Jobs Security

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a talented and motivated Junior Pentester who will join our security team to work on penetration testing and vulnerability/cloud security assessment projects.

We expect a short motivation letter where you can explain your skills, achievements and motivation.

Required skills

- Solid non-commercial cybersecurity experience, such as HTB/THM

- Junior-level cybersecurity certifications would be a plus.

- Comfortable with basic application security testing and common vulnerabilities (like OWASP Top 10, CWE Top 25) and cybersecurity fundamentals

- Strong basic IT skills: Linux, networking (TCP/IP, DNS, HTTP etc.)

- Some experience in scripting/coding languages, such as Java, JS, Python, Shell, etc.

- Strong drive to learn and develop cybersecurity skills

- Technical English (Intermediate)

We offer

- Good salary + bonus system

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Support in obtaining professional certifications, such as BSCP, OSCP, eWPTX, cloud certifications, etc.

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Execute penetration tests and security assessments as part of a team, including internal/external networks, web and mobile applications, Windows and Linux environments, cloud architectures, IoT devices, and more

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Conduct security research

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a Middle/Senior Security Consultant / Penetration tester to work on and lead penetration testing and vulnerability/cloud security assessment projects.

In this role, you will work on technically challenging projects and also spend some time leading/mentoring our junior pentesting colleagues.

Required skills

- 1.5+ years of intensive commercial experience

- OSCP, eWPTx2 or similar would be a plus

- Scripting/coding skills and being comfortable with advanced pentesting tooling

- Strong knowledge of mobile/web security

- Comfortable with cloud and container security

- Basic RE skills

- Ability to mentor/lead colleagues

- Strong ability and drive to learn and develop cybersecurity skills

- Technical English (Intermediate+)

We offer

- Good salary + bonus system

- Diverse project portfolio and technologies to work with

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Participate in various pentesting projects

- Lead junior colleagues

- Perform threat modeling in pentesting and security assessment projects

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Consult clients on efficient issues remediation

- Conduct security researches

- Develop tools and scripts to automate and improve current pentesting processes

GR8 Tech is a leading B2B provider of iGaming solutions that empowers operators to grow, lead, and win.

We deliver high-impact, full-cycle tech solutions designed to scale. From seamless integration and expert consulting to long-term operational support, our platform powers millions of active players and drives real business growth. It’s more than just a product — it’s the iGaming Platform for Champions, built for those who play to lead.

We know the game and how to take it to the next level. With 1000+ talented professionals on board, we don't just build tech — we build success stories for iGaming operators all over the world. 

Our ambition drives us, our people make it real. Join us and be part of building champion-level success!

What You’ll Be Driving:

• Participating in the improvement and development of automated access management processes. Proposing and implementing changes to optimise the access management service;
• Adding new systems and keeping existing systems up to date in Access Flow. Updating the list of roles, sub-roles, and any other entities managing rights in the service. Taking part in the improvement of Access Flow. Approving of access according to the SLA;
• Processing requests for granting/changing/removing access in compliance with the SLA timeframe;
• Ensuring a high level of customer satisfaction with the process of processing access tickets;

• Describing and updating the role model in services. Developing and implementing procedures in the Company in the field of access rights management.

   

What Makes You a GR8 Fit:

• 1+ year of experience as an IT security specialist/engineer;
• Strong understanding of access control principles, authentication methods and security technologies;
• Proficiency in access management tools and technologies, such as identity and access management (IAM) systems, directory services (e.g., Active Directory), and privileged access management (PAM) solutions;
• Excellent verbal and written communication skills are essential for interacting with users, stakeholders, and team members effectively. The ability to explain technical concepts in non-technical terms is valuable;
• Good analytical skills are required to evaluate access rights, analyse the role model in systems and identify inconsistencies in access rights;
• Attention to detail is crucial for audits and detection of access anomalies;

• The ability to collaborate with team members and communicate with members of other teams to achieve shared success.

   

Why You’ll Love Working Here:

Benefits Cafeteria

An annual fixed budget that you can use based on your needs and lifestyle. You decide how to allocate it:

• Sports – gym, yoga, or any activity to keep you active;
• Medical – insurance and wellness services;
• Mental health– therapy or coaching support;
• Home office – ergonomic furniture, gadgets, and tools;
• Languages – courses to improve or learn new skills.

Work-life 

• Parental support with paid maternity/paternity leave and monthly childcare allowance;
• 20+ vacation days, unlimited sick leave, and emergency time off;
• Remote-first setup with full tech support and coworking compensation;
• Regular team events – online, offline, and offsite;

• Learning culture with internal courses, career development programs, and real growth opportunities.

   

Our Culture & Core Values

GR8 Tech culture is how we win. Behind every bold idea and breakthrough is a foundation of trust, ownership, and a growth mindset. We move fast, stay curious, and always keep it real, with open feedback, room to experiment, and a team that’s got your back.

