing security controls, and ensuring compliance across infrastructure and applications. The ideal candidate has a strong background in DevOps, cloud platforms, and security engineering, with hands-on experience in securing large-scale, distributed systems.

Details:
Location: Remote in EU
Employment Type: Full-Time, B2B Contract
Start Date: ASAP
Language Requirements: Fluent English

Key Responsibilities

• Design and implement security automation in CI/CD pipelines for applications and infrastructure.
• Integrate static (SAST), dynamic (DAST), and dependency (SCA) security scanning tools.
• Collaborate with DevOps and engineering teams to ensure security best practices are embedded from design to deployment.
• Manage secrets, IAM, and encryption policies across cloud environments (AWS, Azure, GCP).
• Define and enforce compliance standards (ISO, SOC2, GDPR, HIPAA).
• Build monitoring and alerting systems for threat detection and vulnerability management.
• Implement container and Kubernetes security (runtime protection, image scanning, RBAC).
• Support penetration testing and incident response processes.
• Conduct security training and awareness for developers and operations teams.

Requirements

• 5+ years of experience in DevOps or Security Engineering, with at least 2+ years in DevSecOps.
• Strong knowledge of CI/CD tools (Jenkins, GitLab CI/CD, GitHub Actions, Azure DevOps).
• Hands-on expertise with security tools (SonarQube, Snyk, Checkmarx, Aqua, Prisma, Twistlock).
• Solid understanding of cloud platforms (AWS, Azure, GCP) and their security services.
• Experience with infrastructure-as-code (Terraform, CloudFormation, Ansible) and policy-as-code (OPA, Sentinel).
• Knowledge of containerization and orchestration security (Docker, Kubernetes).
• Familiarity with monitoring and logging tools (ELK, Prometheus, Grafana).
• Strong scripting/programming skills (Python, Bash, Go).
• Excellent problem-solving and communication skills.

Nice to Have

• Security certifications (CISSP, CISM, OSCP, CCSP, AWS/Azure/GCP Security).
• Experience with zero-trust architectures and microsegmentation.
• Familiarity with service mesh security (Istio, Linkerd).
• Knowledge of SIEM/SOAR platforms (Splunk, QRadar, Sentinel).
• Background in regulated industries (finance, healthcare, telecom).
• Contributions to security open-source projects or DevSecOps communities.

We are seeking a highly skilled SCADA / OT Security Engineer with strong expertise in securing industrial control systems (ICS), supervisory control and data acquisition (SCADA) environments, and operational technology (OT) networks. You will be responsible for assessing, designing, and implementing security solutions that protect critical infrastructure from cyber threats, ensuring compliance, resilience, and operational continuity. The ideal candidate has hands-on experience with ICS protocols, OT environments, and modern cybersecurity practices.

Details:
Location: Remote in EU (occasional onsite at client facilities)
Employment Type: Full-Time, B2B Contract
Start Date: ASAP
Language Requirements: Fluent English

Key Responsibilities

Assess and secure SCADA/ICS/OT systems, networks, and protocols.

Design and implement security controls tailored for industrial environments.

Conduct risk assessments, vulnerability management, and incident response in OT contexts.

Collaborate with engineering and operations teams to integrate security without impacting system availability.

Develop and enforce OT cybersecurity policies, standards, and procedures.

Monitor OT systems for anomalies, threats, and unauthorized access attempts.

Support compliance with NERC CIP, IEC 62443, ISO 27001, and industry-specific standards.

Integrate OT security with IT security monitoring (SOC, SIEM, SOAR).

Conduct security awareness and training for OT/ICS operators.

Requirements

5+ years of experience in cybersecurity with at least 3+ years in OT/SCADA/ICS environments.

Strong knowledge of ICS/OT protocols (Modbus, DNP3, OPC, Profibus, etc.).

Hands-on experience with firewalls, IDS/IPS, and network segmentation in OT environments.

Familiarity with SCADA platforms (Siemens, Schneider Electric, ABB, Honeywell, Rockwell).

Strong understanding of OT threat landscapes, attack vectors, and defense strategies.

Knowledge of risk assessment frameworks and regulatory standards (IEC 62443, NIST CSF, NERC CIP).

Experience with SIEM/SOC tools for OT environments.

Strong problem-solving skills with the ability to work in mission-critical industrial setups.

Excellent communication skills to interface with both IT security and OT operations teams.

Nice to Have

Security certifications (GICSP, GRID, CISSP, CISM, ISA/IEC 62443).

Experience with penetration testing and red teaming in OT environments.

