Jobs

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a Middle/Senior Security Consultant / Penetration tester to work on and lead penetration testing and vulnerability/cloud security assessment projects.

In this role, you will work on technically challenging projects and also spend some time leading/mentoring our junior pentesting colleagues.

Required skills

- 1.5+ years of intensive commercial experience

- OSCP, eWPTx2 or similar would be a plus

- Scripting/coding skills and being comfortable with advanced pentesting tooling

- Strong knowledge of mobile/web security

- Comfortable with cloud and container security

- Basic RE skills

- Ability to mentor/lead colleagues

- Strong ability and drive to learn and develop cybersecurity skills

- Technical English (Intermediate+)

We offer

- Good salary + bonus system

- Diverse project portfolio and technologies to work with

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Participate in various pentesting projects

- Lead junior colleagues

- Perform threat modeling in pentesting and security assessment projects

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Consult clients on efficient issues remediation

- Conduct security researches

- Develop tools and scripts to automate and improve current pentesting processes

About you:

We are looking for a proficient Vulnerability Researcher to work in the cybersecurity field. If you are interested in making a difference and being part of an exciting project, please apply with your CV.

About project:

Our new client develops a cyber security project for the US government. You will have the opportunity to contribute to the security of the United States.

Your area of responsibility:

- Detect and exploit vulnerabilities;

- Build scripts and software modules to verify the presence of vulnerabilities;

- Reverse-engineer vulnerability patches in order to better understand certain vulnerabilities;

- Assist in the development of tools to improve vulnerability or threat research.

Skills and requirements:

- Proven experience in vulnerability exploitation and fuzzing;
- Extensive experience (3+ years) in reverse engineering;
- Knowledge of OS internals (any OS);
- Recent knowledge of exploitation techniques (iOS/Android/Windows/Linux/embedded).

Will be a plus:

- Academic degree in Computer Sciences/Mathematics/Physics;

- Proven record (CVEs or verbal description) of found vulnerabilities in mobile/desktop OSes;

- Good interpersonal skills.

We offer:

- Висококласні робочі умови: спільнота першокласних інженерів, близько 90% нашої команди це Middle та Senior; цікаві та довгострокові проєкти у різних сферах; можливість змінити проєкт в разі необхідності;

- Конкурентна ринкова компенсація в валюті (не в гривневому еквіваленті), яка виплачується без затримок;

- Власний план розвитку та регулярні перегляди компенсації;

- Оплачувані відпустки (20 днів) та лікарняні дні (5 днів);

- Всі державні свята за Українським законодавством є вихідними;

- Можливість працювати з будь-якою точки світу — ми знайдемо юридичний варіант, допоможемо легалізуватися або проконсультуємо з цього питання.

- Бухгалтерський супровід;

- Юридична підтримка в межах України;

- Повноцінна HR-підтримка та турбота.

We are looking for an endpoint/workstation support engineer to support multiple mixed MacOS/Windows/Lin remote working environments. You should maintain a high level of user satisfaction, as well as properly document your work.

Your primary tasks will include:

* Enduser remote support for agents installation

* AV alerts investigation

* Ensuring security compliance policies are in place (e.g. full disk encryption, firewall)

* Implementing updates on agent installation packages whenever new version arrives

* Testing of Windows/Win/Lin endpoint agent updates

The candidate should have a proof records of successful projects in the following areas:

* support of AV/EDR/VPN and other security agents on multiple platforms

* Intune MDM

* Apple Business Manager

* Windows, MacOS and Linux endpoint support

* Basic Unix shell and Powershell scripting

* MS Graph API and other REST API basic experience

* Windows and MacOS troubleshooting with the aid of Sysinternals tools and different set of MacOS tools (netstat, lsof, vmstat, top, dtruss, etc.)

* Fluent English

* Teamwork and problem solving mind

* Compliance framework basic awareness (ISO27001/PCI-DSS/HIPAA etc.)

* ITIL and IT service basic awareness and ability to write end-user documentation/procedures/instructions

A big plus if have all or any of the following:

* Microsoft Intune certification or other Microsoft Security/Endpoint certificationi

* Any AV vendor certification

* Any security related certification (e.g. ISO27001LA, CISSP, CISA)

We are looking for a Security Architect (Cloud) to join our team!

