Jobs Security

• Project Description:

  One of the world's largest providers of products and services to the energy industry has a need to develop, support and integrate software system in Oil & Gas domain.
  You will be a member of a cross functional team.
  Key project stakeholders are open for innovative ideas.
  Project is based on SCRUM methodology.
  This is a great opportunity to work in an international team, apply and learn modern IT technologies

   

• Responsibilities:

  Quickly learn new technologies and improve proficiency
  Follow up with Developer on open vulnerabilities
  Share reports of open, closed vulnerabilities
  Develop unique, effective security strategies for software systems, networks, and cloud provider
  Safeguards information system assets by
  identifying and solving potential and actual security problems
  Maintain quality service by following
  organization standards
  Contribute to team effort by accomplishing
  related results as needed

   

• Mandatory Skills Description:

  Understanding of definitions related to cyber security: Vulnerability, attack vector, threat , security risk, SAST, DAST, WAF ets
  Understanding of networking, Operating systems (Windows and Linux)
  Basic concepts in programming Ex: Python
  Very good English as team is multinational

Location: Remote 
Client Domain: Managed IT Services / Cybersecurity / Cloud / MSP 
English level: B2 - strong spoken English required for daily communication and interviews 

About the Project 

We are partnering with a USA-based MSP company that has been delivering managed IT services, cybersecurity solutions, cloud services, and infrastructure management for over 25 years. 
You will work in a modern, security-focused environment supporting multiple small and medium business clients with advanced Microsoft 365 and endpoint security solutions. 

Responsibilities 

Microsoft Intune / Endpoint Manager 

• Manage MDM/MAM for Windows, macOS, iOS, and Android environments. 
• Create, deploy, and troubleshoot Configuration Profiles and Compliance Policies. 
• Implement and manage Windows Autopilot, Apple Business Manager, and other provisioning methods. 

Security & Conditional Access 

• Design and implement Conditional Access policies within Zero Trust frameworks. 
• Work with Microsoft Entra ID (Azure AD), including MFA, Identity Protection, and directory management. 
• Apply and manage Intune Security Baselines. 

Microsoft Defender Suite 

• Administer Defender for Endpoint (MDE), including ASR rules, TVM, and security integrations. 
• Support additional Defender workloads (Defender for Office 365, etc.). 

Automation 

• Use PowerShell for automation, configuration, mass deployment, and remediation scripts. 

Technical Experience (MSP-Focused) 

• Proven experience managing multiple Microsoft 365 / Intune tenants. 
• Implementing security policies following industry standards (HIPAA, CMMC, Cyber Essentials, etc.). 
• Packaging and deploying applications (Win32, LOB, Store Apps) via Intune. 
• Managing Windows Update Rings and patching through Intune. 
• Troubleshooting enrollment issues, policy conflicts, CA blocks, and compliance problems. 

Soft Skills & Mindset 

• Ability to communicate clearly and professionally with both technical and non-technical clients. 
• Strong documentation skills — SOPs, configurations, playbooks. 
• Scalability mindset: building reusable, template-based solutions for many clients. 
• Ability to prioritize and manage multiple projects in a fast-paced MSP environment. 
   

Certifications 

(Training completed or certifications in progress are acceptable.) 
Highly valued certifications for this role: 

• MD-102 - Microsoft 365 Endpoint Administrator Associate 
• SC-300 - Microsoft Identity and Access Administrator Associate 
• SC-200 - Microsoft Security Operations Analyst 

We Offer 

• Opportunity to propose solutions and influence technical decisions 
• Dynamic and challenging tasks 
• Team of experienced professionals 
• Competitive salary 
• Low bureaucracy 
• Continuous self-improvement 
• Long-term employment with paid vacation and social benefits 
• A bunch of perks 😊 

Requirements:

• Experience as a System Administrator ( 2 years +) 
• Knowledge of MacOS at the administrator level
• Network Technologies
• Basic knowledge of remote desktops and the principles of the thin clients
• Knowledge of the basics of information security
• Knowledge of ISO27001, ISO27002 and similar documents and experience with ISO/IEC 27001 certification audits in information security
• Understanding the basic aspects of information security and network components (firewalls, switches, routers, VPNs)
• English: Intermediate (B1-В2). Fluent level is welcome

