Jobs

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a talented and motivated Junior Pentester who will join our security team to work on penetration testing and vulnerability/cloud security assessment projects.

We expect a short motivation letter where you can explain your skills, achievements and motivation.

Required skills

- Solid non-commercial cybersecurity experience, such as HTB/THM

- Junior-level cybersecurity certifications would be a plus.

- Comfortable with basic application security testing and common vulnerabilities (like OWASP Top 10, CWE Top 25) and cybersecurity fundamentals

- Strong basic IT skills: Linux, networking (TCP/IP, DNS, HTTP etc.)

- Some experience in scripting/coding languages, such as Java, JS, Python, Shell, etc.

- Strong drive to learn and develop cybersecurity skills

- Technical English (Intermediate)

We offer

- Good salary + bonus system

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Support in obtaining professional certifications, such as BSCP, OSCP, eWPTX, cloud certifications, etc.

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Execute penetration tests and security assessments as part of a team, including internal/external networks, web and mobile applications, Windows and Linux environments, cloud architectures, IoT devices, and more

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Conduct security research

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a Middle/Senior Security Consultant / Penetration tester to work on and lead penetration testing and vulnerability/cloud security assessment projects.

In this role, you will work on technically challenging projects and also spend some time leading/mentoring our junior pentesting colleagues.

Required skills

- 1.5+ years of intensive commercial experience

- OSCP, eWPTx2 or similar would be a plus

- Scripting/coding skills and being comfortable with advanced pentesting tooling

- Strong knowledge of mobile/web security

- Comfortable with cloud and container security

- Basic RE skills

- Ability to mentor/lead colleagues

- Strong ability and drive to learn and develop cybersecurity skills

- Technical English (Intermediate+)

We offer

- Good salary + bonus system

- Diverse project portfolio and technologies to work with

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Participate in various pentesting projects

- Lead junior colleagues

- Perform threat modeling in pentesting and security assessment projects

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Consult clients on efficient issues remediation

- Conduct security researches

- Develop tools and scripts to automate and improve current pentesting processes

We are inviting you, a highly motivated and results-oriented Security Engineer to join our team for ensuring and developing solutions, as well as strengthening the product infrastructure.

Our team has unique expertise in research, analysis, and product development. By relying on technical insights and a data-driven approach, we create disruptive future-defining innovations of the fin-tech industry that remain our basis for success.

Responsibilities

• Develop, implement, maintain, upgrade, and test cybersecurity products
• Provide cybersecurity-related support to users and customers
• Integrate cybersecurity solutions into systems and services, ensuring their stability and performance
• Securely configure systems, services, and products
• Maintain and upgrade the security of systems, services, and products
• Implement cybersecurity procedures and controls
• Monitor and ensure the performance of the implemented cybersecurity controls
• Document and report on the security of systems, services, and products
• Work closely with the Engineering teams on cybersecurity-related actions

• Implement, apply, and manage patches to products to address technical vulnerabilities

   

Requirements

• 3+ years of experience in information security and cybersecurity roles
• Background in development, DevOps, system administration, etc.
• Hands-on experience in developing, integrating, and testing security solutions
• Experience with vulnerability analysis and incident response
• Proficiency in scripting languages such as Python, Bash, PowerShell, etc
• Solid understanding of secure development lifecycle, operating system security, and computer network security
• Experience with both offensive and defensive security practices
• Knowledge of cybersecurity controls, solutions, and technologies
• Ability to collaborate with cross-functional teams and colleagues
• Effective communication and presentation skills to report to stakeholders
• Strong analytical and problem-solving skills
• Reliability, integrity, and responsibility in handling sensitive information and security tasks

• Intermediate or higher level of English

   

Will be a plus

• Experience with Ruby, Go, or other programming languages

• Security certifications

   

We offer

• Tax expenses coverage for private entrepreneurs in Ukraine
• Expert support and guidance for Ukrainian private entrepreneurs
• 20 paid vacation days per year
• 10 paid sick leave days per year
• Public holidays as per the company’s approved Public holiday list
• Medical insurance
• Opportunity to work remotely
• Professional education budget
• Language learning budget
• Wellness budget (gym membership, sports gear and related expenses)

LoopMe, the leading outcomes-based platform, closes the loop on digital advertising. By leveraging our patented AI technology to optimize media delivery in real-time, we drive measurable uplift for business outcomes across brand lift, purchase intent, consideration, foot traffic, and sales.