Familiarity with cloud-based monitoring for OT/ICS.

Knowledge of IIoT (Industrial Internet of Things) security.

Industry background in energy, utilities, oil & gas, manufacturing, or transportation.

Contributions to OT cybersecurity communities or research.

💼 MISSION STATEMENT

We’re not just posting—we’re shaping narrative. As our Social & Reputation Commander, you’ll own the brand battlefield: crafting content, controlling perception, and driving reach across Twitter, LinkedIn, Telegram, and beyond.

🎯 CRITICAL OBJECTIVE

Make our voice unavoidable. Build presence, grow audience, and keep reputation bulletproof—even when competitors aim to kill it.

🧠 THE UNORTHODOX ATHLETE WE NEED

You’re not a “social media manager.” You’re a content sniper and reputation fighter who thrives on virality, speed, and narrative control.

🏆 WHAT YOU’LL ACCOMPLISH

• Build social presence from zero to industry dominance.
• Handle ORM with precision: bury threats, amplify wins.
• Create viral loops and content ecosystems.

❌ THE ANTI-RESUME

We don’t care about marketing degrees. We care about content that bends the conversation in our favor.

🚀 OUR STANDARD

This isn’t scheduled posts—it’s narrative warfare.

🔥 THE KEEPER TEST

We’ll fight to keep you if you dominate channels and shape perception.

⚠️ IMPORTANT NOTE

If you’re scared of pressure, don’t apply. If you want to weaponize voice and reputation, step up.

Cloudfresh ⛅️ is a Global Google Cloud Premier Partner, Zendesk Premier Partner, Asana Solutions Partner, GitLab Select Partner, Hubspot Platinum Partner, Okta Activate Partner, and Microsoft Partner.

Since 2017, we’ve been specializing in the implementation, migration, integration, audit, administration, support, and training for top-tier cloud solutions. Our products focus on cutting-edge cloud computing, advanced location and mapping, seamless collaboration from anywhere, unparalleled customer service, and innovative DevSecOps.

We’re looking for a Google Cloud Security Engineer to harden client environments across GCP. You’ll implement and help design security controls, automate guardrails, improve detection & response, and guide stakeholders through pragmatic, risk-based decisions across EMEA.

Requirements:

• 2+ years proven, hands-on experience in a Security Engineer, SecOps (or similar) role building and operating cloud security controls (GCP).
• Strong knowledge of Google Cloud architecture and native security services: Cloud IAM (least privilege, Conditions), Organization Policies, VPC / Private Service Connect, VPC Service Controls, Cloud Armor (WAF/DDoS), Security Command Center (SCC), Cloud KMS/CMEK/HSM, Secret Manager, IAP/BeyondCorp Enterprise (Context-Aware Access), Cloud Logging/Monitoring and GKE security.
• Technical certifications related to Cloud Solutions are an advantage (Google Professional Cloud Security Engineer, Professional Cloud Architect; CISSP/CCSP/ISO 27001 LI/LA a plus).
• Experience executing changes across multiple clients/verticals in EMEA/CEE with sound change control (CABs), documentation and participation in incident response/on-call.
• Excellent communication and strategic planning abilities, able to explain trade-offs, influence remediation, and drive adoption of guardrails.
• Proficient with engineering – tooling stacks: Terraform, GitHub/GitLab CI, OPA/Conftest / Policy Controller (Config Sync), Cloud Build/Deploy, Artifact Registry; comfortable with HubSpot and Asana for collaboration with account teams when needed.
• Basic scripting experience (e.g., Python, Bash, or gcloud CLI).
• Strong Plus experience with Cloudflare.
• Fluency in English.

Responsibilities:

