Jobs Security

We are looking for an Information Security Compliance Manager to join our teams!

📌 Requirements

— 5+ years of experience in Information Security, GRC, or Compliance roles within regulated industries (iGaming, fintech, payments, or similar)
— Proven hands-on experience with information security frameworks and standards such as ISO/IEC 27001 and/or PCI DSS
— Practical knowledge of GLI standards and requirements applicable to iGaming platforms and gaming systems
— Strong understanding of regulatory-driven security and compliance environments
— Experience leading and managing a GRC or security compliance team (2–5 specialists), including task prioritization, performance management, and mentoring
— Proven ability to manage security audits, certifications, and interactions with external auditors, testing laboratories, and regulators
— Practical experience with risk management, policy development, and control governance
— Experience working with cloud-based environments and modern technology stacks
— Strong documentation, analytical, and stakeholder communication skills
— Ability to operate independently, take ownership, and scale compliance processes in a fast-paced, multi-jurisdiction environment

⭐ Will be a plus

— Experience working in iGaming B2C or B2B platforms
— Previous participation in AGCO/Ontario, MGA, UKGC licensing projects
— Hands-on experience with GLI-19 / GLI-33 compliance
— Experience implementing or maintaining ISO 27001 ISMS end-to-end
— Certifications: ISO 27001 Lead Implementer / Lead Auditor, CISM, CISA, CRISC, PCI ISA / PCIP
— Experience supporting SOC 2 Type II or PCI DSS assessments
— Knowledge of responsible gambling controls and player protection requirements
— Experience building documentation frameworks (Confluence, data flows, diagrams)
— Familiarity with Jira workflows for compliance, audits, and evidence tracking
— Understanding of DevSecOps and security testing practices

💭 Soft Skills

— Strong communication skills with both technical and non-technical stakeholders
— Ability to translate regulatory and legal requirements into clear technical tasks
— High level of ownership, structure, and attention to detail
— Strong analytical and documentation skills
— Ability to manage multiple concurrent audits and compliance initiatives
— Proactive problem-solving mindset and ability to challenge assumptions
— Ability to work cross-functionally with Product, Engineering, DevOps, Security, and Legal
— Resilience and ability to work in a fast-paced, high-growth environment
— Excellent English, written and spoken

📌 Responsibilities

— Own and manage information security compliance across the iGaming business, including ISO/IEC 27001, PCI DSS, and applicable GLI standards
— Define, maintain, and continuously improve the GRC framework, including security policies, risk management processes, and control governance
— Lead and coordinate information security audits, certifications, and regulatory or laboratory assessments
— Manage and develop a small Security Compliance team, ensuring effective delivery of compliance and audit activities
— Oversee third-party and vendor security compliance, including payment providers, game providers, and technology partners
— Ensure security and compliance requirements are embedded into products, platforms, and operational processes
— Oversee security incident handling from a compliance, audit, and regulatory reporting perspective

• Project Description:

  One of the world's largest providers of products and services to the energy industry has a need to develop, support and integrate software system in Oil & Gas domain.
  You will be a member of a cross functional team.
  Key project stakeholders are open for innovative ideas.
  Project is based on SCRUM methodology.
  This is a great opportunity to work in an international team, apply and learn modern IT technologies

• Responsibilities:

  Quickly learn new technologies and improve proficiency
  Follow up with Developer on open vulnerabilities
  Share reports of open, closed vulnerabilities
  Develop unique, effective security strategies for software systems, networks, and cloud provider
  Safeguards information system assets by
  identifying and solving potential and actual security problems
  Maintain quality service by following
  organization standards
  Contribute to team effort by accomplishing
  related results as needed

• Mandatory Skills Description:

  Understanding of definitions related to cyber security: Vulnerability, attack vector, threat , security risk, SAST, DAST, WAF ets
  Understanding of networking, Operating systems (Windows and Linux)
  Basic concepts in programming Ex: Python
  Very good English as team is multinational

• Nice-to-Have Skills Description:

  Willing to have a hacker mindset and methodology
  Familiar with agile methodologies

• Languages:
  • English: B2 Upper Intermediate

We are global advocacy platform powering creator communities for the world's leading beauty and personal care brands. Founded in 2019, we help brands like L'Oréal, Estée Lauder, Coty, and Unilever build authentic relationships with millions of creators, driving user-generated content at scale.

What We Do:

• Connect brands with 350M+ creators globally through our proprietary database
• Power advocacy programs across 40+ markets (US, UK, EU, LATAM, Middle East, Asia)
• Process millions of creator interactions, content submissions, and campaign data points monthly
• Handle sensitive personal data (PII), financial transactions, and brand-creator relationships

Our Scale:

• Trusted by Fortune 500 beauty & personal care brands
• Processing 100k+ creator content submissions monthly
• Operating in 40+ countries with localized compliance requirements

Why Join Us:

• High-growth SaaS scale-up at the intersection of social, beauty, and enterprise tech
• Build security & compliance infrastructure from the ground up - you'll own it
• Work directly with Fortune 500 clients (L'Oréal, Unilever, Estée Lauder)
• Remote-first culture with global team
• Meaningful equity stake in a fast-growing company

The Role: Head of Information Security & Compliance

As our first Head of InfoSec & Compliance, you'll be the guardian of trust - ensuring we meet the highest standards of data protection, security, and regulatory compliance as we scale globally. You'll build our compliance framework from the ground up, own enterprise client security reviews, and future-proof our platform for SOC 2, ISO 27001, and global data privacy regulations.