We are looking for a motivated Junior InfoSec Specialist to join our security team. The ideal candidate will have a basic understanding of information security principles and a strong desire to develop practical skills in a dynamic, cloud-driven environment. You will assist with securing LoopMe’s platforms, learning from experienced team members and gaining exposure to modern technologies like Kubernetes, GCP, PostgreSQL, ClickHouse, Envoy, and Kafka.

Responsibilities:

• Support the development and maintenance of information security policies and procedures.
• Assist in performing risk assessments, security audits, and threat monitoring.
• Help monitor and respond to security incidents under supervision.
• Participate in maintaining security tools such as SIEM, DLP, and WAF.
• Learn and assist with integrating security practices into development workflows (Secure SDLC, code reviews).
• Help ensure compliance with security standards (ISO/IEC 27001, NIST, OWASP, CIS Controls).
• Participate in security awareness training for employees.
• Support the secure architecture of platforms including GCP, Kubernetes, ClickHouse, Kafka, PostgreSQL, and Envoy.
• Stay updated with emerging threats and vulnerabilities.

Requirements:

Education & Experience:

• Foundational knowledge of IT, cybersecurity, or system administration, demonstrated through formal education, self-learning, online courses, or hands-on experience.
• Internship, project participation, or up to 1 year of relevant experience is a plus.

Technical Skills:

• Basic understanding of computer networks and common protocols (TCP/IP, DNS, HTTP/S, VPN).
• Familiarity with at least one scripting language (Bash, Python, or PowerShell) and willingness to learn automation.
• Interest in cloud platforms (preferably GCP, AWS, or Azure).
• Basic knowledge of Linux/Unix administration.
• Understanding of information security principles (encryption, authentication, access control) is a plus.
• Willingness to learn and work with tools like SIEM, IAM/SSO/MFA, and modern cloud/data technologies (Kubernetes, Kafka, PostgreSQL, ClickHouse, Envoy).

Nice-to-Have Qualifications:

• Participation in security courses, bootcamps, or open-source security projects.
• Relevant certifications (e.g., CompTIA Security+, AWS/GCP/Azure Fundamentals, or similar) are a plus.
• Good written and verbal communication skills, attention to detail, and strong motivation to grow in information security.

Benefits:

• Competitive compensation package
• Flexible working schedule and the hybrid type of work
• Annual performance bonus
• One month of workation (you can work from any part of the world for one month)

Pine Software Technology Ltd is a software company specializing in trading technology solutions for regulated brokers and trading firms. The company provides Software-as-a-Service (SaaS) products designed to support electronic trading, brokerage operations, risk management, and financial data analysis.

We are seeking an experienced Senior Security Engineer with a strong background in application, infrastructure, and cloud security to help us protect and scale our trading technology platform.

Responsibilities:

• Ensure secure SDLC practices: threat modeling, SAST/DAST/IAST, code reviews, secret management;
• Integrate security into CI/CD pipelines and support DevSecOps implementation;
• Design API security and infrastructure controls, including VPN, WAF, DNS proxy, and DDoS protection;
• Harden cloud environments (GCP) and Kubernetes clusters with policies, scanning, and access control;
• Manage IAM/PAM lifecycles with SSO, MFA, RBAC, OIDC, and LDAP integrations;
• Conduct vulnerability assessments, misconfiguration monitoring, and patch coordination;
• Monitor security events, analyze logs/threat intel, and improve SIEM/EDR coverage;
• Define security policies and procedures, and support internal/external audits;
• Perform penetration testing and red teaming on applications and infrastructure;
• Implement data protection measures: encryption, DLP, secure key storage, and privacy compliance;