Would be a plus:

• Experience in supporting or taking part in corporate inventory checks

Responsibilities:

• Implementing and enforcing security policies
• Monitoring security events and incidents
• Conducting risk assessments and security audits
• Managing cybersecurity tools and protection systems
• Delivering information security awareness training for employees
• Ensuring compliance with standards and requirements (ISO 27001)
• Creating, reviewing, and regularly updating ISO 27001 documentation (Confluence)
• Collaborating with German colleagues on ISMS-related tasks (document preparation, reporting, participation in meetings)

This role is new to our company, and the specialist will be the first to establish and develop this area.

What you will get working with us:

- Full technical equipment (MacBook, 2K additional monitors, and a comfortable workplace)

- Remote working equipment provided if needed

- Work exclusively with cutting-edge technologies

- Friendly and professional team atmosphere

- 8-hour workday with no overtime

- Full tax compensation

- 18–24 days of paid vacation

- Paid sick leave:

10 days with a medical certificate

5 days without a certificate

Recruitment Process:

1. Online Call — detailed discussion of the vacancy with a Recruiter (up to 30 minutes)
2. Online Call — English level check (up to 10 minutes)
3. Technical Interview - (up to 60 minutes)

The order of the stages may vary during the process, but always with the goal of moving forward together.

Before sending your CV, please carefully review the vacancy details to save both your time and ours.
If your experience matches the requirements — you will definitely receive feedback.

We are looking for a highly skilled and strategic Senior DevSecOps Engineer to lead our security operations and infrastructure automation initiatives. In this role, you will bridge the gap between development, security, and operations, ensuring our on-premise environment remains secure, resilient, and efficient.

You will act as a subject matter expert, leveraging cutting-edge tools like CrowdStrike to automate threat detection and response, while maintaining robust perimeter security via Cloudflare.

KEY RESPONSIBILITIES:

• Implementation and automation of security tools in the CI/CD process (SAST, DAST, SCA).
• Analysis of vulnerabilities in code, infrastructure and containers.
• Development and configuration of security monitoring systems, incident response.
• Monitoring and improving the security level of on-prem infrastructures.
• Interaction with developers, DevOps and security teams to implement secure practices.
• Active participation in the processes of IAM configuration, management of certificates, secrets and access policies.
• Conducting internal security audits, participation in external (e.g. penetration) tests.

REQUIRED QUALIFICATIONS:

• Experience: 5+ years of experience in DevSecOps, Security Engineering, or a related field, with at least 2 years in a Senior role.

• Tooling Expertise: Deep hands-on experience with the following specific tools:

  - Baremetal/on-premise infrastructure

  - Docker (Docker Swarm is a strong plus)

  - Gitlab CI

  - CrowdStrike

  - Cloudflare

  - ELK.

• SIEM Proficiency: Proven experience deploying and tuning SIEM solutions (e.g., Splunk, Elastic Security, Datadog, or similar).
• Infrastructure: Strong background in managing on-premise infrastructure (physical servers, data centers, virtualization, networking).
• Scripting: Proficiency in Python, Go, or Bash for automation and tooling.

NICE-TO-HAVE:

• Experience with Kubernetes and such tools as Wiz.io and Torq.
• Previous involvement in high-load, regulated, or 24/7 production environments (e.g., iGaming, FinTech, telecom or similar).

WE OFFER:

• Fully remote work opportunity

• Enhanced leave benefits:

  - 20 days of paid vacation

  - 5 paid days off

  - 14 paid sick leaves

• Company clubs & communities
• Celebration gifts for personal milestones
• Corporate online events, raffles & challenges
• Corporate English program
• Corporate yoga classes
• Team-building activities
• Coworking compensation
• Training and development programs (internal & external).

RISK inc: An International iGaming Company Pushing the Boundaries of Entertainment
 

Who We Are:

An international iGaming company specializing in identifying and fostering the growth of high-potential entertainment markets. With 1000+ professionals in 20+ locations, we operate in 10 countries, serving over 300,000 customers.
 

Always Pushing the Boundaries? You Already Belong at RISK!

Our global-scale operations are based on strong internal expertise, analytics, and data research. We have expertise in iGaming operations (sports betting, online casino), digital and affiliate marketing, tech solutions, and data analytics.