As a Security Architect (Cloud), you will become an essential and vital part of our Cyber Risk team, providing expert advice in both local and international cloud security projects where a diverse skillset, relevant knowledge on both IT and business aspects set us apart from the competition. As part of our Cyber Practice, you will be part of a team of seasoned cyber security professionals where inclusive leadership, continuous learning and coaching culture is considered an essential part of who we are.

As part of your role, together with Senior Leadership, you will be in charge of developing and refining Deloitte's Cloud Security offering and go to market; as well as build the Cloud Security practice within Ukraine and central Europe.

Some of your tasks will include:
 

• Supporting clients during their cloud transformation initiatives, making sure that all technical security risks are correctly identified, mitigated and reported. In addition, integrating the new cloud infrastructure in the overarching security architecture and strategy
• Plan, research, and design security controls for IT systems and data to align with business objectives
• Developing technical security standards to serve as input for the creation of the cloud landing zones
• Defining, establishing and maintaining multi-cloud security architectures, strategies and methodologies
• Leading the implementation of technological cloud security capabilities by defining the technological security vision, defining the solutions and steering the implementation teams in realizing these architectures
• Review system security measures and implement necessary enhancements
• Defining and reviewing cloud security architectures and strategic roadmaps on an ongoing basis to ensure alignment with both business and IT strategies, taking into account technology evolutions
• Giving input to the ongoing improvement and streamlining of security architecture development and delivery
• Delivering an integrated security architecture model linking cloud, applications, information and infrastructure architectures

Let's talk about you

• Between 7 - 15 years of Cyber security experience, ideally most of it within consulting within the following areas:

Cloud and Container Security: 

• Minimum of 5 years experience with AWS, Azure, GCP or OCI and demonstrable affinity with Cloud technology
• Knowledge of information security principles and guidelines (including CIS, MITRE ATT&CK frameworks)
• Strong working knowledge of IT risks, cybersecurity, computer operating systems, and cloud computing environments
• Experience with containerization: Kubernetes, Docker. Practical experience with serverless and secure development environments, infrastructure-as-code is a plus

Governance and Risk Assessment :

• Good knowledge of security frameworks such as ISO, NIST CSF, CSA and CIS controls
• Experience with the implementation of cloud risk frameworks and optimization of controls in CI/CD pipelines

Architecture and Design:

• Well-versed in Secure Cloud Architecture Design and Implementation; Able to design solutions for improving Cloud Security by enforcement of cloud security guardrails and standards
• Experience with architecture and security reviews, threat modeling applications, and identifying areas of risk
• Experience with encryption in-flight and at-rest practices, as well as certificate and secrets is a nice to have
• High level knowledge of network architectures, topologies, and concepts (Firewalls, LB, WAF, CDN, VPC, ACL, TLS, SSH, and DNS)
• Experience implementing strategies to support secure and compliant architectures

Soft skills: 

• Adaptable, flexible and able to see the bigger picture
• Comfortable or eager to be involved in business development initiatives, should be at ease being on the market and engaging with potential new clients or increasing our offering with existing clients
• A thought-leader with a strong drive and motivation to build a team
• Ability to work within international environment

Certifications such as CISSP, CISA, or CISM are highly desired

Skills and Experience Requirements:

- 3+ years of experience as an Information Security Auditor/Internal Security Assessor.

- Experience managing controls or compliance with SOC2, ISO 27001, PCIDSS.

- Experience managing multiple projects in a fast paced, ambiguous environment, accountability/ownership for the audit project lifecycle.

- A high degree of personal integrity, attention to detail, and strong investigative skills.

- Associate or bachelor’s degree in  Information Security/IT/Cybersecurity related discipline is preferred.

Responsibilities:

- Schedule, coordinate, and lead company internal audits. Handle the full internal audit cycle.

- Develop and implement of audit program ( ISO/IEC 27001, PCIDSS, GDPR).

- Support preparation for external audits, liaise with external auditors and provide internal guidance in support of external audits.

- Plan, implement, monitor, and upgrade security measures to protect the organization’s data, systems, and networks.

- Conduct audits regular audits and provide recommendations.

- Maintain, monitor, and improve the audit process. 

- Control of implementation of corrective actions addressing nonconformities with management systems standards and document requirements.