Job requirements

• 7+ years of professional experience in cybersecurity, with a strong focus on application, infrastructure, and/or cloud security;
• Strong knowledge of application security principles and secure development practices (e.g., threat modeling, code review, DevSecOps);
• Practical experience with cloud platforms, including identity, networking, and workload security;
• Familiarity with Kubernetes security concepts, tools (e.g., OPA, Falco, Kyverno), and best practices;
• Experience with authentication/authorization protocols and tools: SAML, OIDC, OAuth2, LDAP, MFA, SSO;
• Understanding of common vulnerabilities and experience in vulnerability management and remediation;
• Experience with penetration testing methodologies and tools;
• Solid understanding of network protocols, firewalls, VPN, WAF, and API security mechanisms;
• Hands-on experience with monitoring and detection tools;
• Knowledge of security frameworks and standards;
• Experience participating in or leading internal/external security audits and risk assessments;
• Ability to write clear policies, procedures, and documentation;
• Experience with privacy regulations.

‍

Would be a plus

• High-Frequency Trading or other low-latency systems background;
• Experience in FinTech is a plus;
• Familiarity with Cloudflare services and configuration is a plus.

Company offers

• Care from Day One — medical insurance immediately upon starting work, including dental care, massage and professional psychological support because your well-being matters
• Work-Life Balance — 25 days of paid vacation + 30 days of sick leave, so you can recover without unnecessary stress
• Investment in your energy — partial reimbursement for any sports activities that empowers you.
• Growth — partial coverage for English or Ukrainian language courses + a fixed budget for professional development. Choose what suits you best!
• Knowledge Library — books in the office and access to the Kuka online library to learn, grow, and find inspiration.
• Island Relaxation 14 days a year — enjoy a getaway at the corporate villa in Cyprus.

• Modern Office in Larnaca — a stylish space for inspiration: open areas, cozy lounges, and functional meeting rooms — all for your comfort.

   

Join the Pine Software team, where your talents and aspirations will be recognized! We offer a dynamic work environment, opportunities for professional growth, and support at every step of your career path. Start your journey to success with us—apply today and take the first step towards your bright future!

Pine Software is an equal opportunity employer. We encourage applications from candidates of all backgrounds and experiences. Please note, that only shortlisted candidates will be contacted. Thank you for considering Pine as your next career move!

This position is open exclusively for Ukrainian residents within Ukraine (preferably Kyiv or Lviv).

We are looking for a Junior mobile application security engineer to join our Security team and work with us on building and breaking software. If you are interested in designing and building security controls, working hand-in-hand with software developers, performing security assessments, this may be the position for you.

We are ready to invest time in your education if you are prepared to work diligently and responsibly. Alongside technical skills, we’ll teach you leadership, time management, business context, and how to keep improving cybersecurity despite the ever-increasing entropy of the world.

Main responsibilities:

• Participate in security assessments of mobile applications (iOS, Android, Flutter, React Native).
• Focus on platform-specific security controls (biometrics, security storage, device capabilities, reverse-engineering protections).
• Work together with developers to select security controls that would improve security without restricting usability/performance.
• Work on security of related applications: backend applications, hardware and embedded devices, because mobile apps do not live in vacuum.

Requirements:

• Good understanding of OWASP MAS (MASVS + MASTG).
• Ability to read code, understand business logic and spot security mistakes in different mobile-relevant languages, like Swift, Objective-C, Kotlin, Java, JavaScript, TypeScript, Dart.
• Experience assessing or implementing mobile security controls, as well as platform-specific controls (Biometry on iOS, screenshot protections on Android, etc).
• Experience in performing security assessment for mobile and/or web applications.
• An overall understanding of what information security is, how real-world risks and threats affect the choice of security controls.

Nice to have:

• Experience with popular mobile stack: Xcode, Android Studio,TestFlight, Firebase, AppCenter, Bitrise, fastlane, etc.
• Mobile developer, QA engineer or Software engineer in Test (SET) experience.
• Experience in jailbreaking/rooting your devices.
• Experience in reverse engineering applications, bypassing TLS pinning, analysing source code.

Hiring Process:

• Resume review —  1-5 business days.
• Test task — estimated time 3-4 hours.
• Introductory meeting with the Head of security engineering.
• Technical interview with several team members.
• Offer discussion.

What’s in it for you?