• Design, implement, and operate security controls for GCPfor SMB & Enterprise clients across EMEA & CEE.
• Perform security audits for GCP and Google Workspace environments.
• Implement key features: Org Policies, IAM Conditions, break-glass flows, VPC design (private subnets, Cloud NAT), Private Service Connect, VPC Service Controls perimeters, Cloud Armor (WAF/MPA, rate limiting, geo/IP policies), IAP/BeyondCorp with Context-Aware Access, KMS/CMEK/HSM, Secret Manager, Confidential/Shielded VMs, Cloud IDS.
• Configure and monitor Security Command Center, audit logs, and threat protection
• Harden GKE & Workloads: private clusters, Workload Identity, Binary Authorization, Pod Security standards, NetworkPolicy, image scanning/provenance, OS patching via OS Config/VM Manager.
• Automate guardrails: Reusable Terraform modules, gated CI checks (OPA/Conftest/Policy Controller), drift detection and safe automated remediation; codify SCC mute rules and Cloud Armor policies.
• Establish logging, detection & IR: Standardize Cloud Audit Logs and Log Router sinks to CMEK log buckets; integrate to Chronicle SIEM; tune SCC (ETD/CTD/VM TD), build IR runbooks, triage incidents, and continuously improve MTTR.
• Assist clients with implementation of 2FA, DLP, and compliance controls.
• Generate security assessment reports and provide actionable recommendations.
• Collaborate with DevOps and infrastructure teams to fix vulnerabilities.
• Collaborate with ISSM: Work on maintaining ISO 27001 Security standards, performing annual networking tests.
• Continuously assess the landscape: track new GCP features (e.g., Assured Workloads, Confidential Space, reCAPTCHA Enterprise) and update baselines to improve posture, reliability, and cost efficiency.

Would be a plus:

• Experience with multi-cloud or hybrid environments
• Familiarity with Google Workspace Enterprise security features
• Basic knowledge of SIEM or zero trust architectures

Work conditions:

• Competitive Salary & Transparent Motivation: Receive a competitive base salary with performance-based bonuses, providing clear financial rewards for your success.
• Flexible Work Format: Work remotely with flexible hours, allowing you to balance your professional and personal life efficiently.
• Training with Leading Cloud Products: Access in-depth training on cutting-edge cloud solutions, enhancing your expertise and equipping you with the tools to succeed in an ever-evolving industry.
• International Collaboration: Work alongside A-players and seasoned professionals in the cloud industry. Expand your expertise by engaging with international markets across the EMEA and CEE regions.
• Vibrant Team Environment: Be part of an innovative, dynamic team that fosters both personal and professional growth, creating opportunities for you to advance in your career.
• When applying to this position, you consent to the processing of your personal data by CLOUDFRESH for the purposes necessary to conduct the recruitment process, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR).
• Additionally, you agree that CLOUDFRESH may process your personal data for future recruitment processes.

PrivatBank is the largest bank in Ukraine and one of the most innovative banks around the world. It holds a leading position for all the financial indicators in the area and comprises about a quarter of the whole banking system of our country.

We are looking for an Application Security Engineer. We are searching for the person who seeks to work in a dynamic environment and shares the values of initiative, openness and mutual trust.

We are striving to find a goal-oriented and multitask professional who would be focused on making good results and high quality.

Requirements:

• At least 3 years of experience in application security or related fields such as penetration testing and security architecture
• Proficiency in using security scanners such as SAST, DAST, SCA, Secret Detection, and Container scanning
• Experience integrating security scanners in CI/CD pipelines using Jenkins for GitLab
• Certifications such as CEH, OSCP, CSSLP, AWS Certified Security Specialty, etc. is preferred
• Background in software development, including roles such as Developer, Business Analyst, Architect, DevOps, etc
• Knowledge of Secure Software Development Life Cycle (S-SDLC) and frameworks like OWASP SAMM, BSIM, and Microsoft SDL
• Familiarity with the software development process and stages
• Basic understanding of software code
• Knowledge of key infrastructure components like databases, queues, application servers, load balancers, NoSQL, etc
• Understanding of major types of vulnerabilities
• Understanding of software architecture
• Knowledge of network protocols such as DNS, HTTP/S, SMTP, SSH, and FTP
• Ability to independently research information and solve complex problems
• Critical thinking skills

Responsibilities:

• Conduct security audits using the OWASP SAMM framework to assess current practices, identify gaps, and evaluate compliance levels within the organization
• Develop and implement strategic plans aimed at enhancing security maturity levels throughout the organization, with gradual improvements
• Application security governance and metrics
• Collaborate with various team members, including developers and top management, to advocate and implement application security best practices
• Improve our application security management platform
• Manage security architecture, focusing on integrating security at every stage of the software development lifecycle
• Integrate and oversee security automation tools to enhance security processes and reduce manual error
• Oversee security testing across various stages of software development to identify and mitigate potential security vulnerabilities
• Engage in threat modeling activities to predict and neutralize potential security threats before they impact the system
• Ensure compliance with relevant industry standards and regulations by regularly updating security policies and standards
• Track and manage software defects to ensure timely resolution of security-related issues
• Develop and conduct training and awareness programs to enhance security knowledge and practices across the organization
• Spearhead the secure integration of CI/CD practices into software development processes to ensure continuous security
• Use cloud services for application security

We offer:

• Work in the largest and most innovative bank of Ukraine
• Official employment and 24 calendar days of vacation
• Sick leave compensation
• Medical Insurance
• Competitive salary
• Bonuses, premium according to company policy
• Corporate training
• Modern comfortable office
• Interesting projects, ambitious tasks and dynamic growth
• Corporate financial assistance in critical situations
• A friendly professional and strong team
• Possibility of remote work format

PrivatBank is open to support and employ veterans and people with disabilities.