We offer:

- 20 working days of vacation;

- 12 sick days;

- Compensation for sick leave;

- Medical insurance;

- Flexible work schedule;

- Gifts and benefits for significant occasions;

- Mental health care;

- Support and development of volunteer culture.

FAVBET Tech develops software that is used by millions of players around the world for the international company FAVBET Entertainment.
We develop innovations in the field of gambling and betting through a complex multi-component platform which is capable to withstand enormous loads and provide a unique experience for players.
FAVBET Tech does not organize and conduct gambling on its platform. Its main focus is software development.

Main areas of work:

• Betting/Gambling Platform Software Development — software development that is easy to use and personalized for each customer.
• Highload Development — development of highly loaded services and systems.
• CRM System Development — development of a number of services to ensure a high level of customer service, effective engagement of new customers and retention of existing ones.
• Big Data — development of complex systems for processing and analysis of big data.

• Cloud Services — we use cloud technologies for scaling and business efficiency.

   

About Us
We are a dynamically growing company specializing in developing high-load and fault-tolerant systems. Our team values professionalism, innovation, and a commitment to continuous growth.

Responsibilities:

• Lead the design, implementation, and integration of various cyber defense tools
• Conduct threat hunting over log sources connected to the SIEM and develop new coverage
• Monitor security alerts, perform triage and analysis, and respond to security incidents
• Identify security tools and implement solutions from POC to production (e.g., container security, cloud security, etc.)
• Develop SOAR to enhance monitoring, response, and observability for security alerts
• Managing infrastructure as code with Terraform
• Managing configuration as code with Ansible (AWX), Helm and Jsonnet
• Work closely with Engineering and DevOps teams to define a security strategy and execute it. 

Requirements:

• Strong knowledge of AWS, Kubernetes, containerized, and microservice architectures
• Strong knowledge of Linux and using languages such as Shell/Bash, Python, or Go
• Strong knowledge of Terraform, Ansible and Helm
• Experience with security solutions in cloud environments (e.g., DDoS, WAF, IDS/IPS, DB-FW, Kubernetes security, etc.)
• Knowledge of build/release systems and CI/CD pipelines

Nice to Have:

• Experience with Elastic XDR, including fine-tuning ILMs

We offer:

• 30 day off — we value rest and recreation;
• Medical insurance for employees and the possibility of training employees at the expense of the company and gym membership;
• Remote work or the opportunity — our own modern lofty office with spacious workplace, and brand-new work equipment (near Pochaina metro station);
• Flexible work schedule — we expect a full-time commitment but do not track your working hours;

• Flat hierarchy without micromanagement — our doors are open, and all teammates are approachable.

   

During the war, the company actively supports the Ministry of Digital Transformation of Ukraine in the initiative to deploy an IT army and has already organized its own cyber warfare unit, which makes a crushing blow to the enemy’s IT infrastructure 24/7, coordinates with other cyber volunteers and plans offensive actions on its IT front line.

RISK inc: An International iGaming Company Pushing the Boundaries of Entertainment

Who We Are:

An international iGaming company specializing in identifying and fostering the growth of high-potential entertainment markets. With 700+ professionals in 20+ locations, we operate in 10 countries, serving over 300,000 customers.

Always Pushing the Boundaries? You Already Belong at RISK!

Our global-scale operations are based on strong internal expertise, analytics, and data research. We have expertise in iGaming operations (sports betting, online casino), digital and affiliate marketing, tech solutions, and data analytics.

We are seeking a SOC Specialist to become a part of our team.

Responsibilities:

• Event Collection and Analysis: Gather and analyze events from infrastructure components (websites, servers, databases).
• Security Rule Development and Implementation: Create and implement security rules for scenarios like fake registrations, mass registrations, and DDoS attacks.
• Monitoring and Incident Response: Monitor and respond to rule triggers/incidents, refine response rules, and handle blocking actions.
• Security Incident Investigation: Investigate security incidents.
• Resource and Service Registry: Maintain a registry of resources and services.
• Security Compliance Control: Ensure resource compliance with international security standards and apply the latest security patches.
• Collaboration with Subcontractors and Security Partners: Work closely with subcontractors and partner companies on security matters.
• Administration of Security Systems: Manage security systems such as MDM (Mobile Device Management), BYOD (Bring Your Own Device), SIEM (Security Information and Event Management), and CloudFlare.
• Risk Analysis and Mitigation: Assess existing risks and develop compensatory actions to minimize them. Risk Analysis for New Systems and Projects: Evaluate potential risks related to implementing new systems, services, or applications to enhance business processes.