• A sense of meaning and responsibility for those who seek purpose — we’re building "invisible texture of modern civilization“—bits of infrastructure finance, power grids, healthcare rely on, and we are trusted with very challenging aspects of it.
• Competitive compensation with a flexible bonus scheme.
• Hybrid work model: this position allows for a combination of in-office and remote work as needed.
• UK, EU and USA clients.
• Working at the crossroads of ML security, cryptographic protocol support, hardware protection, reverse-resilient mobile app development, and securing web apps for millions of users.
• Public track record in the open-source aspect of our products.
• Conferences, books, courses — we encourage learning and sharing with the community. Our team members share a lot in talks, workshops, and blog posts.
• Paid vacation — 21 business days per year.
• Paid sick leaves.

This position is open exclusively for Ukrainian residents within Ukraine (preferably Kyiv or Lviv).

Cossack Labs is looking for a Mobile application security engineer to join our Security team and work with us on building and breaking software. If you are interested in designing and building security controls, working hand-in-hand with software developers, performing security assessments, this may be the position for you.

We are ready to invest time in your education if you are prepared to work diligently and responsibly. Alongside technical skills, we’ll teach you leadership, time management, business context, and how to keep improving cybersecurity despite the ever-increasing entropy of the world.

Main responsibilities:

• Participate in security assessments of mobile applications (iOS, Android, Flutter, React Native). Focus on platform-specific security controls (biometrics, security storage, device capabilities, reverse-engineering protections). Perform analysis and threat modelling.
• Treat mobile app as a gateway into a larger system, build security defences from app to the backend and back (transport protections, TLS pinning, anti-fraud systems).
• Participate in SSDLC for our products and our customers’ products. Explain risks & threats, work together with developers to select security controls that would improve security without restricting usability/performance.
• Stay up to date with emerging security threats, vulnerabilities, and controls (read articles and papers, follow CVE updates, understand how threat landscape is changing, understand how to apply described ideas, read NIST guidelines).
• Dive into application security, infrastructure security, data security, IoT security, ML security with our team of skilled engineers. See related case study, written from an engineer’s point of view.
• Share your work as conference talks, blogposts (see React Native security example), contribute to open source standards like OWASP.

Requirements:

• Experience in performing security assessment for mobile and/or web applications.
• Ability to read code, understand business logic and spot security mistakes in different mobile-relevant languages, like Swift, Objective-C, Kotlin, Java, JavaScript, TypeScript, Dart.
• Experience designing or implementing mobile security controls, as well as platform-specific controls (Biometry on iOS, screenshot protections on Android, etc).
• Good understanding of OWASP MAS (MASVS + MASTG).
• Be familiar with other application security verification and software maturity frameworks: OWASP SAMM, OWASP ASVS.
• Understanding SSDLC (OWASP SSDLC, NIST SSDF).
• An overall understanding of what information security is, how real-world risks and threats affect the choice of security controls.
• Experience in popular security tools required for the job, or ability to learn them quickly (Burp Suite, network analysers, various SAST and DAST, dependency and vulnerability scanners).

Nice to have:

• Mobile development experience. Experience with some tools of mobile stack: Xcode, Android Studio, TestFlight, Firebase, AppCenter, Bitrise, fastlane, etc.
• Experience in jailbreaking/rooting your devices.
• Experience in reverse engineering applications, bypassing TLS pinning, analysing source code.
• Basic knowledge in cryptography: understanding the differences between symmetric and asymmetric cryptography, hashing, KDF.

Hiring Process:

• Resume review —  1-5 business days.
• Test task — estimated time 3-4 hours.
• Introductory meeting with the Head of security engineering.
• Technical interview with several team members.
• Offer discussion.

What’s in it for you?

• A sense of meaning and responsibility for those who seek purpose — we’re building "invisible texture of modern civilization“—bits of infrastructure finance, power grids, healthcare rely on, and we are trusted with very challenging aspects of it.
• Competitive compensation with a flexible bonus scheme.
• Hybrid work model: this position allows for a combination of in-office and remote work as needed.
• UK, EU and USA clients.
• Working at the crossroads of ML security, cryptographic protocol support, hardware protection, reverse-resilient mobile app development, and securing web apps for millions of users.
• Public track record in the open-source aspect of our products.
• Conferences, books, courses — we encourage learning and sharing with the community. Our team members share a lot in talks, workshops, and blog posts.
• Paid vacation — 21 business days per year.
• Paid sick leaves.