• FUELLED BY TRUST: we’re open, honest, and have each other’s backs;
• OWN YOUR GAME: we take initiative and own what we do;
• ACCELER8: we move fast, focus smart, and keep it simple;
• CHALLENGE ACCEPTED: we grow through challenges and stay curious;

• BULLETPROOF: we’re resilient, ready, and always have a plan.

   

To keep things efficient, please apply only for roles that closely match your experience.

We are seeking a highly skilled DevSecOps Engineer with expertise in integrating security practices into DevOps pipelines and cloud-native environments. You will be responsible for building secure, automated CI/CD processes, implementing security controls, and ensuring compliance across infrastructure and applications. The ideal candidate has a strong background in DevOps, cloud platforms, and security engineering, with hands-on experience in securing large-scale, distributed systems.

Details:
Location: Remote in EU
Employment Type: Full-Time, B2B Contract
Start Date: ASAP
Language Requirements: Fluent English

Key Responsibilities

• Design and implement security automation in CI/CD pipelines for applications and infrastructure.
• Integrate static (SAST), dynamic (DAST), and dependency (SCA) security scanning tools.
• Collaborate with DevOps and engineering teams to ensure security best practices are embedded from design to deployment.
• Manage secrets, IAM, and encryption policies across cloud environments (AWS, Azure, GCP).
• Define and enforce compliance standards (ISO, SOC2, GDPR, HIPAA).
• Build monitoring and alerting systems for threat detection and vulnerability management.
• Implement container and Kubernetes security (runtime protection, image scanning, RBAC).
• Support penetration testing and incident response processes.
• Conduct security training and awareness for developers and operations teams.

Requirements

• 5+ years of experience in DevOps or Security Engineering, with at least 2+ years in DevSecOps.
• Strong knowledge of CI/CD tools (Jenkins, GitLab CI/CD, GitHub Actions, Azure DevOps).
• Hands-on expertise with security tools (SonarQube, Snyk, Checkmarx, Aqua, Prisma, Twistlock).
• Solid understanding of cloud platforms (AWS, Azure, GCP) and their security services.
• Experience with infrastructure-as-code (Terraform, CloudFormation, Ansible) and policy-as-code (OPA, Sentinel).
• Knowledge of containerization and orchestration security (Docker, Kubernetes).
• Familiarity with monitoring and logging tools (ELK, Prometheus, Grafana).
• Strong scripting/programming skills (Python, Bash, Go).
• Excellent problem-solving and communication skills.

Nice to Have

• Security certifications (CISSP, CISM, OSCP, CCSP, AWS/Azure/GCP Security).
• Experience with zero-trust architectures and microsegmentation.
• Familiarity with service mesh security (Istio, Linkerd).
• Knowledge of SIEM/SOAR platforms (Splunk, QRadar, Sentinel).
• Background in regulated industries (finance, healthcare, telecom).
• Contributions to security open-source projects or DevSecOps communities.

Cloudfresh ⛅️ is a Global Google Cloud Premier Partner, Zendesk Premier Partner, Asana Solutions Partner, GitLab Select Partner, Hubspot Platinum Partner, Okta Activate Partner, and Microsoft Partner.

Since 2017, we’ve been specializing in the implementation, migration, integration, audit, administration, support, and training for top-tier cloud solutions. Our products focus on cutting-edge cloud computing, advanced location and mapping, seamless collaboration from anywhere, unparalleled customer service, and innovative DevSecOps.

We’re looking for a Google Cloud Security Engineer to harden client environments across GCP. You’ll implement and help design security controls, automate guardrails, improve detection & response, and guide stakeholders through pragmatic, risk-based decisions across EMEA.

Requirements:

• 2+ years proven, hands-on experience in a Security Engineer, SecOps (or similar) role building and operating cloud security controls (GCP).
• Strong knowledge of Google Cloud architecture and native security services: Cloud IAM (least privilege, Conditions), Organization Policies, VPC / Private Service Connect, VPC Service Controls, Cloud Armor (WAF/DDoS), Security Command Center (SCC), Cloud KMS/CMEK/HSM, Secret Manager, IAP/BeyondCorp Enterprise (Context-Aware Access), Cloud Logging/Monitoring and GKE security.
• Technical certifications related to Cloud Solutions are an advantage (Google Professional Cloud Security Engineer, Professional Cloud Architect; CISSP/CCSP/ISO 27001 LI/LA a plus).
• Experience executing changes across multiple clients/verticals in EMEA/CEE with sound change control (CABs), documentation and participation in incident response/on-call.
• Excellent communication and strategic planning abilities, able to explain trade-offs, influence remediation, and drive adoption of guardrails.
• Proficient with engineering – tooling stacks: Terraform, GitHub/GitLab CI, OPA/Conftest / Policy Controller (Config Sync), Cloud Build/Deploy, Artifact Registry; comfortable with HubSpot and Asana for collaboration with account teams when needed.
• Basic scripting experience (e.g., Python, Bash, or gcloud CLI).
• Strong Plus experience with Cloudflare.
• Fluency in English.