Your main responsibilities will be:

• Provide exceptional operational management and support for the analysis and investigation of security incidents;
• Respond promptly to alerts, perform triage operations, and determine the appropriate level of response;
• Decide on and implement the best course of action in response to cyber attacks, initiating suitable recovery procedures;
• Investigate, document, and report on information security issues and emerging trends;
• Maintain, monitor, and operate security infrastructure and related technologies;
• Conduct security assessments for newly acquired systems and technologies to ensure compliance with security standards.

Essential professional experience:

• Understanding of network and systems security, security testing, and software security;
• Experience with Windows & *nix platforms;
• Familiar with scripting languages (Bash, Python, Powershell);
• Knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS and HTTP Protocols, network analysis;
• Knowledge of common malware threats and attack methodologies;
• Analytical and observational skills;
• Threat Hunting experience;
• Strong communication skills, team player, able to function independently and as part of a team;
• Endless will to learn something new.

Additional Information

Our Benefit Cafeteria is Packed with Goodies:

• Children Allowance
• Mental Health Support
• Sport Activities
• Language Courses
• Automotive Services
• Veterinary Services
• Home Office Setup Assistance
• Dental Services
• Books and Stationery
• Training Compensation
• And yes, even Massage!

We are looking for an endpoint/workstation support engineer to support multiple mixed MacOS/Windows/Lin remote working environments. You should maintain a high level of user satisfaction, as well as properly document your work.

Your primary tasks will include:

* Enduser remote support for agents installation

* AV alerts investigation

* Ensuring security compliance policies are in place (e.g. full disk encryption, firewall)

* Implementing updates on agent installation packages whenever new version arrives

* Testing of Windows/Win/Lin endpoint agent updates

The candidate should have a proof records of successful projects in the following areas:

* support of AV/EDR/VPN and other security agents on multiple platforms

* Intune MDM

* Apple Business Manager

* Windows, MacOS and Linux endpoint support

* Basic Unix shell and Powershell scripting

* MS Graph API and other REST API basic experience

* Windows and MacOS troubleshooting with the aid of Sysinternals tools and different set of MacOS tools (netstat, lsof, vmstat, top, dtruss, etc.)

* Fluent English

* Teamwork and problem solving mind

* Compliance framework basic awareness (ISO27001/PCI-DSS/HIPAA etc.)

* ITIL and IT service basic awareness and ability to write end-user documentation/procedures/instructions

A big plus if have all or any of the following:

* Microsoft Intune certification or other Microsoft Security/Endpoint certificationi

* Any AV vendor certification

* Any security related certification (e.g. ISO27001LA, CISSP, CISA)

The role

As an Intern, you will assist in the development and implementation of our security controls, gaining hands-on experience in information security. In this role, you will support the security team in conducting security audits, risk assessments, and vulnerability testing. You will work closely with our security experts to learn about security best practices, threat analysis, and compliance regulations.

You will contribute to the protection of sensitive customer data and the development of secure solutions that meet global security standards.
 

Requirements

• Currently pursuing a degree in Computer Science, Information Assurance, or a related field
• Basic understanding of security principles, including threat analysis and vulnerability assessment
• Familiarity with security frameworks and regulations (e.g. HIPAA, GDPR)
• Excellent analytical and problem-solving skills
• Ability to work in a fast-paced environment and prioritize tasks effectively
• Passion for information security and protecting sensitive data
   

Responsibilities

• Assist in conducting security audits and risk assessments to identify vulnerabilities
• Support the development of security policies and procedures to ensure compliance with regulations
• Participate in vulnerability testing and penetration testing activities
• Collaborate with cross-functional teams to develop secure software development practices
• Assist in the development of incident response plans and disaster recovery procedures
• Participate in security awareness training and education activities
   

About HelloBiome

HelloBiome is an innovative B2B biotech startup at the forefront of AI-powered microbiome innovation. We are dedicated to revolutionizing consumer health by leveraging the microbiome. Through democratizing access to microbiome data, HelloBiome utilizes advanced AI technologies to develop targeted health solutions, transforming these insights into commercial applications for our business clients. Trusted by over 20 clients, including industry giants like Unilever, we are not just predicting the future of consumer health; we are actively shaping it. At HelloBiome, every step we take is towards a healthier future, optimizing well-being one microbiome at a time.
 