We are looking for an Information Security Engineer!
We’re seeking an expert who will help us build a reliable cybersecurity system, protect data, and strengthen the company’s security at all levels.

Responsibilities:

• Configure information security solutions to automate security monitoring and protection of digital systems, networks, and data
• Monitor systems for security breaches or intrusions
• Collaborate with cross-functional terms to remediate identified vulnerabilities.
• Implement and manage security monitoring tools to detect and respond to security events
• Contribute to building a security ecosystem that helps centralize incident response efforts and track progress towards remediation
• Administration of information security systems, access management

Requirements and Skills

• Experience with administration and support of Malware protection software (AV, EDR, XDR), Data Leakage Prevention infrastructure (cloud and on-premise), Access Management, MDM, etc
• Experience with the cloud infrastructures and cloud technologies
• Working knowledge of MacOS/Windows, good understanding of endpoint security
• Knowledge of Information Security Management frameworks and domain best practices;
• Working experience with network and web-application scanners
• Knowledge and experience in designing and applying security controls for different technologies
• Average knowledge in IP networking
• Experience at logs analysis and troubleshooting
• Good communication and excellent reporting skills
• Ability to dive into details and study new knowledge
• 3+ years experience in cybersecurity
   

Would be a plus

• System administrator (Windows, MacOS) background
• Experience with log collection, parsing and enrichment with Elastic, logstash, opensearch
• Experience with Google workspace and Atlassian (Jira, Confluence) products
• Experience with SSO protocols and service-to-directory integrations
• Experience with AWS security stack; DevSecOps functions
• Information security certifications
• Intermediate+ English

What do we offer:

• Challenging tasks that contribute to professional and personal growth;
• Modern and comfortable office in the heart of Kyiv with flexible working hours;
• Regular team-building activities and corporate events for employees;
• Sports compensation;
• English and Ukrainian language classes;
• Medical insurance;
• Psychological support;
• All necessary equipment for work.

Who we are:

Adaptiq is a technology hub specializing in building, scaling, and supporting R&D teams for high-end, fast-growing product companies in a wide range of industries. 

About the Product: 

Our client, Coro, over the past few years has received $275M in funding and is one of the fastest growing Cybersecurity companies in the world. The funding is primarily being used to enhance the Coro Cybersecurity SaaS platform and for additional headcount growth, as Coro continues to expand globally. 

Coro started in Tel-Aviv, Israel, and is also headquartered in Chicago, IL, with additional offices in New York, London, and remotely across the globe. As a global organization, Coro gives you the ability to work with people and teammates from around the world. 

Coro’s AI-enabled Modular Cybersecurity Platform is the only one in the industry specifically designed to provide Mid-Market customers with scalable and affordable “enterprise-grade” protection for all of their priority threat vectors.

About the Role: 

At Coro, you’ll own email security research end-to-end: dissecting phishing and malicious email campaigns, pulling apart attacker tradecraft, and building detection logic that scales to protect thousands of customers daily. You’ll have sole responsibility for this domain, which means autonomy, accountability, and the ability to directly influence how Coro stops attackers.

Key Responsibilities: 

 

• Own email threat research and detection: analyze real-world phishing and malicious emails, identify attacker techniques, and translate findings into new or improved detection rules.
• Maintain and extend internal detection tools: debug and develop multi-file Python/Shell scripts used daily by researchers and engineers.
• Collaborate across teams: work with Engineering, Product, and Data to turn research insights into production-grade features and detection logic.
• SIEM/log analysis: Investigate incidents by reviewing logs from customer devices, understanding tool internals, and suggesting improvements to log collection and analysis.
• Stay ahead of attackers: monitor emerging threats and protocols (SMTP, HTTP/HTTPS), apply knowledge of OS internals (especially Windows), and feed new insights into the detection engine.