Responsibilities:

• Design, implement, and operate security controls for GCPfor SMB & Enterprise clients across EMEA & CEE.
• Perform security audits for GCP and Google Workspace environments.
• Implement key features: Org Policies, IAM Conditions, break-glass flows, VPC design (private subnets, Cloud NAT), Private Service Connect, VPC Service Controls perimeters, Cloud Armor (WAF/MPA, rate limiting, geo/IP policies), IAP/BeyondCorp with Context-Aware Access, KMS/CMEK/HSM, Secret Manager, Confidential/Shielded VMs, Cloud IDS.
• Configure and monitor Security Command Center, audit logs, and threat protection
• Harden GKE & Workloads: private clusters, Workload Identity, Binary Authorization, Pod Security standards, NetworkPolicy, image scanning/provenance, OS patching via OS Config/VM Manager.
• Automate guardrails: Reusable Terraform modules, gated CI checks (OPA/Conftest/Policy Controller), drift detection and safe automated remediation; codify SCC mute rules and Cloud Armor policies.
• Establish logging, detection & IR: Standardize Cloud Audit Logs and Log Router sinks to CMEK log buckets; integrate to Chronicle SIEM; tune SCC (ETD/CTD/VM TD), build IR runbooks, triage incidents, and continuously improve MTTR.
• Assist clients with implementation of 2FA, DLP, and compliance controls.
• Generate security assessment reports and provide actionable recommendations.
• Collaborate with DevOps and infrastructure teams to fix vulnerabilities.
• Collaborate with ISSM: Work on maintaining ISO 27001 Security standards, performing annual networking tests.
• Continuously assess the landscape: track new GCP features (e.g., Assured Workloads, Confidential Space, reCAPTCHA Enterprise) and update baselines to improve posture, reliability, and cost efficiency.

Would be a plus:

• Experience with multi-cloud or hybrid environments
• Familiarity with Google Workspace Enterprise security features
• Basic knowledge of SIEM or zero trust architectures

Work conditions:

• Competitive Salary & Transparent Motivation: Receive a competitive base salary with performance-based bonuses, providing clear financial rewards for your success.
• Flexible Work Format: Work remotely with flexible hours, allowing you to balance your professional and personal life efficiently.
• Training with Leading Cloud Products: Access in-depth training on cutting-edge cloud solutions, enhancing your expertise and equipping you with the tools to succeed in an ever-evolving industry.
• International Collaboration: Work alongside A-players and seasoned professionals in the cloud industry. Expand your expertise by engaging with international markets across the EMEA and CEE regions.
• Vibrant Team Environment: Be part of an innovative, dynamic team that fosters both personal and professional growth, creating opportunities for you to advance in your career.
• When applying to this position, you consent to the processing of your personal data by CLOUDFRESH for the purposes necessary to conduct the recruitment process, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR).
• Additionally, you agree that CLOUDFRESH may process your personal data for future recruitment processes.

PrivatBank is the largest bank in Ukraine and one of the most innovative banks around the world. It holds a leading position for all the financial indicators in the area and comprises about a quarter of the whole banking system of our country.

We are looking for an Application Security Engineer. We are searching for the person who seeks to work in a dynamic environment and shares the values of initiative, openness and mutual trust.

We are striving to find a goal-oriented and multitask professional who would be focused on making good results and high quality.

Requirements:

• At least 3 years of experience in application security or related fields such as penetration testing and security architecture
• Proficiency in using security scanners such as SAST, DAST, SCA, Secret Detection, and Container scanning
• Experience integrating security scanners in CI/CD pipelines using Jenkins for GitLab
• Certifications such as CEH, OSCP, CSSLP, AWS Certified Security Specialty, etc. is preferred
• Background in software development, including roles such as Developer, Business Analyst, Architect, DevOps, etc
• Knowledge of Secure Software Development Life Cycle (S-SDLC) and frameworks like OWASP SAMM, BSIM, and Microsoft SDL
• Familiarity with the software development process and stages
• Basic understanding of software code
• Knowledge of key infrastructure components like databases, queues, application servers, load balancers, NoSQL, etc
• Understanding of major types of vulnerabilities
• Understanding of software architecture
• Knowledge of network protocols such as DNS, HTTP/S, SMTP, SSH, and FTP
• Ability to independently research information and solve complex problems
• Critical thinking skills

Responsibilities:

• Conduct security audits using the OWASP SAMM framework to assess current practices, identify gaps, and evaluate compliance levels within the organization
• Develop and implement strategic plans aimed at enhancing security maturity levels throughout the organization, with gradual improvements
• Application security governance and metrics
• Collaborate with various team members, including developers and top management, to advocate and implement application security best practices
• Improve our application security management platform
• Manage security architecture, focusing on integrating security at every stage of the software development lifecycle
• Integrate and oversee security automation tools to enhance security processes and reduce manual error
• Oversee security testing across various stages of software development to identify and mitigate potential security vulnerabilities
• Engage in threat modeling activities to predict and neutralize potential security threats before they impact the system
• Ensure compliance with relevant industry standards and regulations by regularly updating security policies and standards
• Track and manage software defects to ensure timely resolution of security-related issues
• Develop and conduct training and awareness programs to enhance security knowledge and practices across the organization
• Spearhead the secure integration of CI/CD practices into software development processes to ensure continuous security
• Use cloud services for application security

We offer:

• Work in the largest and most innovative bank of Ukraine
• Official employment and 24 calendar days of vacation
• Sick leave compensation
• Medical Insurance
• Competitive salary
• Bonuses, premium according to company policy
• Corporate training
• Modern comfortable office
• Interesting projects, ambitious tasks and dynamic growth
• Corporate financial assistance in critical situations
• A friendly professional and strong team
• Possibility of remote work format

PrivatBank is open to support and employ veterans and people with disabilities.

We believe that discrimination due to health conditions, physical abilities, age, race and ethnicity, gender or marital status is unacceptable.

We are ready to train veterans and candidates with disabilities without banking experience.

At Balancify, we’re redefining finance to be transparent, inclusive, and built for the next generation. Banking shouldn’t feel like a black box — we make it clear, accessible, and trustworthy. Our real strength is the team: not just roles, but builders creating something meaningful together.

What you’ll do:

• Apply cloud security best practices: IAM, encryption, compliance  

• Diagnose and resolve complex infrastructure issues  

• Develop and maintain IaC with Terraform, CloudFormation, and scripts (Python, Bash, Go)  

• Drive end-to-end observability, define SLOs/error budgets, and maintain actionable dashboards  

• Manage secrets & keys (AWS KMS/Secrets Manager), automate rotation, and maintain audited access  

• Keep payment processing highly available & low-latency: capacity planning, autoscaling, load/performance testing

We’re looking for you if you:

• Have 4+ years in DevSecOps/SRE/Cloud Engineering  

• Strong AWS knowledge (IAM, VPC, KMS, Secrets Manager)  

• Experience with IaC (Terraform/CloudFormation) and automation scripting  

• Proficient in observability tools (Prometheus, Grafana, ELK, OpenTelemetry)  

• Hands-on with CI/CD, Docker/Kubernetes, and security best practices

• Analytical, proactive, and able to balance speed, security, and reliability 

Bonus points for:  

• Experience in FinTech, high-load, or regulated environments  

• Knowledge of PCI DSS, SOC2, or other compliance frameworks  

• Performance/security testing expertise

Why join us?

• Build and secure the backbone of a next-generation fintech product

• Be part of a team that values ownership, collaboration, and innovation

• Directly influence system resilience, security, and performance

• Flexible, supportive, and growth-oriented environment

🚀 Ready to keep our systems secure, scalable, and blazing fast? Apply now and join Balancify!

United Tech is looking for an engineer to strengthen our security on all levels: help us build a modern SIEM, streamline IAM with SSO/MFA, and implement centralized secret management. The goal is to identify risks before they become issues and respond quickly without unnecessary bureaucracy. This role is for a detail-oriented professional who takes pride in precision and loves when systems run cleanly and transparently. If you adapt quickly to change without compromising on quality, this combination will help you become a key player in developing our security landscape — and, over time, grow into the Head of Security role

About the company: United Tech is a global IT product company shaping the future of real-time social connection. With millions of users across North America, Europe, LATAM, and MENA, we build next-gen mobile and web apps for live-streaming and social networking. Our platforms enable connection at scale fast, interactive, and deeply engaging. The market is projected to exceed $206B by 2030, and we are already leading the evolution. Founded in Ukraine, scaling worldwide. Are you in?