This is a foundational role. You'll have the autonomy to shape our security posture, define policies, and build the systems that enterprise clients demand.

What You'll Do

Compliance & Regulatory (40%)

• Own GDPR, CCPA, LGPD, and emerging data privacy regulations across 40+ markets
• Maintain SOC 2 Type II certification (or lead first certification if not yet achieved)
• Prepare for ISO 27001 certification roadmap
• Manage DPIAs (Data Protection Impact Assessments) for new features/markets
• Be the go-to expert for client compliance questionnaires, security reviews, and audits
• Ensure vendor compliance (AWS, payment processors, third-party APIs)

Client Security & Enterprise Sales Enablement (30%)

• Own enterprise client security reviews (infosec questionnaires, pen test reports, architecture reviews)
• Support sales team with security documentation, certifications, and client security calls
• Build & maintain security collateral (security white papers, data flow diagrams, compliance matrices)
• Act as security liaison for enterprise clients (L'Oréal, Unilever, Estée Lauder)
• Negotiate data processing agreements (DPAs) and BAAs

InfoSec Infrastructure & Risk Management (30%)

• Design and implement security policies, procedures, and controls
• Conduct regular risk assessments and threat modeling
• Manage vulnerability management program (pen tests, bug bounties, security scanning)
• Oversee incident response planning and execution
• Drive security awareness training for engineering and ops teams
• Monitor security tools (SIEM, CASB, endpoint protection) and respond to alerts

RubyPlay is a place where passion meets competence. Since 2017, we’ve made more than 200 innovative games and built more than 100 strong partnerships globally!

Proud to be:

• The Winner at BFTH Arena Awards — Best Online Casino Game
• Shortlisted for SBC Awards 2024 — Casino/Slots Developer of the Year
• A strong player on 10+ markets globally
• Beloved workplace for hundreds of specialists from 34 countries

We are now growing our team and looking for driven professionals ready to build their careers in a strong, international studio with a product that’s making waves worldwide.

We are seeking a talented and experienced Security Engineer to join our growing team. 
As a Security Engineer, you will play a critical role in ensuring the security and integrity of our platform, as well as implementing and maintaining robust security measures to safeguard our systems and data.

Here’s How You’ll Make an Impact:

• Design, implement, and maintain security systems and solutions to protect our platform from different types of threats, exploits and attacks
• Conduct regular security assessments and penetration tests to identify vulnerabilities and weaknesses in our systems, and develop and implement remediation plans
• Monitor and analyze security logs and alerts to identify suspicious activities and security incidents
• Collaborate with various teams, including development, devops, operations and product management to integrate security best practices into the software development lifecycle and ensure that security is considered at every stage of the development process
• Stay up-to-date with the latest security threats, vulnerabilities, and industry best practices, and proactively recommend and implement security improvements and enhancements
• Provide security guidance and support to internal teams and external partners, and assist with security-related inquiries and incidents
• Build up policies and procedures in line with industry standards (including ISO27001, ISMS) and support our compliance team in the various audit processes required for the company’s compliance with a multitude of  regulated markets we operate in

What Makes You A Strong Candidate:

• Bachelor's degree in Computer Science, Information Technology, or a related field
• Solid understanding of information security principles and concepts with a focus on cloud security and DevSecOps practices
• Proven experience in building and executing security testing including penetration testing, vulnerability scanning, ethical hacking on systems running on GCP/AWS/Azure and VMWare
• ISO27001- Lead Implementer Certification
• Hands-on experience with security tools and technologies, including SIEM systems, endpoint security solutions, and encryption technologies
• Very good English level, with the ability to write official security documentation, processes and procedures
• Strong analytical and problem-solving skills, with the ability to analyze complex systems and identify security vulnerabilities and weaknesses
• Excellent communication and interpersonal skills, with the ability to effectively communicate technical concepts to both technical and non-technical audiences
• Relevant industry certifications, such as CISSP (Certified Information Systems Security Professional), CCSP (Certified Cloud Security Professional) and CEH (Certified Ethical Hacker) are a plus

Why You’ll Love It Here:

• Remote-first flexibility — Work from anywhere with a setup for deep focus and work-life balance
• Learning & growth — Development budgets and dedicated days to upskill and explore new areas
• Health & wellness — Medical coverage and well-being budgets to help you feel balanced, strong, and supported
• Yearly bonus — Rewards based on company success and your impact
• Career growth — Vertical and horizontal opportunities to grow and advance
• Global team — Talented, diverse colleagues you’ll enjoy working with

Interested in becoming a RubyPlayer and making a mark in the iGaming world? Join us!