Required Competence and Skills:

• At least 4 years in security research or closely related fields 
• Previous experience with aspects of security in networks, software, and/or hardware
• Experienced with Python and/or similar language to debug and maintain multi-file research tools
• Solid understanding of Email & network protocols
• Hands-on experience with OS internals
• Ability to interpret logs, understand how SIEM tools work, and apply findings to incident investigation
• Security mindset and autonomy, ability to proactively spot and raise vulnerabilities, work independently, and communicate risks.

Nice to have:

• Perl/Shell experience.
• Reverse engineering skills
• Malware analysis background
• Familiarity with vulnerability assessment tools
• Cloud security (AWS or others).

Why Us?

We provide 20 days of vacation leave per calendar year (plus official national holidays of a country you are based in).

We provide full accounting and legal support in all countries we operate.

We utilize a fully remote work model with a powerful workstation and co-working space in case you need it.

We offer a highly competitive package with yearly performance and compensation reviews.

Job Summary:
 

We are seeking a skilled and detail-oriented Identity and Access Management (IAM) Analyst to support the design, implementation, and operation of our enterprise-wide access control framework. In this mid-level role, you will play a critical part in enforcing security best practices, supporting access provisioning and governance processes, and ensuring secure access to systems and data across multiple platforms.
 

Key Responsibilities
 

• Administer and manage user access across enterprise systems (e.g., Active Directory, Azure AD, SaaS platforms, on-prem applications).
   
• Analyze and enforce access control policies, ensuring least privilege and role-based access control (RBAC) models are applied.
   
• Collaborate with IT and business units to define, document, and improve identity lifecycle processes (e.g., provisioning, de-provisioning, access reviews).
   
• Implement and support tools for identity governance, authentication (MFA, SSO), and privileged access management (PAM).
   
• Monitor IAM systems for anomalies and coordinate incident response activities related to access violations or abuse.
   
• Participate in audits and support compliance initiatives (e.g., SOX, HIPAA, ISO 27001) by providing evidence of proper access controls.
   
• Conduct regular access reviews and assist in remediation efforts for policy violations or control gaps.
   
• Support the integration of new applications into the IAM ecosystem via SAML, OAuth, LDAP, and other standard protocols.
   

Requirements
 

• Bachelor’s degree in Computer Science, Information Security, or related field; or equivalent practical experience.
   
• 3–5 years of experience in identity and access management, cybersecurity, or IT operations with a focus on access controls.
   
• Proficient with IAM technologies and tools (e.g., SailPoint, Okta, CyberArk, Azure AD, etc.).
   
• Solid understanding of access control principles, RBAC, least privilege, separation of duties, and other security best practices.
   
• Experience with scripting and automation (e.g., PowerShell, Python) is a plus.
   
• Familiarity with compliance standards and frameworks (e.g., NIST, ISO 27001, SOC 2).
   
• Strong analytical, documentation, and communication skills.
   

Preferred Certifications (Nice to Have)
 

• Certified Information Systems Security Professional (CISSP)
   
• Certified Identity and Access Manager (CIAM)
   
• Microsoft Certified: Security, Compliance, and Identity Fundamentals
   
• CompTIA Security+

About the Product:
Our client, Coro, over the past few years has received $275M in funding and is one of the fastest growing cybersecurity companies in the world. The funding is primarily being used to enhance the CoroCybersecurity SaaS platform and for additional headcount growth, as Coro continues to expand globally.

Coro started in Tel-Aviv, Israel, and is also headquartered in Chicago, IL, with additional offices in New York, London, and remotely across the globe. As a global organization, Coro gives you the ability to work with people and teammates from around the world.

Coro’s AI-enabled Modular Cybersecurity Platform is the only one in the industry specifically designed to provide Mid-Market customers with scalable and affordable “enterprise-grade” protection for all of their priority threat vectors.

About the Role:
At Coro, you’ll own email security research end-to-end: dissecting phishing and malicious email campaigns, pulling apart attacker tradecraft, and building detection logic that scales to protect thousands of customers daily. You’ll have sole responsibility for this domain, which means autonomy, accountability, and the ability to directly influence how Coro stops attackers.