Qualifications

• Minimum 3 years of experience in IT and/or information security.
• Solid understanding of IT Infrastructure and Network Security principles.
• Familiarity with IT infrastructure protection systems and network security.
• Experience with IAM (Identity and Access Management) systems.
• Proficient in vulnerability management systems.
• Experience in configuring SIEM tools (Open Search, Splunk, or others).
• Desired experience in configuring security policies for Google Workspace/Office 365.
• Familiarity with tools like Terraform, GitLab, Prometheus, Grafana, Loki, Docker, Docker Compose, PowerBI, HaProxy, Nginx, and LEMP.
• Familiarity with cloud solutions such as AWS, DigitalOcean, CloudFlare, GCP, and Kubernetes.
• Experience with external audits (either undergoing or conducting them).
• Strong understanding of risk and incident management methodologies.
• Excellent documentation skills (creating instructions, policies, guidelines).
• Familiarity with scripting languages like Python, Bash/Shell scripts, SQL, and PowerShell for automation, parsing, API work, and database tasks.
• Knowledge of security standards like ISO/IEC 27001 and NIST.
• Familiarity with antivirus systems; experience with CrowdStrike is a plus.
• Desired experience in deploying and administering databases.
• Desired experience with Windows, Linux, and MacOS operating systems.
• Intermediate or higher proficiency in English (both written and spoken).

Our Benefit Cafeteria is Packed with Goodies:

• Children Allowance
• Mental Health Support
• Sport Activities
• Language Courses
• Automotive Services
• Veterinary Services
• Home Office Setup Assistance
• Dental Services
• Books and Stationery
• Training Compensation
• And yes, even Massage

PIN-UP Global is an international holding specializing in the development and implementation of advanced technologies, B2B solutions and innovative products for the iGaming industry. We provide certification and licensing of our products, providing customers and partners of the holding with high-quality and reliable solutions.
 

We are looking for an Application Security Engineer to join our team.

Requirements:
 

- 2+ years in cybersecurity or software development.

- Experience with SAST/DAST/IAST tools (e.g., Semgrep, Snyk, Burp, OwaspZap).

- Knowledge of secure development practices (OWASP Top 10, CWE/SANS Top 25).

- Experience implementing Quality Gate in CI/CD.

- Understanding of web applications and API architecture (web-GRPC, REST, Ajax).

- Knowledge of security standards: ISO 27001, SOC 2, NIST, PCI-DSS.

- Basic understanding of containers (Docker, Kubernetes).

- Programming Languages:

- Python, Go, JavaScript, Bash for code review and scripting.

- Fluently on Russian or Ukrainian;
 

Will be plus:

- Certifications (optional): eWPT, OSWE, CEH, GWEB.

Responsibilities:

Application Security Analysis:
 

- Implement and maintain SAST/DAST tools.
- Conduct threat modeling for new features.
- Perform source code analysis for vulnerabilities.
- Ensure secure API implementations.

DevSecOps Processes:
 

- Set up security gates in GitLab CI/CD.
- Scan dependencies (Grype, Trivy).
- Validate Helm charts for security issues.

Vulnerability Management:
 

- Track vulnerabilities using DefectDojo.
- Prioritize and assign remediation tasks.
- Monitor vulnerability resolution.

Training and Documentation:
 

- Conduct secure coding workshops.
- Develop guidelines and checklists.

Our benefits to you:

☘️An exciting and challenging job in a fast-growing product holding, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and other
🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed
🧑🏻‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided
🏖Paid vacations, sick leave, personal events days, days off
💵Referral program — enjoy cooperation with your colleagues and get the bonus
📚Educational programs: regular internal training, compensation for external education, attendance of specialized global conferences
🎯Rewards program for mentoring and coaching colleagues
🗣Free internal English courses
🦄Multiple internal activities: online platform for employees with quests, gamification and presents for collecting bonuses, PIN-UP team clubs for movie / book / pets lovers, etc
🎳Other benefits could be added based on your location

Have you always dreamed of building a career in information security? Do you have an analytical mindset and a keen eye for detail?