Our Culture

At HelloBiome, we thrive in a globally connected, remote work environment with team members distributed across Europe, the US, Canada, and Korea. Our headquarters are in San Francisco and Our dynamic and international team embodies a culture of kindness paired with a drive for innovation and excellence. We value proactive individuals who bring a self-starter mindset to their roles, always seeking new ways to advance our mission. Attention to detail is crucial in our work, as we are committed to delivering precise and impactful health solutions to our B2B clients.
 

This remote and flexible work structure not only fosters a diverse and inclusive atmosphere but also encourages a balance between personal growth and professional excellence. Join us and be part of a team that is shaping the future of consumer health through groundbreaking AI-powered microbiome innovation.

Project-Based | Ukraine (Remote / Hybrid)

About the Role

We’re looking for a hands-on SOC 2 Compliance Expert / vCISO to take full ownership of our SOC 2 Type 1 audit and drive it to completion.

This is not a consulting or advisory role. We need a closer — someone who executes, fixes gaps, works directly in the tools, and leads us to a signed SOC 2 report.

The Situation

We’ve been working on SOC 2 for ~6 months and are close, but progress has stalled. The foundation is there — what’s missing is focused execution and ownership to push through the final stretch.

Scope of Work

Gap Remediation

• Review our current SOC 2 progress in [Vanta / Drata / Manual — specify]
• Clearly identify remaining gaps and blockers

Evidence Collection

• Personally collect, prepare, and upload required evidence
  (screenshots, logs, configs, access reviews, etc.)
• We will provide all required system access

Policy Management

• Finalize, polish, and align all required security policies:
  • Information Security
  • Incident Response
  • Disaster Recovery / BCP
  • Access Control, etc.

Auditor Liaison

• Act as the primary point of contact with the auditing firm
• Handle auditor questions, clarifications, and follow-ups end to end

Technical Coordination

• Translate compliance gaps into clear, actionable tickets
• Work with our dev team on any remaining technical fixes

Who We’re Looking For

• Proven experience successfully closing SOC 2 audits (Type 1 required, Type 2 a plus) for SaaS companies
• Strong technical background:
  • AWS or GCP
  • CI/CD pipelines
  • Access control & IAM
• Highly execution-focused and autonomous
• Comfortable owning the process without constant oversight

Engagement Details

• Project-based / sprint-focused
• Immediate start preferred
• Ukraine-based candidates preferred (but open to strong remote profiles)

How to Apply

Please DM with:

1. A short summary of the last 2 SOC 2 projects you personally closed
2. Your availability to start immediately
3. Your rate (fixed price for the sprint or hourly)

We are looking for a Head of Product Security to join our teams!

Requirements:

- 8+ years of experience in Product Security, Application Security, or DevSecOps
- Proven experience building or scaling a Product Security function in a product-based organization
- Strong expertise in Secure SDLC and security integration into modern development workflows
- Hands-on experience with application security testing, threat modeling, and secure architecture reviews
- Strong understanding of cloud-native architectures and product-related cloud security risks
- Experience managing multi-disciplinary security teams across AppSec, Pentest, DevSecOps, and Cloud Security
- Experience owning vulnerability lifecycle management with risk-based prioritization
- Ability to translate technical security risks into business impact and decisions
- Strong written and verbal communication skills in English

Will be a plus:

- Experience in iGaming, FinTech, SaaS, or other regulated industries
- Hands-on experience with Kubernetes and containerized environments
Exposure to red teaming or adversary simulation
- Familiarity with security-related compliance frameworks (e.g. ISO 27001, PCI DSS, SOC 2)

Responsibilities:

- Build and own the end-to-end Product Security lifecycle across all company products
- Define, implement, and enforce Secure SDLC, embedding security from design through production
- Lead and manage Product Security teams including Pentesting, Application Security, Application Security Architecture, DevSecOps, and Cloud Security Operations
- Drive security architecture reviews and threat modeling for new and existing products
- Own product vulnerability management, including discovery, triage, prioritization, remediation tracking, and verification
- Define and oversee pentesting and offensive security strategy, scope, cadence, and remediation follow-up
- Ensure secure usage of cloud-native services, APIs, and third-party dependencies within products
- Partner with Engineering, Product, and Infrastructure leadership to align security with business objectives
- Lead product-related security incidents, including root cause analysis and long-term corrective actions
- Define and report Product Security KPIs and metrics to executive stakeholders