In this role, you will

• Build and evolve a high-availability SIEM platform with proper event collection
• Connect key log sources (clouds, applications, infrastructure, security tools)
• Configure meaningful detections and clear dashboards aligned with real business risks
• Streamline IAM: SSO/MFA, access model, JML automation, and “breakglass” account control
• Integrate a secrets manager for convenient and secure usage across development and CI/CD

It’s all about you

• Hands-on experience with SIEM (Wazuh/ELK/OpenSearch or similar), writing rules, and working with Active Response
• Confident with Linux, networks, and log stack; solid understanding of event normalization
• Proven track record in IdP/IAM integrations (SAML/OIDC/OAuth2, SCIM, MFA/WebAuthn, RBAC/ABAC)
• Experience with secret managers (Bitwarden, Vault, or equivalents) in enterprise environments
• Passion for automation: Bash or Python, Terraform/Ansible, and cloud/security APIs
• Good understanding of MITRE ATT&CK, CIS, NIST, and PCI DSS/ISO requirements
• Experience in financial or payment environments
• Practice with EDR, WAF, cloud security services, and incident response

What we offer

Care and support: 

• 20 paid vacation days, 15 sick days, and 6 additional days off for family events
• Up to 10 additional days off for public holidays
• 100% medical insurance coverage
• Sports and equipment reimbursement
• Team building events, corporate gifts, and stylish merch
• Financial and legal support
• Position retention and support for those who join the Armed Forces of Ukraine
• Participation in social initiatives supporting Ukraine
   

Comfortable working environment:

• Work from our Kyiv hub or remotely with a flexible schedule 
• Modern equipment or depreciation of your own tools
   

Investment in your future:

• Collaborate with a highly-skilled team of Middle & Senior professionals, sharing practical cases and expertise in the social networking niche
• 70% of our heads and leads have grown into their roles here – so can you!
• Performance-oriented reviews and Individual Development Plans (IDPs)
• Reimbursement for professional courses and English classes
• Corporate library, book club, and knowledge-sharing events
   

Hiring process

• Intro call
• Technical interview
• Interview with Hiring Manager
• Polygraph
• Reference check
• Offer

We are the creators of a new fintech era!
Our mission is to revolutionize the world by making blockchain technology accessible to everyone in everyday life. WhiteBIT is a global team of more than 1,200 professionals united by a shared vision of shaping the Web3 future.
We are building our own blockchain ecosystem, ensuring maximum transparency and security for over 8 million users worldwide. Our cutting-edge solutions, rapid adaptation to market challenges, and technological excellence set us apart from traditional companies.
Our official partners include the National Football Team of Ukraine, FC Barcelona, Lifecell, FACEIT, and VISA.


The future of Web3 starts with you — join us Cybersecurity Compliance Analyst !

Requirements

Hard Skills:

- Strong understanding of cybersecurity frameworks and regulations (ISO/IEC 27001, SOC 2, PCI DSS, GDPR, MICA/DORA, CCSS).

- Hands-on experience with internal audits and evidence collection.

- Knowledge of risk management principles (ISO 31000, NIST RMF is a plus).

- Familiarity with network and cloud security basics, data protection, and secure development lifecycle (SSDLC).

- Understanding of business continuity and disaster recovery concepts.

Soft Skills:

- Attention to detail and strong analytical mindset.

- Excellent written and verbal communication skills.

- Ability to work effectively with cross-functional teams.

- Critical thinking and problem-solving approach.

- Adaptability and willingness to learn.

Responsibilities

- Support the implementation and maintenance of cybersecurity governance frameworks (ISO 27001, SOC 2, PCI DSS, GDPR, MICA/DORA, CCSS).

- Assist in conducting internal security audits: prepare checklists, perform interviews, collect evidence, and document findings.

- Maintain and improve cybersecurity policies, procedures, and compliance documentation.

- Participate in risk assessments for systems, processes, and third-party vendors.

- Contribute to the development and monitoring of risk registers and control matrices.

- Assist in Business Continuity (BCP) and Disaster Recovery (DRP) planning and testing.

- Collaborate with IT, security engineers, legal, and business stakeholders to ensure compliance and mitigate risks.

- Prepare clear and concise reports on compliance status, audit results, and identified gaps.

Work conditions

Immerse yourself in Crypto & Web3:
— Master cutting-edge technologies and become an expert in the most innovative industry.
Work with the Fintech of the Future:
— Develop your skills in digital finance and shape the global market.

Take Your Professionalism to the Next Level:
— Gain unique experience and be part of global transformations.
Drive Innovations:
— Influence the industry and contribute to groundbreaking solutions.

Join a Strong Team:
— Collaborate with top experts worldwide and grow alongside the best.
Work-Life Balance & Well-being:
— Modern equipment.
— Comfortable working conditions, and an inspiring environment to help you thrive.
— 24 calendar days of paid leave.
— 5 calendar days of sick leave.
— Additional days off for national holidays.

The Information Security Specialist ensures appropriate controls are implemented and maintained to protect the confidentiality, integrity, and availability of company information assets. The position combines technical expertise with the development and enforcement of internal and regulatory security standards. 