Location: EU Remote (Preferably Ukrainian speaking) 
Client: Tier-1 Global Tech Leader

About the Role: We are looking for a Security Engineer to act as the human intelligence layer for our client’s AI-driven security initiative. You will be responsible for triaging and validating potential security vulnerabilities across a massive variety of codebases (C#, C++, Rust, TypeScript, JS, etc.). 

This is a unique opportunity to work with high-maturity, top-notch source code at a global scale and help protect software used by billions. Your goal is to distinguish genuine security threats from false positives and provide actionable feedback to senior engineering teams.

Responsibilities:

• Perform deep-dive manual source code analysis on findings generated by AI and SAST tools.
• Determine the "exploitability" of a finding based on data-flow and control-flow analysis.
• Write clear, concise technical reports for developers explaining the vulnerability and why it is a true positive.
• Collaborate with the client to refine AI detection logic based on your triage results.

Requirements:

• 3+ years in Application Security, Security Research, or specialized Quality Assurance.
• The "Polyglot" Mindset: Demonstrated ability to read and understand multiple languages (C#, C++, TypeScript/JS are high priority).
• Deep understanding of common vulnerabilities, such as OWASP Top 10 and SANS Top 25 vulnerabilities.
• Demonstrable manual and SAST source code  review experience
• Education: Degree in CS, Cyber Security, or equivalent experience.
• Language: Professional English (B2).

Bonus Points:

• Pentesting experience and relevant certifications, such as OSCP, OSWE, or GWEB.
• Binary vulnerabilities

Our Mission and Vision

At Solidgate, our mission is clear: to empower outstanding entrepreneurs to build exceptional internet companies. We exist to fuel the builders — the ones shaping the digital economy — with the financial infrastructure they deserve. To achieve that, we’re on a bold path: to become the #1 payments orchestration platform in the world.

We believe the future of payments is shaped by people who think big, take ownership, and bring curiosity and drive to everything they do. That’s exactly the kind of teammates we want on board.
 

About the Role

Solidgate builds financial infrastructure for fast-growing internet businesses worldwide. Our platform processes millions of payments daily and operates in a highly regulated fintech environment, where security is a fundamental business requirement.

As our company scales, we are strengthening and expanding our Information Security team and are looking for an Information Security Engineer to support and develop our corporate and operational security practices.
 

The mission of this role is to reduce the risk of compromise of corporate accounts, devices, and SaaS systems by:

• maintaining compliance with international security standards
• ensuring controlled and auditable access
• strengthening security awareness across the company
• and supporting effective incident response

This role focuses on corporate security, access management, vulnerability management, and compliance, working closely with engineering, IT, and business teams to ensure Solidgate remains secure, resilient, and audit-ready at all times.
 

What You Will Own

As an Information Security Engineer, you will be responsible for corporate and operational security controls, including:

• Supporting and maintaining ISMS, PIMS, and BCMS frameworks
• Participating in external certifications and audits (PCI DSS, ISO 27001, ISO 27701, ISO 22301, GDPR, DORA)
• Managing access control processes: IAM / SSO / MFA, Joiner—Mover—Leaver processes, regular access reviews and privilege control
• Operating and tuning information security tools, including: vulnerability scanners, IAM and access control systems, anti-phishing tools and security awareness platforms
• Analyzing alerts and findings, including false positives, and driving remediation
• Maintaining and updating asset and information security risk registers
• Supporting incident response activities and post-incident analysis
• Conducting and tracking Disaster Recovery (DRP) and Business Continuity (BCP) tests, ensuring identified gaps are addressed
   

You are a great fit if you have

• 3+ years of experience in Information Security
• Knowledge of at least one security standard: ISO/IEC 27001, SOC 2, or PCI DSS
• Hands-on experience with building and operating an information security management framework, including policies, risk management, and incident response.
• Strong experience with access management (IAM): least privilege principles, RBAC / ABAC, MFA / SSO, Joiner—Mover—Leaver processes and regular access reviews
• Experience configuring and administering security tools such as: IAM solutions, vulnerability scanners, XDR / endpoint protection, anti-phishing and phishing simulation platforms
• Ability to communicate effectively with engineers, IT teams, and external auditors
   

Nice to Have

• Experience participating in or leading external security audits
• Hands-on experience with ISO 22301, ISO 27701, GDPR, or DORA
• Experience automating information security or compliance processes
• Background in security operations or security engineering within a regulated environment
   

Why Join Solidgate?

Build security that protects the business. Own and evolve corporate security controls that safeguard our people, systems, and data at scale.

Your expertise counts. Enjoy real autonomy to improve access management, compliance processes, and operational security tooling.

Room to experiment. Apply modern approaches to security operations, automation, and awareness with strong leadership support.

Impact & visibility. See the results of your work directly in successful audits, reduced risk exposure, and stronger organizational security.