We are looking for an IT Compliance & Audit Specialist who is eager to expand their knowledge in information technology and cybersecurity, as well as gain experience working in an international IT company.

You will work on a wide range of tasks related to information security to support the company's operations together with our Security Department.

Sounds interesting? There's more to come 💛

What you will do:

• Manage certification preparation processes (ISO, PCI DSS, SOC 2, etc.) and conduct them in accordance with relevant requirements (HIPAA, GDPR, CCPA, etc.)
• Monitor compliance of IT infrastructure with security standards;
• Collaborate with auditors and certification bodies;
• Monitor changes in legislation and security standards;
• Create documentation on policies and processes;
• Handle security requests from clients (external and internal);
• Develop and conduct internal audits;
• Assess risks and monitor compliance with security requirements;
• Prepare and conduct training on information security and compliance requirements.

What you need to succeed in this role:

• 3+ years of proven experience in information security, audit or compliance sphere(s);
• Degree in information technology, cybersecurity, law or risk management;
• Certifications (one or more) are desirable:
  - ISO 27001 Lead Implementer / Lead Auditor;
  - CISM (Certified Information Security Manager);
  - CISA (Certified Information Systems Auditor);
  - CISSP (Certified Information Systems Security Professional);
  - CIPP/E or CIPM (for GDPR);
  - PCIP, ISA or QSA (for PCI DSS).
• Experience in external audits and certification preparation;
• Knowledge of risk management principles;
• Skills in conducting GAP analysis and internal audits;
• Outstanding analytical skills and attention to detail; 
• Excellent English skills (for interacting with auditors, writing policies and reports, communicating with clients).

Would be a plus:

• Experience working in the financial and/or tech industry that handles sensitive data;
• Experience in automating compliance processes (GRC platforms, ISMS systems);
• Knowledge of DevSecOps approaches for integrating security into the development lifecycle.

Benefits and Perks:

• Business hours;
• Opportunity to work fully remotely;
• Creative and unique art offices;
• Inclusive international environment;
• Compensation in USD;
• Good bonuses for referring friends;
• Paid intensive training and probation;
• Mind-blowing corporate events and social activities;
• Work-life balance;
• Responsive management interested in your growth and long-lasting cooperation;
• Greenhouse conditions for self-development.

PIN-UP Global is an international holding specializing in the development and implementation of advanced technologies, B2B solutions and innovative products for the iGaming industry. We provide certification and licensing of our products, providing customers and partners of the holding with high-quality and reliable solutions.
 

We are looking for a Application Security Engineer to join our team.

Requirements:
 

- In-depth understanding of WAF and Firewall operations (Application level L7).

- Experience with WAF solutions such as CloudFlare, AWS WAF, AWS CloudFront, DataDome, or similar.

- Ability to develop security policies for protecting web applications and network infrastructure

- Knowledge of network protocols (TCP/IP, HTTP/HTTPS, DNS etc.)

- Experience in mitigating DDoS attacks (analysis, response, and protection)

- Proficiency with automation tools

- Languages: Python, Bash etc.

- Skills in log analysis and incident diagnostics within security systems.

- Experience with SIEM systems (e.g., Splunk, ELK, etc.).

- Fluent Russian or Ukrainian;

Will be plus:

- Infrastructure as Code: Terraform, Ansible.

- Experience with CI/CD pipelines (preferred).

- Knowledge of cloud technologies and services (AWS, Azure, GCP).

- Understanding of Zero Trust and DevSecOps concepts.

- Experience in configuring and managing CDNs (e.g., CloudFlare).

- Knowledge of security best practices (NIST, ISO 27001).

Responsibilities:

- Configure and manage L7 WAFs (e.g., CloudFlare, AWS CloudFront, DataDome, or similar solutions).

- DDoS Mitigation

- Automate WAF management and configuration processes using modern tools and approaches.

- Develop and implement security policies to protect the network infrastructure and web applications.

- Audit and review WAF and Firewall configurations to ensure compliance with security standards.

- Design and implement measures to mitigate and prevent DDoS attacks targeting web applications and infrastructure.