Requirements:

• Minimum 2 years of practical experience in information security
• Degree in computer science or at least 5 years of relevant experience
• Hands-on experience with security tools such as Endpoint Protection, IDS/IPS, Network Security Scanners, Web Application Scanners, and DLP solutions
• Familiarity with containerization technologies (Docker, Kubernetes)
• Proficiency in configuring and securing UNIX/Linux systems
• Understanding of SDLC concepts and secure development practices
• Working knowledge of network architecture and operations
• Experience in digital evidence handling and security incident investigation
• Familiarity with international and industry standards such as PCI DSS, ISO 27001, GDPR, and DORA
• Basic understanding of blockchain principles and related security considerations
   

Responsibilities:

• Develop internal standards for secure system and network configurationIdentify and remediate vulnerabilities in company systems
• Manage and monitor access to information systems
  Administer and maintain security infrastructure (Endpoint Protection, SIEM, DLP, IDS, etc.)
• Monitor and analyze security events and incidents
• Develop and apply methods for detecting and responding to threats
• Participate in security incident investigations and digital forensics
• Lead or support initiatives to ensure compliance with PCI DSS, ISO 27001, GDPR, and DORA requirements

Job Description

We are seeking a highly skilled Security Architect to lead and drive our on-premises business engagements. This is a customer-facing, hands-on technical role responsible for designing, deploying, and supporting enterprise-scale solutions in complex customer environments. You will serve as the trusted technical advisor for customers, bridging Customer Success, R&D, and Product Management, and acting as the voice of the customer within the organization.
You will help customers architect secure, scalable, and high-performing deployments, oversee complex upgrades, and ensure the overall success of on-premises implementations.

Key Responsibilities

• Serve as the primary technical point of contact for on-premises deployments and upgrades.
• Engage directly with customers to understand their infrastructure, security requirements, and business objectives.
• Architect and design on-premises deployments aligned with customer needs, best practices, and security principles.
• Drive deployment, integration, and optimization of platforms in customer environments.
• Perform and oversee complex upgrades, migrations, and architecture transformations.
• Act as the escalation point for on-premises technical and deployment challenges.
• Collaborate with R&D, Product, and Support teams to drive continuous improvement and provide structured customer feedback.
• Provide technical guidance and mentorship to Professional Services and support engineers.
• Support proof-of-concept activities, architectural review, and security validation with customers.
• Participate in post-deployment reviews to ensure reliability, performance, and compliance with best practices.
• Represent the voice of the customer to internal teams, influencing roadmap and product decisions.
• Develop and maintain documentation, reference architectures, and deployment methodologies for on-premises environments.

Job Responsibilities

Required Qualifications

• Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or related technical field.
• 7+ years of experience in cybersecurity, infrastructure, or solution architecture roles.
• Strong expertise in on-premises deployments, including servers, storage, virtualization, and networking.
• Deep understanding of security architectures, endpoint protection, and defense-in-depth concepts.
• Hands-on experience with Linux, Windows Server, and enterprise IT ecosystems.
• Proven ability to design and deliver complex, high-availability enterprise deployments.
• Excellent customer-facing communication skills, capable of translating technical solutions into business value.
• Experience working with Professional Services teams and managing customer escalations.
• Strong problem-solving and troubleshooting skills in mission-critical environments.
• Familiarity with agile project delivery and cross-functional collaboration.

Preferred Qualifications

• Master’s degree in Cybersecurity, Computer Science, or Engineering.
• Relevant certifications: CISSP, CSSLP, CCSP, OSCP, CEH, or similar.
• Experience with endpoint detection & response (EDR), SIEM, or threat intelligence platforms.
• Working knowledge of cloud and hybrid architectures.
• Understanding of security compliance frameworks (NIST, ISO 27001, SOC 2, GDPR, etc.).
• Experience with DevOps/CI-CD processes for product deployment and upgrades.
• Scripting or programming familiarity (Python, Bash, PowerShell).
• Demonstrated ability to lead technical workshops, customer briefings, and architecture reviews.

Department/Project Description

The client is a product international company that provides a defence platform that enables development and security teams to protect critical workloads against emerging threats and undiscovered vulnerabilities with a lightweight agent that protects the organisation's public, private and hybrid cloud deployments on-premises data centres managed. In addition, it is an advanced endpoint detection and response platform, which gathers as much information as possible to detect and analyse complex threats while being as non-intrusive as possible, minimising the impact on the network and the endpoint.

We’re looking for a Senior Back-end Engineer with a strong background in security to help build a next-generation confidential computing system from the ground up.

You’ll design cryptographic infrastructure, develop Back-end services and APIs, and shape the core platform architecture. Working with HSMs, TEEs, and enterprise-grade cryptography, you’ll operate at the intersection of Back-end engineering and cybersecurity.

If you’re eager to build secure, high-performance systems that redefine data protection, join us to shape the future of confidential computing!