Technical Stack:

- Application & Product Security: SAST, DAST, SCA, secrets scanning, secure code review, threat modeling
- Cloud Security: AWS, GCP; cloud-native services, IAM, least-privilege models; zero trust tools and approach.
- DevSecOps & CI/CD: CI/CD pipelines, security automation, Infrastructure as Code, secrets management
- Container & Platform Security: Docker, Kubernetes, container image and runtime security
- Pentesting & Offensive Security: Web, API, mobile, and cloud pentesting, remediation validation
- Monitoring & Incident Response: Centralized logging, product-level detection, SOC integration

Our benefits to you:

☘️An exciting and challenging job in a fast-growing holding, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and more
🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed
🧑🏻‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided
🏖Paid vacations, sick leave, personal events days, days off
💵Referral program — enjoy cooperation with your colleagues and get the bonus
📚Educational programs: regular internal training sessions, compensation for external education, attendance of specialized global conferences
🎯Rewards program for mentoring and coaching colleagues
🗣Free internal English courses
✈️In-house Travel Service 
🦄Multiple internal activities: online platform for employees with quests, gamification, presents and news, PIN-UP clubs for movie / book / pets lovers and more
🎳Other benefits could be added based on your location
 

We are Dynamica Labs (Microsoft Gold Partner), an IT company focused on implementing Microsoft Dynamics 365 CRM for our clients.  
 
We are looking for a Founder’s Associate/Executive Assistant — someone who will work closely with the COO and co-founders on a daily basis, helping to maintain focus across multiple tasks and turn operational and management priorities into clear actions.  

You will be involved in various aspects of company management, including business processes, operational efficiency, team development, client relations, building the founder's personal brand, as well as financial and legal matters. This role is ideal for those who enjoy wearing multiple hats, thrive on efficiency, and hands-on work in a dynamic environment. It demands a high level of trust, autonomy, and direct engagement with real business challenges. 
 

Your responsibilities 

• Coordinate workflows and support collaboration across different departments. 
• Manage correspondence and communications efficiently. 
• Assist in client and partner interactions. 
• Prepare presentations and materials for internal and external meetings. 
• Handle documentation, reporting, and administrative tasks. 
• Support problem-solving and contribute to process improvements. 
• Manage calendars, meetings, and events. 
• Participate in special projects, tasks, and initiatives, including those that do not yet have a dedicated owner. 

What we expect from you 

• 2+ years of experience in Business Assistant / Executive Assistant with business focus, Operations, Project or related roles 
• Experience working in fast-growing or dynamic environments 
• Quick learner, able to quickly adapt to new tools and business contexts 
• Ability to organize and structure complex and changing contexts 
• Strong communication skills: concise, clear, and to-the-point in speaking and writing 
• Structured thinking and attention to detail 
• High level of autonomy — able to work independently without micromanagement 
• Responsibility in handling information 
• English level B2+ for emails and calls 

Benefits 

• Microsoft Gold Partner — experienced business system integrator 
• Work with UK and US clients 
• Opportunities for self-realization, professional development, and career growth 
• Skilled management and mature processes supporting your work 
• Exposure to interesting and diverse projects 
• Friendly and supportive team environment 
• Transparent payment system 
• Flexible work schedule and remote work 
• Paid public holidays, annual leave, and sick days 
• Guidance, mentoring, and training in Dynamics 365 and PowerApps 

About the role 

This position is ideal for someone who wants to work not just as support but as a partner in operational and management tasks, gradually becoming more involved in the business and taking on increasing responsibility. 
 

PIN-UP Global is an international holding specializing in the development and implementation of advanced technologies, B2B solutions and innovative products. We provide certification and licensing of our products, providing customers and partners of the holding with high-quality and reliable solutions.

We are looking for a Security Officer to join our team!