- Handle operational tasks related to WAF management, as assigned in the ticket system (e.g., Jira).

- Participate in integrating and configuring monitoring and alerting systems for proactive threat detection.

- Use automation tools (Python, Terraform, Ansible, etc.) to simplify WAF setup and management.

Our benefits to you:

☘️An exciting and challenging job in a fast-growing product holding, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and other
🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed
🧑🏻‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided
🏖Paid vacations, sick leave, personal events days, days off
💵Referral program — enjoy cooperation with your colleagues and get the bonus
📚Educational programs: regular internal training, compensation for external education, attendance of specialized global conferences
🎯Rewards program for mentoring and coaching colleagues
🗣Free internal English courses
🦄Multiple internal activities: online platform for employees with quests, gamification and presents for collecting bonuses, PIN-UP team clubs for movie / book / pets lovers, etc
🎳Other benefits could be added based on your location

About Sisense

Sisense is the unified, collaborative data platform for professional data teams. We help thousands of data teams tackle increasingly complex data challenges, from ETL through predictive analytics. Our customers trust us with their most important data, using Sisense to query everything from revenue metrics to personally identifiable information of their users.

The Opportunity

We’re looking for a hands-on Security Operations Engineer to strengthen our detection and response capabilities. In this role, you will be the frontline defender of our cloud infrastructure, leading incident management and response efforts while continuously improving our security posture. You will report directly to our Security leadership team and play a critical role in safeguarding our customers’ most sensitive data.

Why Join Our Information Security Team

At Sisense, security is foundational to everything we do. We leverage cutting-edge technology not just for our product but also for our internal services and security operations. As a global company, we value diversity and believe that different perspectives enhance our security thinking and capabilities.

You’ll collaborate closely with engineering, IT, and cross-functional teams to implement and maintain robust security monitoring solutions that protect our cloud infrastructure. While ensuring the highest levels of security, you’ll also develop streamlined processes that enable the business to move quickly and efficiently.

What You’ll Do

• Lead Incident Response: Serve as primary responder to security alerts, perform initial triage, conduct thorough investigations, and coordinate remediation efforts
• Enhance Detection Capabilities: Design, implement, and fine-tune detection rules and alerts across our cloud environment to identify potential security threats
• Manage Security Monitoring: Maintain and optimize our SIEM/SOAR platforms to ensure comprehensive visibility into our security posture
• Drive Threat Hunting: Proactively search for indicators of compromise and potential security gaps within our cloud infrastructure
• Automate SecOps Workflows: Develop and implement automation to improve identification and response times for security events
• Improve Cloud Security Monitoring: Develop and run tools to gather security telemetry data from cloud production systems
• Conduct Investigations: Perform forensic analysis of security incidents, document findings, and communicate effectively to stakeholders
• Enhance Response Protocols: Continuously refine incident response procedures and runbooks to ensure swift and effective handling of security events

What You Have Accomplished So Far

• 3+ years of experience in security operations, with a strong focus on incident detection and response
• Demonstrated experience responding to and managing security incidents in cloud environments (AWS/Azure/GCP)
• Proficiency with SIEM and SOAR platforms, including rule creation, tuning, and maintenance
• Strong knowledge of cloud security monitoring tools and techniques
• Experience analyzing endpoint, network, and application logs for anomalous events
• Practical understanding of common attack vectors, TTPs, and how to detect them
• Knowledge of malware functionality and persistence mechanisms
• Experience with security automation and scripting for incident response workflows
• Growth mindset with a focus on continuous improvement of security operations

Will Be a Plus

• Experience with cloud-native security tools and services
• Proficiency in scripting languages (eg: Python) for security automation
• Familiarity with threat intelligence platforms and their integration into detection systems
• Experience with EDR solutions and email security technologies
• Knowledge of IT security audit techniques and compliance frameworks
• Security certifications such as GCIH, GCIA, CISSP, or similar

OUR BENEFITS:

• We’re all working remotely now
• We hire only people we trust. All Sisensers join the company without a probation period
• We believe all Sisensers should be owners of our company’s success. We grant all employees stock options that start vesting on Day One
• We support a work-life balance philosophy and provide unlimited vacations (flexible time off) and additional long weekends to all Sisensers
• We support professional growth with access to the modern learning platform
• We care about each other. All team members have extended medical insurance
• We provide Sisensers with a sports reimbursement to support physical fitness and mental wellbeing