Collaborative environment. Work alongside experienced security professionals, engineers, and stakeholders who value clarity, ownership, and partnership.

The Extras: 30+ days off, unlimited sick leave, free office meals, health coverage, and Apple gear to keep you productive. Courses, conferences, sports and wellness benefits — all designed for ideas, focus, and fun.

Tomorrow’s fintech needs your mindset. Come build it with us.

We are looking for a Senior Backend Engineer with strong DevOps experience to join a modern, large-scale cybersecurity platform. This role focuses on backend architecture, distributed systems, and production infrastructure, with a high level of ownership of critical systems running in cloud environments.

The project is a well-funded, post–Series B cybersecurity product with a strong engineering-driven culture. You will work on complex, production-grade systems, collaborate closely with engineering leadership, and contribute to long-term architectural decisions in a fast-paced startup environment.

Benefits

• Long-term, full-time engagement
• High level of ownership over backend architecture and production systems
• Challenging engineering problems in a cybersecurity domain
• Modern cloud-native stack and distributed systems
• Close collaboration with senior engineers and product leadership
• Opportunity to influence technical direction and system evolution

About the client:

FlexMade is a software development company headquartered in Seattle, USA. We have delivery centers and branch offices in the USA, Germany, Poland, and Ukraine.

We create reliable and scalable software for businesses from North America and Europe. We do it using modern programming technologies and, of course, by hiring highly experienced and qualified personnel.

With over 15 years of experience in the IT market, we have polished the high efficiency of our software development processes. We’re fast and responsive, honest and professional. Besides, we’re a crew of really easy-going people!

Requirements:

• 8+ years of professional software development experience
• Strong backend expertise with Node.js (TypeScript, NestJS) and Python
• Proven experience designing and maintaining distributed systems / microservices architectures
• Strong DevOps experience with production cloud infrastructure
• Deep understanding of scalable systems and backend architecture
• Strong experience with AWS (mandatory)
• Hands-on experience with Kubernetes and containerized environments
• Strong experience with PostgreSQL and data-intensive systems
• Prior startup experience (mandatory)
• Ability to operate independently with high ownership and technical maturity

Responsibilities:

• Design, develop, and maintain backend services using Node.js (TypeScript) and Python
• Lead architectural improvements and major refactoring initiatives across distributed systems
• Own production systems, including monitoring, debugging, and incident response
• Drive improvements in system reliability, performance, and operational excellence
• Work closely with cloud infrastructure and DevOps tooling
• Collaborate with multiple engineering and product teams to deeply understand system workflows
• Design scalable backend architectures with clear trade-off analysis (performance, cost, scalability, maintainability)
• Participate in technical decision-making and long-term architectural planning
• Review code and contribute to raising overall engineering quality and standards
• Nice to Have:
• Experience with Dagster or other data orchestration platforms
• Experience with GCP or Azure in addition to AWS
• Infrastructure-as-Code experience (Terraform or CloudFormation)
• Experience with cloud cost optimization initiatives
• Experience working closely with senior stakeholders or leadership teams

The Role

We are looking for an Application Security Engineer to be a core technical pillar of our new Application Security team. This is a hands-on technical leadership role without people management responsibilities.

You will be the go-to person for security architecture, secure coding practices, and vulnerability management.

Your primary mission is to ensure the integrity of our core platforms—the Exchange and GRX Pay—by building automated security systems and defining the standards that protect our users' assets. You will analyze the existing infrastructure to understand its strengths and weaknesses, developing a clear strategy to harden and evolve it.

While this is a remote-first role, you should be based in a CET-adjacent timezone to collaborate effectively with colleagues. You can also expect to travel for periodic in-person team gatherings.

What You’ll Do

• Architect Secure Systems: Design, build, and maintain the security frameworks for our web and mobile applications, ensuring security is baked into the platform from the start.
• Audit and Hardening: Analyze the existing codebase and infrastructure to identify vulnerabilities. Develop and execute a strategy for incrementally refactoring legacy features into the new, secure platform.
• Secure the Exchange: Profile and optimize our applications to ensure a reliable and secure experience for the data-intensive Golden Ratio Exchange.
• Set the Standard: Define and enforce best practices for code quality, security testing, and automated vulnerability scanning (e.g., SAST, DAST) across all codebases.
• Technical Leadership: Act as the primary technical mentor for other engineers regarding secure development life cycles (SDLC). Solve the most complex challenges related to cryptography and data protection.
• Collaborate: Work closely with the Security Manager and Product teams to translate business needs into scalable, secure technical solutions.