Customer:

Our Сustomer is at the forefront of AI and high-performance computing, building next-generation GPU infrastructure to power advanced AI/ML workloads, data analytics, and research.

Their team has decades of hands-on experience with high-performance distributed systems, ranging from creating early distributed clusters at NASA to scaling infrastructure for global leaders such as Google, Microsoft, CoreWeave, and Yahoo!/AOL. They know the challenges developers face because they’ve experienced them, and they’re determined to improve the situation.

Project:

Today, they’re redefining AI infrastructure by putting control and efficiency back into the hands of developers. With the latest GPUs, exceptional reliability, and transparent, fair pricing, they’re making powerful AI more accessible and enjoyable to use.

Their mission is simple yet bold: great AI developers deserve great AI infrastructure. By empowering creators with the necessary tools, they’re paving the way for real breakthroughs in artificial intelligence, and they’re just getting started.

Responsibilities:

• Design and build high-performance, secure Back-end services for our vault and key management infrastructure
• Develop cryptographic workflows, including key generation, rotation, and secure storage mechanisms
• Build robust APIs with comprehensive authentication, authorization, and rate limiting
• Write clean, maintainable, and well-tested code with security as a primary consideration
• Implement comprehensive audit logging and monitoring for security-critical operations
• Collaborate with the security team on threat modeling and security reviews
• Participate in code reviews with a focus on security best practices
• Create technical documentation for internal systems and API endpoints
• Integrate with Hardware Security Modules (HSMs) and cloud KMS services
• Implement secure secret management and rotation mechanisms
• Build defense-in-depth security controls across all services
• Conduct security analyses of third-party dependencies

• Participate in security audits and penetration testing remediation

   

Requirements:

• 5+ years of Back-end development experience, building production systems
• Strong proficiency in Python (FastAPI, Django, or Flask) and/or Go, Rust, C++
• Solid understanding of cryptographic principles, including symmetric and asymmetric encryption, hashing, key derivation and digital signatures
• Experience with RESTful API design and development
• Understanding of authentication and authorization patterns (OAuth 2.0, JWT, and mTLS)

• Upper-Intermediate level of English

   

Will be a plus:

• Experience with Trusted Execution Environments, such as Intel TDX, NVIDIA Confidential Computing, or Secure VMs
• Experience with Git, CI/CD pipelines, and modern development workflows

• Ability to adapt and thrive in ambiguous and fast-moving startup environments

   

Personal Profile:

• Strong problem-solving skills and the ability to diagnose complex security workflows
• Excellent communication skills and the ability to collaborate with DevOps, AI, and cloud engineering teams
• Detail-oriented mindset to ensure high availability and reliable services

We’re looking for a skilled Product Security Engineer with a strong technical background to drive security initiatives across our product ecosystem. In this role, you’ll collaborate closely with development and platform teams to proactively identify and mitigate security risks, integrate robust security practices into every stage of the software development lifecycle (SDLC), and lead efforts around automation, tooling, and secure configuration of Azure-based infrastructure and pipelines.

Responsibilities

• Design, implement, and maintain secure and scalable CI/CD pipelines using Azure DevOps
• Automate provisioning and configuration of Azure infrastructure (Terraform, ARM templates)
• Conduct threat modeling, architecture reviews, and secure code assessments
• Collaborate with engineering teams to ensure secure application deployment and configuration
• Embed security controls and checkpoints across the SDLC
• Manage and optimize security tools: SAST, DAST, SCA, container and IaC scanning
• Tune automation workflows and reduce false positives
• Secure Azure services such as App Services, AKS, Key Vault, and Azure AD
• Guide on secrets management, access control, and workload hardening
• Participate in incident response and root cause analysis with the SOC

• Support compliance efforts (SOC 2, ISO 27001) and contribute to audit readiness

   

Requirements

• 7+ years in Product Security, Application Security, DevSecOps, or related fields
• Strong development skills (Python, Java, JavaScript, Go, or C# preferred)
• Solid hands-on experience with Azure (Azure DevOps, App Services, Key Vault, AKS)
• Familiarity with security standards like OWASP, CWE, and secure coding best practices
• Experience with CI/CD security automation (GitHub Actions, Azure DevOps)
• Strong understanding of infrastructure-as-code and cloud security (Terraform, Docker, Kubernetes)
• Background with IAM, API security, and regulatory compliance (SOC 2, ISO 27001, NIST)
• Experience troubleshooting production issues and optimizing performance in cloud environments

• Strong communication and collaboration skills

   

Preferred Qualifications

• Experience working with multi-tenant SaaS applications
• Understanding of AI/ML security principles
• Familiarity with threat intelligence and attack surface management tooling

What’s In It for You?