Key Responsibilities:
 

• Own email threat research and detection: analyze real-world phishing and malicious emails, identify attacker techniques, and translate findings into new or improved detection rules.
• Maintain and extend internal detection tools: debug and develop multi-file Python/Shell scripts used daily by researchers and engineers.
• Collaborate across teams: work with Engineering, Product, and Data to turn research insights into production-grade features and detection logic.
• SIEM/log analysis: Investigate incidents by reviewing logs from customer devices, understanding tool internals, and suggesting improvements to log collection and analysis.
• Stay ahead of attackers: monitor emerging threats and protocols (SMTP, HTTP/HTTPS), apply knowledge of OS internals (especially Windows), and feed new insights into the detection engine.

Required Competence and Skills:

• At least 4 years in security research or closely related fields 
• Previous experience with aspects of security in networks, software, and/or hardware
• Experienced with Python and/or similar language to debug and maintain multi-file research tools
• Solid understanding of Email & network protocols
• Hands-on experience with OS internals
• Ability to interpret logs, understand how SIEM tools work, and apply findings to incident investigation
• Security mindset and autonomy, ability to proactively spot and raise vulnerabilities, work independently, and communicate risks.

Nice to have:

• Perl/Shell experience.
• Reverse engineering skills
• Malware analysis background
• Familiarity with vulnerability assessment tools
• Cloud security (AWS or others).

Our Mission and Vision
At Solidgate, our mission is clear: to empower outstanding entrepreneurs to build exceptional internet companies. We exist to fuel the builders — the ones shaping the digital economy — with the financial infrastructure they deserve.
 

Key facts:

• Offices in Ukraine, Poland, and Cyprus
• 250+ team members
• 200+ clients went global (Ukraine, US, EU)
• Visa and Mastercard Principal Membership
• EMI license in the EU
   

Solidgate is part of Endeavor — a global community of the world’s most impactful entrepreneurs. We’re proud to be the first payment orchestrator from Europe to join — and to share our expertise within a network of outstanding global companies.
 

We believe the future of payments is shaped by people who think big, take ownership, and bring curiosity and drive to everything they do. That’s exactly the kind of teammates we want on board.
 

Right now, we’re looking for an Information Security Engineer to help us level up our security game. You’ll be building and scaling security processes, automating the boring stuff, and making sure we stay compliant with the big standards (PCI DSS, SOC 2, ISO 27001). A huge part of your mission: driving our Zero Trust strategy — the foundation of our long-term security vision.
 

What you’ll be doing:
— Managing user access (granting, changing, and revoking rights)
— Running internal checks and vulnerability scans to spot risks
— Writing docs, guides, and policies in Confluence
— Preparing audit evidence for PCI DSS and SOC 2
— Partnering with HelpDesk, Infrastructure, and Engineering teams to embed security into daily workflows
— Supporting and monitoring security tools (MDM, SIEM, SSO, MFA, IAM)
— Jumping in on incident response and investigations

What you’ll need
— 6+ months in InfoSec or technical support
— Solid grasp of networking basics and cybersecurity principles
— Understanding of access management models (RBAC, least privilege)
— Hands-on with Linux and Windows
— Fluent English (for writing technical docs and chatting with global teams)
— Analytical mindset and problem-solving skills
— Ownership, attention to detail, and accountability
— Strong teamwork and communication skills

Nice to have
— Experience with AWS, MDM, or IAM systems
— Knowledge of compliance standards (PCI DSS, ISO 27001)
 

Competitive corporate perks:
— 30+ paid days off every year (20 vacation days + national holidays)
— Health insurance and access to a corporate doctor
— Free office breakfasts, lunches, and snacks
— Full coverage for professional training (courses, conferences, certifications)
— Annual performance reviews to fuel your growth
— Sports compensation to keep you moving
— Competitive salary package
— Apple gear to get the job done
 

📩 Ready to become a part of the team? Then cast aside all doubts and click “apply”.

Looking for a security-focused DevOps Engineer to join our CEX.IO team.
We are seeking a DevSecOps professional with a strong security focus to implement security best practices across the SDLC, collaborate with DevOps and IT teams, support audit preparation, and help maintain a balance between security and usability in internal policies.