What We’re Looking For

• Experience: 3+ years of professional experience in application security or software engineering with a heavy focus on security.
• Legacy Systems Experience: Demonstrable experience working with and securing large, existing codebases. You see complex legacy code as a challenge to be solved, not avoided.
• Technical Expertise: Expert-level knowledge of web and mobile security vulnerabilities (OWASP Top 10) and deep familiarity with TypeScript or React environments.
• Security Mindset: Experience building or maintaining shared security libraries or automated security tooling. You enjoy building tools that make other developers more productive and secure.
• Quality Focus: A deep commitment to code quality, automated testing, and integrating security into CI/CD pipelines.
• Location: Based in a timezone adjacent to Central European Time (CET) for optimal team collaboration.
• Communication: Excellent skills in articulating complex technical security concepts clearly to both technical and non-technical stakeholders.

What We Offer

• High-Impact Role: A unique opportunity to be a founding technical expert for application security, making key architectural decisions.
• Clear Ambition: The chance to join a company with a clear goal of becoming the #1 crypto platform in the EU.
• Greenfield Culture, Brownfield Code: A rare chance to join a new company culture with no baggage, while solving the interesting technical challenges of a mature product.
• Flexibility & Connection: A 100% remote-first role with periodic, all-expenses-paid team gatherings and a new hub in Ticino, Switzerland.

Our Mission and Vision

At Solidgate, our mission is clear: to empower outstanding entrepreneurs to build exceptional internet companies. We exist to fuel the builders — the ones shaping the digital economy — with the financial infrastructure they deserve. To achieve that, we’re on a bold path: to become the #1 payments orchestration platform in the world.
 

About the Role

Solidgate builds financial infrastructure for fast-growing internet businesses worldwide. Our platform processes millions of payments daily and operates in a highly regulated fintech environment, where security is a core product requirement — not an afterthought.
 

Our engineering organization builds and scales a complex cloud-native platform with over 120 microservices. As the company continues to grow, we are strengthening our security organization and introducing a dedicated Application Security Engineer role.
 

The mission of this role is to keep our business and revenue safe by building security into the way we develop software — from early design decisions to CI/CD pipelines and live production systems.
 

This is a hands-on Application Security role focused on embedding security into the software development lifecycle and reducing real product risks.
 

You will work closely with engineering teams to:

• design secure application architectures
• improve secure coding practices
• detect vulnerabilities early in the development lifecycle

• continuously improve application security as part of everyday engineering work

   

You will have a direct impact on how secure software is built across a large microservices ecosystem, influencing standards, tooling, and engineering culture.
 

Explore our technology stack ➡️ here (https://solidgate-tech.github.io/)

 

What You Will Own

As an Application Security Engineer, you will be responsible for application-level security across our fintech platform, including:
 

• Building and maintaining secure coding standards and supporting their adoptionl across development teams
• Conducting threat modeling during architecture and design stages
• Implementing and improving application security testing, including: SAST, DAST, Dependency and secrets scanning, CI/CD security checks
• Performing regular application security assessments and maturity evaluations (OWASP ASVS, OWASP SAMM)
• Managing the full vulnerability lifecycle: triage, prioritization, remediation support, and validation
• Supporting external penetration testing and Bug Bounty programs
• Identifying and mitigating security risks in cloud environments and CI/CD pipelines
   

You are a great fit if you have

• At least 2 years of experience in Application Security or Product Security
• Hands-on experience with OWASP Top 10 vulnerabilities
• Practical experience with: secure code reviews, threat modeling, SAST and DAST tools and their integration into CI/CD pipelines
• Strong understanding of web application and API security
• Ability to communicate clearly with engineers and work as a partner rather than a blocker
   

Nice to Have

• Experience with container security and cloud security tooling
• Familiarity with DevSecOps and shift-left security practices
• Experience automating application security processes
• Background as a software engineer or close collaboration with development teams
  
   

Why Join Solidgate?
 

Build security that matters. Lead initiatives that define how security is embedded into our software development lifecycle across multiple teams and products.

Your expertise counts. Enjoy real autonomy — propose, test, and implement security practices and tooling that directly improve product resilience and reduce risk.

Room to experiment. Apply modern AppSec, automation, and shift-left approaches with full support from engineering and security leadership.

Impact & visibility. See the results of your work directly in more secure products, fewer vulnerabilities, and stronger engineering practices.

Collaborative environment. Work side by side with experienced, curious engineers who treat security as a shared responsibility and value partnership over gatekeeping.

The Extras: 30+ days off, unlimited sick leave, free office meals, health coverage, and Apple gear to keep you productive. Courses, conferences, sports and wellness benefits — all designed for ideas, focus, and fun.
 

Tomorrow’s fintech needs your mindset. Come build it with us.
 

🫂 Know top talent? We’re always on the lookout. Recommend someone for our role, and if they get hired, there’s a bonus waiting for you — simple as that.

Playtech‘s Security unit is looking for an experienced Cloud Security Engineer with strong communication skills and security‑focused critical thinking to support business needs.

Job Description

Your influential mission. You will...