Who we are:
Selesa offers IT outsourcing, specialist out-staffing, and project management services to enhance business operations. We focus on providing skilled professionals for IT needs, including development, security consulting, and business development. Selesa also manages sales, account management, and human resources to support company growth. Our services are known for efficiency, quality, and strong communication, making us a trusted partner for businesses looking to streamline and secure their IT infrastructure. Originated in Vilnius, Lithuania, we cater to global clients

Who we are looking for:

 

We are looking for a driven Security Engineer to join our team and play a key role in safeguarding our organization’s future.

Responsibilities:

• Detect and handle cyber threats to the iGaming platform by applying effective security measures to reduce risks.
• Develop and implement security architectures to safeguard the organization's infrastructure, applications, and data.
• Set up and manage encryption to keep sensitive data safe when stored and shared.
• Install and set up firewalls, IDS/IPS, and other security tools.
• Maintain network security by configuring and managing firewalls, VPNs, and other protective components.
• Oversee user access to ensure only authorized individuals can view sensitive information.
• conduct penetration testing to identify vulnerabilities in systems and applications, simulating real-world cyberattacks to discover weaknesses
• Conduct penetration tests and find system or application weaknesses by simulating cyberattacks.

• Ensure compliance to standards like ISO 27001, SOC 2, and similar ones

   

Requirements:

• Familiarity with iGaming-specific regulations and standards. 
• +3  Years Experience of work in a field
• Proficiency in SIEM Solutions, Vulnerability Assessments, Incident Response & Networks 
• Familiarity with ISO27001 & NIST
• Knowledge of Penetration Testing Processes (Hands-On Experience would be bonus, but not required)
• Experience with cloud platforms like AWS, Azure, and Google Cloud, and their security features. 
• Knowledge of network security principles, including firewalls, intrusion detection systems, and VPNs.
• Understanding of application security best practices, including secure coding principles, web application firewalls, and OWASP guideline
• Strong attention to detail and teamwork skills
• Ability to meet deadlines in a fast-paced environment.

What we offer:

• Fully remote position with a flexible schedule
• Long-term opportunity with potential for financial and career advancement

• Supportive and positive work culture, collaborating with like-minded teammates

   

When submitting your application, please make sure to include your responses to the following screening questions in your COVER LETTER:

1. Please explain to us your level of spoken/written English. Just rank it from 1 to 10, where 10 means a Native Speaker; 8-9 means a Near Native Speaker; 6-7 means Fluent Speaker; under 6 any further levels.
2. What experience do you have working with iGaming-specific regulations and standards? How do you ensure your security measures align with these requirements?
3. Can you showcase your experience with cloud platforms like AWS, Azure, or Google Cloud? How do you secure these platforms and their features?
4. What are your Monthly salary expectations for a long-term, full-time position (if we consider 40 hours a week)?

Role Overview

We are seeking a Cloud Security Engineer for EU client with deep expertise in Microsoft Azure. In this role, you will design, implement, and maintain robust security controls across our Azure environments. Experience with Oracle Cloud is a plus but not required.

Key Responsibilities

• Security Architecture: Define and implement security frameworks for Azure subscriptions, resource groups, and workloads
• Identity & Access Management: Configure and manage Azure AD, role-based access control (RBAC), and conditional access policies
• Network Security: Design and enforce network controls using NSGs, Azure Firewall, and Azure Virtual WAN
• Data Protection: Implement encryption at rest and in transit (Azure Key Vault, Azure Disk Encryption, TLS)
• Monitoring & Incident Response
• Compliance & Governance: Deploy and tune Azure Sentinel workspaces for SIEM and SOAR
• Automation & DevSecOps: Integrate security checks into CI/CD pipelines using Azure DevOps or GitHub Actions

Must-Have Qualifications

• 3+ years in cloud security engineering, with a focus on Azure
• Microsoft Certified: Azure Security Engineer Associate (AZ-500), equivalent or higher
• Proficiency with Azure security services: Azure AD, Key Vault, Sentinel, and Firewall
• Strong scripting skills (PowerShell, Python) for security automation
• Experience with network security design and implementation in Azure
• Solid understanding of compliance frameworks and regulatory requirements