• Career Growth – Opportunities to develop and advance.
• Performance Reviews – Regular feedback and support.
• Work Anniversaries – Special gifts to celebrate milestones.
• Flexible Work – Hybrid or remote (Lviv office available).
• Mentorship – Guidance from experienced professionals.
• Accounting Support – We handle the paperwork.
• Paid Time Off – 18 vacation days + 5 sick days per year.
• Extra Leave – 10 additional days off annually.
• Free Office Lunches – Enjoy meals on us.
• Team Events – Gatherings, gifts, and a welcoming atmosphere.

We are seeking a Senior Information Security Consultant / IT Audit Manager to join our TechMagic team. You will work on a diverse portfolio of clients, providing expert guidance on their security and compliance journeys. This is a full-time, remote position, and we are looking for a highly skilled professional with a strong background in GRC and IT audit.

Must have

• Experience: 4–7+ years in GRC, IT audit, or compliance, with a proven track record of successfully completing at least two end-to-end ISO 27001 and/or SOC 2 programs.
• Primary Stack: Deep expertise in ISO/IEC 27001:2022, SOC 2, NIST CSF 2.0, and OWASP ASVS/SAMM/DSOMM.
• Cloud & Compliance: Strong knowledge of cloud security best practices on AWS/Azure/GCP and a solid understanding of HITRUST, GDPR, and HIPAA.
• Tools: Hands-on experience with GRC platforms like Drata, Vanta, or Secureframe.
• English: Upper-Intermediate or Advanced level proficiency.

Will be a plus

• Certifications: ISO 27001 Lead Implementer/Lead Auditor, CISSP, CISM, or CISA.
• Regulatory Knowledge: Familiarity with Microsoft SSPA/DPR and NIS2/DORA.
• Security Operations: Exposure to SIEM/SOC (e.g., Microsoft Sentinel).
• Domain Experience: Prior experience in the fintech or healthcare industries.

Responsibilities

• Lead GRC Engagements: You will manage end-to-end ISO 27001, SOC 2, and HITRUST readiness projects. This includes everything from gap assessments and risk analysis to coaching clients on implementation and providing support during external audits.
• Act as a vCISO: Serve as a fractional vCISO for our clients, taking ownership of their security roadmaps, risk registers, security awareness programs, and reporting to executive leadership and boards.
• Implement and Manage ISMS: Build and maintain Information Security Management Systems (ISMS), handling all aspects from policy lifecycle management and internal audits to continual improvement.
• Drive Risk Management: Conduct enterprise risk assessments and facilitate threat modeling to proactively identify and mitigate security risks.
• Consult on Core Security Practices: Advise clients on key security practices, including secure SDLC, change management, incident response, and business continuity planning, with a focus on cloud security in AWS, Azure, and GCP.

Work Schedule

Full-time working day in our Lviv or Kyiv office, (flexible hours) or full-time remote

Interview Stages

• 1st stage - call with Recruiter
• 2nd stage - Technical interview

Our Benefits

• Opportunity to improve your skills in stong technical team
• Work from anywhere (fully remotely or in our office) 
• Paid vacations and sick leaves, additional days off, relocation bonus;
• Wellness: Medical insurance/sports compensation/ health check-up+flu vaccination at your choice
• Education: regular tech talks, educational courses, paid certifications, English classes;
• Fun: own football team, budget for team lunches, branded gifts
• One of the best IT employers in Lviv based on DOU rating.

Overview
 We are hiring a senior-level Backend Developer to join the core technical team for a newly restructured security-focused application. This is a high-ownership, long-term role. The ideal candidate is experienced, fast-moving, reliable under pressure, and able to handle both architectural complexity and urgent operational needs.

Responsibilities
 • Develop and maintain backend infrastructure for a multi-layer security application
 • Build scalable and reliable APIs, integrations, and backend logic
 • Troubleshoot and resolve backend issues quickly (critical response mindset)
 • Participate in backend architecture discussions and feature planning
 • Work closely with the founder, senior consultants, and product direction
 • Optimize for performance, security, reliability, and stability
 • Produce clean, testable, well-documented code suitable for long-term scaling

Requirements
 • 5 to 10+ years backend development experience
 • Strong background in security systems, networking, or high-pressure environments
 • Ability to rapidly diagnose and fix backend production issues
 • Strong communication, discipline, and problem-solving skills
 • Proficiency with backend languages such as Node.js, Golang, or Python
 • Experience with cloud infrastructure (AWS preferred)
 • Independent, proactive, and able to handle urgent shifting priorities
 • Ukraine-based preferred (timezone alignment and strong engineering culture)

Nice to Have
 • Experience with VPN technology, encryption, authentication, or security workflows
 • Familiarity with frontend technologies for cross-functional collaboration
 • Experience working with technical advisors or senior consultants

Compensation
 • Competitive; based on seniority and long-term alignment