• Oversee cloud security governance and monitoring
• Maintain a Cloud Security Posture Management (CSPM) solution
• Collaborate with DevOps, IT, development and GRC teams to provide subject‑matter expertise in the Google Cloud domain
• Support and maintain cloud‑native security controls
• Conduct security reviews for cloud environments
• Develop documentation outlining security recommendations and best practices
• Identify weak spots, missing controls, vulnerabilities, providing clear recommendations for improvement and remediation
• Stay current on emerging security threats, vulnerabilities, and cloud security controls
• Participate in investigations and responses to potential security incidents

• Implement automation for security‑related tasks

   

Qualifications

Components for success. You...

• Bring at least 2 years of experience in a similar technical security role
• Demonstrate experience with Google Cloud Platform (GCP) and Google Workspace
• Apply strong knowledge of CSPM tools — preferably WIZ
• Understand how cloud infrastructure works, including architecture best practices, managed services, typical vulnerabilities, mitigations, and security best practices
• Communicate clearly, positively, and persuasively on security topics to both technical and non‑technical stakeholders, building effective relationships
• Maintain a strong security mindset with a business‑enablement focus
• Leverage familiarity with modern application development approaches (infrastructure as code, CI/CD, containers, serverless, code/artifact repositories, etc.), with hands‑on experience considered a plus
• Possess broad IT and enterprise architecture knowledge (TCP/IP stack, relevant protocols/technologies—firewall, proxy, etc.; server OS like Windows/Linux; web/database servers, etc.)
• Use basic scripting skills (Python/Shell) to automate and streamline daily tasks
• Communicate effectively in spoken and written English

• Operate effectively within an enterprise environment

   

You’ll get extra points for...

• Knowledge of AWS or Azure cloud

• Relevant security, systems, networking certifications

   

Thrive in a culture that values...

• Collaborating with a true product company where your impact is visible
• Growing through a structured educational program designed to support your development
• Continuously learning in a collaborative environment where experienced colleagues help you expand your skills

• Working in a friendly, supportive, and inclusive atmosphere

   

Additional Information

SECURITY TEAM
A dynamic and innovative team that focuses on developing and maintaining networks across Playtech. If you’re looking for a challenging and rewarding work environment, the Security Unit at Playtech is a great place to be!

Playtech is an equal opportunities employer. Our mission is to welcome everyone and create inclusive teams. We celebrate differences and encourage everyone to join us and be themselves at work.

Softsich is a young and ambitious international product IT company that builds scalable digital B2B platforms. We are looking for an experienced Internal Auditor who will strengthen our internal audit and risk management system.

Your key responsibilities will include:

• Planning and conducting risk-based internal audits (finance, payments, operations, marketing, etc.)
• Auditing the full payment cycle: deposits, withdrawals, bonuses, commissions, chargebacks, crypto
• Assessing the effectiveness of internal controls and governance
• Analyzing fraud risks and abuses, including internal cases
• Auditing partners, PSPs, providers, and affiliates
• Verifying the accuracy of management and financial reporting
• Preparing audit reports for CFO / CEO / Board
• Developing and monitoring corrective action plans
• Providing advisory support to the business on risk and control matters
• Participating in the development and update of internal policies and procedures 

It’s a match if you have:

• 3+ years of experience in internal audit / financial audit / risk & compliance
• Experience in fintech / payments / high-risk businesses is a strong advantage
• Hands-on experience with risk-based auditing
• Deep understanding of payment infrastructure (fiat + crypto)
• Experience working with multi-jurisdictional structures
• Experience interacting with C-level executives and/or the Board
• Strong independence in audit planning and decision-making

What we offer:

• Flexible schedule and remote format or offices in Warsaw/Kyiv - you choose.
• 24 paid vacation days, sick leaves, and health insurance (UA-based, other locations in progress).
• A supportive, friendly team where knowledge-sharing is part of the culture.
• Coverage for professional events and learning.
• Birthday greetings, team buildings, and warm human connection beyond work.
• Zero joules of energy to the aggressor state, its affiliated businesses, or partners.

Send your CV and let’s get to know each other better!

About Playson

Founded in 2012, Playson is a leading iGaming supplier recognized worldwide. We provide our partners with a high-end, microservice-based Platform-as-a-Service capable of processing billions of financial transactions daily. Our global infrastructure is designed for cross-regional performance, with a relentless focus on latency reduction and flawless player experience, regardless of bandwidth or connectivity.

We are now building a Platform & Cloud Security function and are looking for the first hire to launch and lead it. This is a rare opportunity to set the standards from scratch and shape how security is embedded into a modern, high-load, cloud-native environment.

Key Responsibilities

• Establish the DevSecOps function at Playson, defining best practices and security standards across the Platform Tribe.
• Integrate security into CI/CD pipelines (SAST, DAST, dependency scanning, container scanning).
• Harden infrastructure and runtime environments (Linux, Docker, Kubernetes/EKS, RBAC).
• Design and enforce cloud security controls in AWS (IAM least-privilege, GuardDuty, Security Hub, encryption at rest/in transit).
• Define and maintain IaC security policies (Terraform/Terragrunt, drift detection, policy-as-code).
• Implement and manage secrets management solutions (Vault, AWS Secrets Manager).
• Build centralized security monitoring & alerting (Datadog, ELK, CloudWatch, SIEM/SOAR).
• Lead vulnerability management and threat modeling practices.
• Automate workflows through scripting (Python, Bash).
• Partner with backend, infrastructure, and platform engineers to embed security in design & delivery.
• Contribute to compliance readiness (ISO 27001, GDPR, PCI-DSS).
• Act as a security subject-matter expert, mentoring engineers and raising awareness.
• Continuously evaluate and implement new security tools and approaches.