Requirements:

- Higher education in Law or Economics;

- At least 3 years of experience in HR/internal and economic security within private enterprises;

- Proven experience in background checks of individuals and legal entities;

- Previous experience in law enforcement is a strong advantage;

- Knowledge of security systems and protocols;

- Experience collaborating with polygraph specialists;

- Strong experience working with databases;

- Proficient PC user;

- Ukrainian or Russian language C1 and above;

- Fluent English, including spoken communication;

- Willingness to travel abroad to ensure security at exhibitions and conferences.

Responsibilities:

- Conduct regular risk assessments to identify vulnerabilities and threats affecting the holding’s assets;

- Respond promptly to security-related incidents, including investigation and corrective measures;

- Prepare security status reports, analyze incidents, and develop recommendations for improvement;

- Collaborate with other departments to integrate security considerations into business processes;

- Ensure protection of personal data (GDPR compliance) and trade secrets;

- Conduct background checks during recruitment and support exit processes;

- Organize security measures during corporate events, exhibitions, and conferences.

Benefits:
☘️ An exciting and challenging job in a fast-growing holding, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and more;
🤝🏻 Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed;
📍 Beautiful offices in Warsaw, Limassol, Kyiv, Almaty, Yerevan work remotely or on-site with comfort and enjoy the opportunity to build a network of connections with professionals day by day;
🧑🏻‍💻 Modern corporate equipment based on macOS or Windows and additional equipment are provided;
🏖 Paid vacations, sick leave, personal events days, days off;
👨🏻‍⚕️ Corporate health insurance program for your well-being;
💵 Referral program enjoy cooperation with your colleagues and get the bonus;
📚 Educational programs: regular internal training sessions, compensation for external education, attendance of specialized global conferences;
🎯 Rewards program for mentoring and coaching colleagues;
🗣 Free internal English courses;
🧘 Yoga classes to help you stay active and energized;
🦄 Multiple internal activities: online platform for employees with quests, gamification, presents and news, PIN-UP clubs for movie and book lovers, board games cozy evenings, special office days dedicated to holidays;
🎳 Company events, team buildings.

Responsibilities:

• Conduct regular analysis of affiliate traffic to identify fraud across CPA, Hybrid, RevShare, and Fixed models using both internal and third-party analytics tools.
• Analyze user behavior (FTD, retention, unusual patterns) to detect suspicious or incentivized traffic schemes.
• Prepare and update affiliate offer terms and Insertion Orders (IO) with clear anti-fraud conditions.
• Perform pre-checks of new affiliates and deal terms before campaign activation.
• Approve or reject affiliate payouts based on traffic quality evaluation (final compliance check before payment execution).
• Collaborate with affiliate managers to explain payout rejections and clarify reasons for non-payment.
• Suggest improvements to anti-fraud processes and contribute to the development of internal fraud prevention policies.
  
   

Requirements:

• Minimum 1 year of experience in iGaming or Betting as an Affiliate Analyst, Traffic Analyst, or Anti-Fraud Specialist.
• Solid understanding of CPA, Hybrid, and RevShare models and the fraud risks associated with each.
• Proficiency in traffic analysis using tools like Google Sheets and Power BI (user-level).
• Knowledge of common fraudulent patterns such as multi-accounting, bonus abuse, incentivized traffic, and geolocation manipulation.
• Experience in drafting clear and contract-compliant IO (Insertion Order) terms for affiliates.
• Strong attention to detail, high level of accountability, and ability to work with large datasets effectively.
• English B1
  
   

Hard Skills:

• Experience working with affiliate tracking platforms
• Knowledge of CPA, Hybrid, and RevShare models, including payout logic and traffic evaluation
• Proficient in Excel / Google Sheets: formulas, pivot tables, data filtering
• Basic experience with BI tools such as Power BI, Tableau, Looker (a plus)
• Understanding of tracking mechanics: link structure, SubID, S2S postbacks, tracking pixels
• Familiarity with common types of affiliate fraud: incentivized traffic, multi-accounting, bonus abuse, cloaking, proxy/VPN usage
• Experience drafting and reviewing Insertion Order (IO) terms and affiliate agreements
• Ability to analyze traffic anomalies using key metrics such as CR, EPC, Retention, LTV, and ROI
  
   

Soft Skills:

• Strong attention to detail
• Analytical and critical thinking skills
• Ability to clearly argue decisions, including payout rejections
• Flexible and diplomatic communication style
• High sense of responsibility and reliability when handling data and deadlines
• Comfortable working in cross-functional teams (finance, affiliate, legal)
• High ethical standards and respect for confidentiality
• Proactive mindset with a drive to identify issues and suggest improvements
  
   

What do we offer?