Requirements

• 2+ years of practical experience in information security as DevSecOps, SecOps, DevOps, or SRE.
• Proven experience in implementing security best practices at every stage of the SDLC.
• Hands-on experience with vulnerability scanning and prevention.
• Strong knowledge of cloud providers: AWS, GCP, Azure.
• Experience with CI/CD tools: GitLab CI, GitHub Actions, Jenkins.
• Knowledge of containerization and orchestration tools: Docker, Kubernetes.
• Knowledge of Infrastructure as Code (IaC) and configuration management Tools, including Terraform and Ansible.
• Participation in projects to prepare infrastructure for compliance with international and industry standards (PCI DSS, ISO 27001, NIST, CIS, SOC2, OWASP, MICA, DORA)

Responsibilities

• Investigate and implement security best practices at every stage of the SDLC (SAST/DAST, image scanning, infrastructure hardening, WAF, secrets management, IAM, data protection, etc.).
• Perform tasks and controls required by compliance standards (PCI DSS, MICA, DORA, etc.).
• Manage vulnerabilities by identifying, assessing, prioritizing, and remediating risks.
• Collaborate with the IT Security department to prepare for and pass audits.
• Monitor CVE reports and security events.
• Work closely with internal teams to achieve a balance between security, flexibility, and cost.
• Participate in information security incident investigations.

Would be a plus

• Higher education in Computer Science
• Experience in fintech or crypto domains
• Hands-on penetration testing experience
• Practical experience administering network infrastructure, databases, and on-prem systems
• Security and relevant certifications

Big product software company is looking for a Mobile Assessment Engineer. Remote work, high salary + financial bonuses (up to 100% of the salary), regular salary review, interesting projects, good working conditions.

REQUIREMENTS:

- 2+ years of relevant professional experience;

- Deep understanding of Android security architecture;

- Practical experience in reverse engineering;

- Knowledge of C/C++, Java;

- Higher education;

- Technical English (higher level is advantage).

COMPANY OFFERS:

- Employment under gig-contract, all taxes are paid;

- Flexible working hours;

- 28 days of paid vacation + 15 days at your own expense;

- Paid sick leave;

- Medical insurance (with dentistry and optics), including the children;

- Opportunity to become an inventor of international patents with paid bonuses;

- Career and professional growth;

- Own base of courses and trainings;

- Office in the Kyiv city centre / remotely;

- Provision of necessary up-to-date equipment;

- Regular salary review and financial bonuses (up to 100% of the salary);

- Bonuses for wedding, birth of children and other significant events;

- Paid maternity leave;

- Paid lunches, tea, coffee, water, snacks;

- Discounts to company's products, services.

Stay Group is an innovative Marketing company with a mission to help businesses acquire their target customers and create top-tier solutions in the iGaming and entertainment industry. Currently, we are looking for our perfect Risk & Payment Agent to join our team to achieve better results together.

Requirements:

• Minimum 3 months of experience in a relevant role in the iGaming niche (e.g., Payments Specialist, Risk Analyst) in a high-risk environment.
• Hands-on experience in document verification (KYC/AML) and payment processing.
• Previous interaction with clients from Tier-1 markets: Finland, Australia, Canada, Ireland, Italy, Germany, Switzerland, and Austria.
• Strong attention to detail, analytical mindset, and ability to make independent decisions.
• Skills: attention to detail, concentration, patience, decision-making.
• English Pre-Intermediate +.

Responsibilities:

• Analysis of client activity.
• KYC process and document verification.
• Systematic maintenance of necessary reporting.
• Additional tasks.
• Active interaction with other teams for information exchange.
• Payment processing.
   

Plus:

• Knowledge of the SoftSwiss platform.
• Basic knowledge of document requirements.

Benefits:

• Freedom to choose where to work: work from anywhere in the world with the freedom of remote options, or join our dynamic office in Kyiv for an inspiring in-person experience.
• Flexibility: enjoy flexible working hours that let you balance your personal and professional life while staying focused on delivering great results.
• Corporate English speaking club: improve your English proficiency with regular practice and expert guidance.
• A Culture That Cares: thrive in a friendly environment where a strong corporate culture builds connections, drives innovation, and makes you feel truly valued.
• Accelerate Your Growth: seize career advancement opportunities in a rapidly expanding marketing company. As the company scales, so will your professional journey.