We believe that discrimination due to health conditions, physical abilities, age, race and ethnicity, gender or marital status is unacceptable.

We are ready to train veterans and candidates with disabilities without banking experience.

We are looking for an Information Security Operator to join our team.

Requirements:

- Education in the field of information security, computer science, or a related discipline.

- Knowledge and experience in using security monitoring tools, such as SIEM (Security Information and Event Management).

- Ability to apply knowledge of the Incident Response Lifecycle to effectively respond to and mitigate security incidents.

- Ability to classify and analyze security incidents, identify their nature, and assess potential consequences.

- Experience with the Linux operating system and proficiency in Bash commands.

- Knowledge and experience working with various database management systems (DBMS), including PostgreSQL, MongoDB, and ClickHouse.

- Proactive approach to detecting and responding to potential security threats.

- Strong communication skills for interacting with colleagues, analysts, and security engineers.

Responsibilities:

- Monitoring and managing security events through tools such as Security Information and Event Management (SIEM), Endpoint Security Systems, and Network Security Systems.

- Detecting and responding to security incidents promptly to mitigate potential risks and prevent further escalation.

- Generating reports on security events, incidents, and overall system security status for analysis and documentation purposes.

- Providing assistance and support to employees regarding security-related inquiries, concerns, or issues they may encounter.

- Managing user access and permissions for infrastructure servers and databases to ensure secure and authorized usage.

- Collaborating and communicating with L2 and L3 security engineers to share information, coordinate responses, and address security challenges effectively.

- Engaging in work activities during both daytime and nighttime hours, adhering to a schedule that involves 12-hour shifts.

Our benefits to you:
☘️An exciting and challenging job in a fast-growing holding, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and more
🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed
🧑🏻‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided
🏖Paid vacations, sick leave, personal events days, days off
💵Referral program — enjoy cooperation with your colleagues and get the bonus
📚Educational programs: regular internal training sessions, compensation for external education, attendance of specialized global conferences
🎯Rewards program for mentoring and coaching colleagues
🗣Free internal English courses
✈️In-house Travel Service 
🦄Multiple internal activities: online platform for employees with quests, gamification, presents and news, PIN-UP clubs for movie / book / pets lovers and more
🎳Other benefits could be added based on your location

We are looking for a Cloud Security Engineer who, following DevSecOps principles, will be responsible for the security of our cloud-based infrastructure and CI/CD processes. Your mission will be to proactively identify security gaps, implement security controls, and harden our Kubernetes environment.

Must-Have Requirements

• More than 5+ years of relevant experience in a DevOps role.
• In-depth understanding of cloud and Kubernetes security principles and best practices.
• Hands-on experience with Kubernetes security tools (Kyverno, Gatekeeper, Cilium).
• Strong proficiency in Secret Management solutions (Azure Key Vault).
• Experience integrating vulnerability scanning tools (Trivy) into CI/CD environments.
• Solid knowledge of Identity and Access Management (IAM, RBAC) and authentication protocols (Keycloak).
• Familiarity with Infrastructure as Code (Terraform) and GitOps (ArgoCD) from a security perspective.

Nice-to-Have Skills

• Broader DevOps experience in managing production environments.
• Deep knowledge of the full Prometheus monitoring stack (Loki, Alertmanager, etc.).
• Relevant security certifications (e.g., CKS, AZ-500).
• Proficiency in scripting languages (e.g., Python, Bash) for automation tasks.

Daily Responsibilities

• Kubernetes Cluster Security: Implementing and managing security policies using Kyverno and Gatekeeper to secure the cluster.
• Secret Management: Ensuring the secure storage and access of secrets using Azure Key Vault and the AKV2K8S integration.
• Identity & Access Management: Configuring and maintaining Role-Based Access Control (RBAC) systems with Keycloak.
• Security Scanning: Automatically detecting vulnerabilities during the build process by integrating Trivy into GitLab pipelines.
• Network Security: Filtering network traffic and managing network policies with Ciliumand Traefik.
• Image Signing: Implementing and managing the container image signing process to secure the software supply chain.
• Security Monitoring: Monitoring for security events and anomalies and managing alerts using the Prometheus, Loki, and Alertmanager stack.
• Continuous Updates: Managing the automated update of dependencies and system components using Renovate. 