Preferred Skills

• Hands-on with Azure DevOps or GitHub Actions for pipeline security integrations
• Familiarity with container security (AKS) and Kubernetes network policies
• Optional: Experience with Oracle Cloud Infrastructure (OCI) security controls and migration strategies
• Knowledge of vulnerability management tools and processes
• Excellent communication skills and the ability to translate technical requirements for stakeholders

Responsibilities:

• Perform comprehensive security audits of our C++ based robotics software stack.
• Identify, analyze, and mitigate security vulnerabilities in embedded systems, network interfaces, cloud infrastructure and application logic.
• Design and implement security improvements such as secure communication protocols, secure boot, access control, and firmware protection.
• Establish security guidelines and best practices for the development team.
• Collaborate with software and hardware teams to integrate security into our CI/CD and development processes.

• Lead or support incident response and root-cause analysis for any discovered security issues.

   

Requirements:

• Experience with C++ development.
• Strong understanding of cybersecurity principles, including threat modeling, secure coding, authentication, and encryption.
• Familiarity with secure communications (TLS, SSH), code signing, and access control mechanisms.
• Hands-on experience with VPN technologies (e.g., OpenVPN) and secure remote access strategies.
• Experience with Linux-based systems and debugging security-related issues.
• Ability to conduct static and dynamic code analysis, fuzz testing, and vulnerability scanning.
• Excellent communication and documentation skills.

At WhiteTech, we empower businesses in the financial ecosystem with cutting-edge white-label and SAAS solutions.

Our comprehensive suite of tools is tailored for EMI, PSP, e-commerce, and open banking platforms. With WhiteTech, clients gain access to a platform designed for flexibility, scalability, and seamless integration.

Our mission is to help businesses unlock their full potential in a rapidly evolving financial landscape.

Whether scaling your PSP, enhancing your EMI services, or diving into open banking, WhiteTech is your partner for innovation and growth.

We are a remote-first technology company and welcome applications from candidates across Europe, including the EEA, the UK, Switzerland, and other non-EEA European countries such as Ukraine, Moldova, Georgia, Armenia, Montenegro, Turkey, and the Western Balkans. We also consider applicants from different locations who can work within Central European Time (CET).

Key Responsibilities:

• Support company preparation for PCI DSS and ISO/IEC 27001 certifications
• Develop and implement security policies, procedures, and technical controls
• Collaborate with auditors, technical teams, and business stakeholders
• Analyze logs, incidents, and vulnerabilities; participate in incident investigations
• Support identity and access management (IAM) processes and automation
• Work with SIEM, DLP, and SOC tools and processes
• Perform risk assessments and help implement mitigation measures
• Create security reports and dashboards based on key metrics

Requirements:

• 3+ years of experience in information security
• Knowledge of PCI DSS and ISO/IEC 27001 standards
• Experience with audits or certification processes
• Hands-on experience with security tools: SIEM, vulnerability scanners (e.g., Nessus, Qualys)
• Understanding of RBAC and the principle of least privilege
• Experience developing security documentation (policies, procedures)

Nice to Have:

• Relevant certifications (PCI DSS, ISO 27001, CISSP, CISA, etc.)
• Experience with IAM systems and process automation
• Strong analytical skills and attention to detail
• Team player with the ability to perform under pressure
• English proficiency (for reading technical documentation)

Our recruitment process typically follows these stages:

1. Application screening
2. Interview Stages (2-3 weeks):
    
   • Prescreen Call with the Recruiter 
   • Final Interview 
3. Job Offer
4. Referrals: Employment and Background Check

We offer: 

• Competitive compensation package (commensurate with your experience)
• Access to paid corporate English lessons (through Preply)
• 19 business days of flexible Paid Time Off (PTO)
• Fully remote work with flexible hours (within the CET time zone) from any location of your choice
• Values-driven culture with a friendly and supportive work environment
• Opportunity to regularly participate in conferences and community events as both a participant and contributor
• Matrix organizational structure designed to streamline communication, remove barriers, and promote efficiency

Embrace the opportunity to develop your skills in a cutting-edge fintech environment.

Please apply now to be part of our dynamic team and make a tangible impact on the future of payments!

Let’s build something great together!