1. Remote work.
2. Flexible working hours.
3. Competitive salary paid on time.
4. Friendly and proactive team.
5. No bureaucracy, unnecessary reports, or calls.
6. 20 days of paid leave, 5 sick leave and holidays are days off.

Job Description

We are seeking a seasoned Security Architect & Offensive Specialist to serve as the technical anchor for our Product Security program. This is a high-visibility role for a "security-first" engineer who can navigate a whiteboard session on threat modeling just as comfortably as they can exploit a logic flaw in an API or automate a security gate in a CI/CD pipeline.

Job requirements:

Technical Experience & Expertise

• Offensive Security Mastery: Extensive experience in manual Penetration Testing focusing on Web Applications, APIs, and Cloud environments.
• Security Architecture: Proven ability to conduct deep-dive Security Architecture Reviews and enforce secure design patterns across complex systems.
• Threat Modeling: Hands-on experience leading threat modeling sessions using industry-standard frameworks such as STRIDE or PASTA.
• Vulnerability Management: Expertise in validating, triaging, and prioritizing vulnerabilities from external bug bounty programs or third-party vendors.
• AI/ML Security: Emerging expertise in securing Large Language Models (LLMs), including implementing AI Guardrails and defending against prompt injection and data leakage.

DevSecOps & Automation:

• CI/CD Integration: Demonstrated experience embedding security "gates" and automated scanners directly into DevOps pipelines.
• Application Security Tooling: Deep technical proficiency with the following categories:
• SAST: (e.g., Checkmarx, SonarQube)
• SCA: (e.g., Snyk, Black Duck)
• DAST: (e.g., Burp Suite Enterprise, OWASP ZAP)
• Automation: Ability to automate security workflows and "blocking" mechanisms for critical-severity issues to ensure high developer adoption.

Preferred Qualifications

• Relevant certifications such as OSCP (Offensive Security Certified Professional), CISSP-ISSAP, or specialized Cloud Security certifications (AWS/Azure/GCP).
• Experience securing Machine Learning (ML) pipelines.

Job Responsibilities

Core Responsibilities:

1. Architecture & Threat Modeling

• Lead Threat Modeling sessions (STRIDE/PASTA) for critical features early in the design phase.
• Conduct Security Architecture Reviews to identify logical flaws and enforce secure design patterns.

2. Penetration Testing (Offensive Security):

• Perform deep-dive manual Penetration Testing (Web, API, Cloud) to validate critical vulnerabilities
• Manage external bug bounties or pen-test vendors and validate their findings.

3. DevSecOps & Tooling (SAST, DAST, SCA):

• Pipeline Integration: Embed and tune security scanners into the CI/CD pipeline to minimize noise and maximize developer adoption.
• SAST: (e.g., Checkmarx, SonarQube) for code analysis.
• SCA: (e.g., Snyk, Black Duck) for open-source dependency management.
• DAST: (e.g., Burp Suite Ent, OWASP ZAP) for runtime testing.
• Automate "blocking" gates for critical severity issues.

4. AI Security & Guardrails (Strategic Growth):

• Research and implement AI Guardrails to secure LLM usage (preventing prompt injection, PII leakage)
• Collaborate with data teams to secure the ML pipeline and define AI usage policies.

Department/Project Description

We’re building a platform of cutting-edge Generative AI services that automate the boring parts of software development—from test generation to infra setup. We’re hiring a highly technical AQA who lives in code, understands cloud-native stacks (Azure, GCP, Kubernetes, Terraform), and enjoys transforming complex real-world scenarios into reliable automated checks. You’ll validate that our platform truly covers real customer workflows, highlight gaps, and drive improvements.