Requirements

• 5+ years in Security Engineering / DevSecOps roles, with proven success delivering secure infrastructure and applications.
• Strong skills in Python and Bash for building and automating security workflows.
• Cloud Security (AWS focus) - Deep knowledge of IAM least-privilege design, encryption at rest/in transit, GuardDuty, Security Hub, and best practices for securing multi-account environments.
• Implementation of security controls in pipelines (SAST, DAST, dependency scanning, container image scanning, policy-as-code).
• Hardening of Linux systems, Docker, Kubernetes/EKS; strong experience with RBAC, PodSecurity/OPA/Gatekeeper/Kyverno policies.
• Terraform/Terragrunt, including policy-as-code, drift detection, and compliance enforcement.
• Expertise with HashiCorp Vault, AWS Secrets Manager, or equivalent.
• Hands-on with centralized logging, SIEM/SOAR tools (Datadog Security, ELK, CloudWatch, etc.) and incident response workflows.
• In-depth understanding of secure network design, segmentation, and monitoring.
• Experience with tools enabling temporary, approval-based access (Teleport, AWS IAM Identity Center, Okta, etc.).
• Ability to design and enforce zero trust principles (continuous verification, microsegmentation, contextual access).
• Familiarity with SBOM generation (CycloneDX, Syft), artifact signing (Cosign, Sigstore), and applying SLSA/in-toto frameworks.
• Understanding of ISO 27001, GDPR, PCI-DSS (iGaming relevance), plus experience automating compliance checks with IaC and policy engines.

Nice to have:

• Exposure to Kafka or ClickHouse in security-sensitive environments.
• Familiarity with GitOps tooling (FluxCD/ArgoCD).
• Broader knowledge of SOC 2, HIPAA, or other regulatory frameworks.

What We Offer

• Compensation at top industry standards + quarterly bonuses based on transparent evaluation.
• Remote-first flexibility and adaptable working hours.
• Unlimited paid vacation & sick leave.
• Comprehensive medical insurance (for you and your partner).
• Financial support for major life events.
• Professional growth budget for courses, training, and certifications.

Recruitment Process

1. HR Interview – 45 min
2. Hiring Manager Interview – 60 min
3. Technical Interview – 90 min
4. Final Interview with Head of Platform & CTO – 60 min

Playson is a leading iGaming supplier operating in multiple regulated markets, delivering engaging casino content and advanced technology. We’re a fast-growing, tech-driven company that values innovation, autonomy, and ownership. At Playson, we welcome people who are curious, proactive, and passionate about solving complex challenges at scale.

We are ISO/IEC 27001 certified and committed to maintaining a robust security and compliance posture across all our operations.

About the Role

We are looking for a Security Lead to strengthen Playson’s information security framework and drive continuous improvement of our security culture. This role combines technical expertise, investigative focus, and process leadership - ensuring that our systems, data, and people remain secure, compliant, and resilient.

What will you be doing?

Information Security & Compliance

• Maintain and continuously improve the ISO/IEC 27001:2022 Information Security Management System (ISMS).
• Foster a strong Security-First mindset across the organization.
• Work closely with the CTO, Head of IT, and DevOps to enhance internal security controls.
• Conduct internal audits, risk assessments, and coordinate certification renewals.
• Update security policies and controls in line with ISO 27001, GDPR, and relevant international frameworks (e.g., NIST CSF and NIS2 principles where applicable).
  Manage integrations and alerting within Datadog SIEM, CrowdStrike, Cloudflare, and Google Workspace.
• Support DLP implementation and maintain central tracking of security events.
• Document risks, incidents, and corrective actions to ensure continuous compliance.

Incident Response & Investigation

• Lead investigations into security incidents such as phishing, data leakage, or unauthorized access.
• Collect and analyze digital evidence across systems (CrowdStrike, Cloudflare, Google, Slack).
• Maintain and enhance incident response playbooks and escalation workflows.
• Collaborate with HR, Legal, and IT teams during internal investigations.
• Produce post-incident reports and recommend remediation measures.

Endpoint & Access Security

• Manage MDM systems (Zoho MDM, Endpoint Central) and ensure full compliance for macOS endpoints.
• Maintain CrowdStrike Falcon configurations and endpoint posture enforcement.
• Oversee SSO, MFA, and 2FA enforcement across services (Google SSO, DUO Mobile, 1Password).
• Implement Just-in-Time (JIT) privilege elevation and regular admin access reviews.
• Perform Quarterly RAS Access Management Reviews.