What we offer:

🌍 Work from Anywhere: The flexibility to work remotely or from our office, depending on what suits you best.

🌱 Work-Life Balance: We support your well-being with paid vacation and sick leave to ensure you have the time you need to recharge. Enjoy a flexible schedule that fits your lifestyle.

📊 Full Accounting Support: We handle all administrative details, including tax coverage and comprehensive accounting support.

💰 Competitive Compensation: Competitive compensation that reflects your experience and skills.

👥 Friendly Team & Cozy Environment: Join a supportive, collaborative team. We also offer thoughtful gifts and organize engaging corporate events.

🚀 No Bureaucracy, No Micromanagement: A workplace with minimal bureaucracy and no micromanagement. Embrace the freedom to innovate and excel in an environment where everyone feels valued and heard.

At Balancify, we’re redefining finance to be transparent, inclusive, and built for the next generation. Banking shouldn’t feel like a black box — we make it clear, accessible, and trustworthy. Our real strength is the team: not just roles, but builders creating something meaningful together.

What you’ll do:

• Apply cloud security best practices: IAM, encryption, compliance  

• Diagnose and resolve complex infrastructure issues  

• Develop and maintain IaC with Terraform, CloudFormation, and scripts (Python, Bash, Go)  

• Drive end-to-end observability, define SLOs/error budgets, and maintain actionable dashboards  

• Manage secrets & keys (AWS KMS/Secrets Manager), automate rotation, and maintain audited access  

• Keep payment processing highly available & low-latency: capacity planning, autoscaling, load/performance testing

We’re looking for you if you:

• Have 4+ years in DevSecOps/SRE/Cloud Engineering  

• Strong AWS knowledge (IAM, VPC, KMS, Secrets Manager)  

• Experience with IaC (Terraform/CloudFormation) and automation scripting  

• Proficient in observability tools (Prometheus, Grafana, ELK, OpenTelemetry)  

• Hands-on with CI/CD, Docker/Kubernetes, and security best practices

• Analytical, proactive, and able to balance speed, security, and reliability 

Bonus points for:  

• Experience in FinTech, high-load, or regulated environments  

• Knowledge of PCI DSS, SOC2, or other compliance frameworks  

• Performance/security testing expertise

Why join us?

• Build and secure the backbone of a next-generation fintech product

• Be part of a team that values ownership, collaboration, and innovation

• Directly influence system resilience, security, and performance

• Flexible, supportive, and growth-oriented environment

🚀 Ready to keep our systems secure, scalable, and blazing fast? Apply now and join Balancify!

About the company

At Balancify, we’re redefining finance to be transparent, inclusive, and built for the next generation. Banking shouldn’t feel like a black box — we make it clear, accessible, and trustworthy.

Our real strength is the team: not just roles, but builders creating something meaningful together.

What you will do:

 • Apply cloud security best practices: IAM, encryption, compliance

 • Diagnose and resolve complex infrastructure issues

 • Develop and maintain IaC with Terraform, CloudFormation, and scripts (Python, Bash, Go)

 • Drive end-to-end observability, define SLOs/error budgets, and maintain actionable dashboards

 • Manage secrets & keys (AWS KMS/Secrets Manager), automate rotation, and maintain audited access

 • Keep payment processing highly available & low-latency: capacity planning, autoscaling, load/performance testing

We’re looking for you if you:

 • Have 5+ years in DevSecOps/SRE/Cloud Engineering

 • Strong AWS knowledge (IAM, VPC, KMS, Secrets Manager)

 • Experience with IaC (Terraform/CloudFormation) and automation scripting

 • Proficient in observability tools (Prometheus, Grafana, ELK, OpenTelemetry)

 • Hands-on with CI/CD, Docker/Kubernetes, and security best practices

 • Analytical, proactive, and able to balance speed, security, and reliability

Bonus points for:

 • Experience in FinTech, high-load, or regulated environments

 • Knowledge of PCI DSS, SOC2, or other compliance frameworks

 • Performance/security testing expertise

Why join us?

 • Build and secure the backbone of a next-generation fintech product

 • Be part of a team that values ownership, collaboration, and innovation

 • Directly influence system resilience, security, and performance

 • Flexible, supportive, and growth-oriented environment

🚀 Ready to keep our systems secure, scalable, and blazing fast? Apply now and join Balancify!