Job Description

We are seeking a highly skilled Security Architect to lead and drive our on-premises business engagements. This is a customer-facing, hands-on technical role responsible for designing, deploying, and supporting enterprise-scale solutions in complex customer environments. You will serve as the trusted technical advisor for customers, bridging Customer Success, R&D, and Product Management, and acting as the voice of the customer within the organization.
You will help customers architect secure, scalable, and high-performing deployments, oversee complex upgrades, and ensure the overall success of on-premises implementations.

Key Responsibilities

• Serve as the primary technical point of contact for on-premises deployments and upgrades.
• Engage directly with customers to understand their infrastructure, security requirements, and business objectives.
• Architect and design on-premises deployments aligned with customer needs, best practices, and security principles.
• Drive deployment, integration, and optimization of platforms in customer environments.
• Perform and oversee complex upgrades, migrations, and architecture transformations.
• Act as the escalation point for on-premises technical and deployment challenges.
• Collaborate with R&D, Product, and Support teams to drive continuous improvement and provide structured customer feedback.
• Provide technical guidance and mentorship to Professional Services and support engineers.
• Support proof-of-concept activities, architectural review, and security validation with customers.
• Participate in post-deployment reviews to ensure reliability, performance, and compliance with best practices.
• Represent the voice of the customer to internal teams, influencing roadmap and product decisions.
• Develop and maintain documentation, reference architectures, and deployment methodologies for on-premises environments.

Job Responsibilities

Required Qualifications

• Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or related technical field.
• 7+ years of experience in cybersecurity, infrastructure, or solution architecture roles.
• Strong expertise in on-premises deployments, including servers, storage, virtualization, and networking.
• Deep understanding of security architectures, endpoint protection, and defense-in-depth concepts.
• Hands-on experience with Linux, Windows Server, and enterprise IT ecosystems.
• Proven ability to design and deliver complex, high-availability enterprise deployments.
• Excellent customer-facing communication skills, capable of translating technical solutions into business value.
• Experience working with Professional Services teams and managing customer escalations.
• Strong problem-solving and troubleshooting skills in mission-critical environments.
• Familiarity with agile project delivery and cross-functional collaboration.

Preferred Qualifications

• Master’s degree in Cybersecurity, Computer Science, or Engineering.
• Relevant certifications: CISSP, CSSLP, CCSP, OSCP, CEH, or similar.
• Experience with endpoint detection & response (EDR), SIEM, or threat intelligence platforms.
• Working knowledge of cloud and hybrid architectures.
• Understanding of security compliance frameworks (NIST, ISO 27001, SOC 2, GDPR, etc.).
• Experience with DevOps/CI-CD processes for product deployment and upgrades.
• Scripting or programming familiarity (Python, Bash, PowerShell).
• Demonstrated ability to lead technical workshops, customer briefings, and architecture reviews.

Department/Project Description

The client is a product international company that provides a defence platform that enables development and security teams to protect critical workloads against emerging threats and undiscovered vulnerabilities with a lightweight agent that protects the organisation's public, private and hybrid cloud deployments on-premises data centres managed. In addition, it is an advanced endpoint detection and response platform, which gathers as much information as possible to detect and analyse complex threats while being as non-intrusive as possible, minimising the impact on the network and the endpoint.

• Project Description:

  One of the world's largest providers of products and services to the energy industry has a need to develop, support and integrate software system in Oil & Gas domain.
  You will be a member of a cross functional team.
  Key project stakeholders are open for innovative ideas.
  Project is based on SCRUM methodology.
  This is a great opportunity to work in an international team, apply and learn modern IT technologies

   

• Responsibilities:

  Application Security with strong AI/ML security exposure
  Threat modeling and risk assessment for AI systems, APIs, and cloud-native applications
  Protection against prompt injection, adversarial ML, data poisoning, and model abuse
  Secure SDLC and CI/CD integration, including MLOps pipelines
  Hands-on experience with SAST, DAST, SCA, container scanning, and security automation
  Strong collaboration with development and data science teams

   

• Mandatory Skills Description:

  5+ years in Application Security, with at least 1-2 years focused on AI/ML security
  Strong secure coding and vulnerability management background (OWASP Top 10)
  Experience with cloud platforms (AWS and/or Azure)
  Strong programming skills in Python or Java
  Familiarity with AI platforms such as Amazon Bedrock, SageMaker, or Spark
  Strong communication skills