• Maintain a consistent audit trail for access management throughout the year.

   

To succeed in the role, you will have:

• 3+ years of experience in information security, IT audit, or digital investigations.
• Solid understanding of ISO 27001, GDPR, and modern security frameworks (NIST CSF / NIS2).
• Hands-on experience with SIEM / EDR systems
• Proven ability to manage SSO, MFA, DLP, and MDM environments.
• Strong communication skills in English (B2 or higher).
• Analytical mindset, integrity, and attention to detail.

Preferred additional qualifications:

• Certifications: CISSP, CISM, CEH, ISO 27001 Lead Auditor, AWS Security Specialty.
• Experience with Zero Trust, PAM, DLP/CASB, or SOAR platforms.
• Forensics experience.
• Experience in designing awareness programs or running phishing simulations.

What you get in return:

• Competitive Salary: We offer a competitive salary in EUR, subject to annual performance reviews
• Quarterly Bonuses: Benefit from a transparent and systematic quarterly bonus system
• Flexible Schedule: We offer a flexible work schedule to accommodate your needs
• Remote Work Option: Choose to work remotely, providing greater flexibility and comfort
• Medical Insurance: Receive comprehensive medical insurance for both you and a significant other
• Financial Support for Life Events: We provide financial support during special life events
• Unlimited Paid Vacation: Enjoy unlimited paid vacation leave
• Unlimited Paid Sick Leave: Take unlimited paid sick leave whenever necessary
• Professional Development: Get reimbursement for professional development courses and training

The recruitment process includes the following steps:

1. HR Interview (30-45 mins)

2. Technical interview with Service Desk & Security Lead (60 mins)

3. Final Interview with CTO and People Business Partner (60 mins)

About us
Takopi Group s.r.o. is an international company with more than 20 years of experience in information technology and digital infrastructure.
We operate across Eastern Europe, the Caucasus, and Central Asia, partnering with leading global vendors and helping businesses implement innovative solutions.
We are certified partners of companies such as Sophos, Mitel, Mikrotik, Netgear, Progress, Tiandy, nJoy, Edimax, and others.

As we expand our operations in Slovakia, we are looking for a Business Development Manager to strengthen our presence in the local market.
 

Key responsibilities

• Develop and grow the partner network in Slovakia;
• Identify and attract new B2B clients;
• Promote and sell the company’s product portfolio;
• Build and maintain long-term relationships with partners and vendors;
• Negotiate and agree on commercial terms;
• Achieve sales targets and meet KPIs;
• Take part in vendor and in-house training sessions.

What we expect

• Minimum 2 years of experience in IT distribution and B2B sales;
• Proficiency in Slovak (B2 level or higher) for client and partner communication;
• Understanding of Ukrainian or Russian is a plus for internal communication with the team;
• Legal residence and living in Slovakia;
• Solid knowledge of the IT distribution and system integration market;
• Strong skills in negotiation, presentation, and business development;
• Willingness to travel on short business trips within the region.

What we offer

• Fully remote work supported by modern digital tools;
• Access to a modern office in central Bratislava for meetings, teamwork, and networking;
• Opportunity to shape business development in the region and contribute to strategic decisions;
• Paid vacation and official sick leave;
• Standard work schedule: Monday–Friday, 9:00–18:00 (local time).

Interested?
If this opportunity matches your skills and experience, send us your CV today!

About us
Takopi Group s.r.o. is an international company with more than 20 years of experience in information technology and digital infrastructure.
We operate across Eastern Europe, the Caucasus, and Central Asia, partnering with leading global vendors and helping businesses implement innovative solutions.
We are certified partners of companies such as Sophos, Mitel, Mikrotik, Netgear, Progress, Tiandy, nJoy, Edimax, and others.

As we expand our operations in the Czech Republic, we are looking for a Business Development Manager to strengthen our presence in the local market.
 

Key responsibilities

• Develop and grow the partner network in the Czech Republic;
• Identify and attract new B2B clients;
• Promote and sell the company’s product portfolio;
• Build and maintain long-term relationships with partners and vendors;
• Negotiate and agree on commercial terms;
• Achieve sales targets and meet KPIs;
• Take part in vendor and in-house training sessions.

What we expect

• Minimum 2 years of experience in IT distribution and B2B sales;
• Proficiency in Czech (B2 level or higher) for client and partner communication;
• Understanding of Ukrainian or Russian is a plus for internal communication with the team;
• Legal residence and living in the Czech Republic;
• Solid knowledge of the IT distribution and system integration market;
• Strong skills in negotiation, presentation, and business development;
• Willingness to travel on short business trips within the region.

What we offer

• Fully remote work supported by modern digital tools;
• Access to a modern office in the heart of Prague for meetings, teamwork, and networking;
• Opportunity to shape business development in the region and contribute to strategic decisions;
• Paid vacation and official sick leave;
• Standard work schedule: Monday–Friday, 9:00–18:00 (local time).

Interested?
If this opportunity matches your skills and experience, send us your CV today!