Jobs Security

We’re hiring a Lead IT Security Engineer for Limitless Labs — a crypto + AI company building one of the largest prediction markets on Base.

The platform has already processed $3B+ in trading volume, with strong user engagement and retention. Security is a critical part of scaling the system further.

What you’ll do

• Own and lead security operations across the company
• Build and improve threat detection, monitoring, and incident response systems
• Design SIEM, logging, and alerting pipelines
• Lead incident response and post-mortems
• Conduct risk assessments and threat modeling
• Manage vulnerabilities and remediation processes
• Ensure readiness against real-world attacks (DDoS, exploits, key compromise)
• Work with external security vendors and auditors

What we’re looking for

• 7+ years in Security Operations
• Experience owning security in production environments
• Strong knowledge of cloud security (GCP, Cloudflare)
• Solid understanding of infrastructure, network, and application security
• Hands-on experience with SIEM / EDR / SOAR systems
• Experience handling high-severity incidents
• Ability to operate under pressure and make critical decisions

Nice to have

• Web3 / blockchain security experience
• Experience securing financial or trading systems
• SOC2 / ISO 27001 experience
• Background in penetration testing or red teaming

Why this role

• Real impact on a live system with real users and funds
• High ownership and autonomy
• Fast-moving, high-risk environment
• Opportunity to build and shape security operations

We are looking for a Senior DevSecOps| AppSec Manager to join our team. This is a hands-on role for someone who knows how to work closely with engineering teams, embed security into the development lifecycle, and turn real vulnerabilities into practical fixes — not just reports. If you enjoy being in the middle of the action, collaborating with developers daily, and building a security culture from the inside out, we’d love to hear from you.

The Project
You will work embedded within delivery teams across multiple products, partnering with squad tech leads and vertical leads to integrate security practices into CI/CD pipelines, review cloud and application configurations, and drive a shift-left security mindset across the organization. The environment is cloud-native, GitHub-based, and AWS-powered — fast-moving and engineering-driven.

Tech requirements:

• 5+ years of hands-on Application Security / Product Security / DevSecOps experience working directly with engineering teams.
• Strong AppSec tooling experience: SAST, SCA, code scanning, GitHub / GitHub Advanced Security / SonarQube / Dependabot, and CI/CD integration.
• Ability to read code, assess real risk, and drive practical remediation (not just flag issues).
• SSDLC / shift-left skills: threat modeling, security design reviews, vulnerability management.
• Strong application and API security fundamentals: authN/authZ, secrets management, dependencies, injection, data protection.
• Experience with cloud-native delivery: containers, IaC, Git-based workflows, automation, and clear documentation.
• English — Upper-Intermediate (B2) or higher. Ukrainian — fluent.

Nice to have:

• IaC scanning, container/image security, software supply chain, and secrets management experience.
• AWS cloud security experience.
• Experience in regulated, audit-sensitive, or event-critical environments.

What you will do:

• Work directly with development teams to incorporate security scans into their CI/CD pipelines.
• Identify and assess vulnerabilities in the software supply chain, advising on risk priority and remediation.
• Review GitHub and AWS configurations in the context of application development and deployed environments.
• Conduct security design reviews and contribute to threat modeling sessions.
• Update and maintain vulnerability reporting, collaborating with squad tech leads and vertical leads to review and address findings.
• Champion shift-left security practices and help build a strong security culture across engineering teams.

Why join Empeek? ✨
Challenging & meaningful products — complex architectures, modern technologies, and solutions that truly make an impact.
Professional growth — personal development plan, mentorship, career maps, and opportunities to grow into new roles and responsibilities.
Strong team culture — we share the same mission, values, and passion for what we do.
Flexibility & ownership — freedom to choose your format and schedule, focus on results, and have a real impact on the company’s success.

What we offer
Access to learning opportunities — internal and external training, certification reimbursement.
18 paid vacation days, 10 public holidays compensated, and up to 10 paid sick days.
Partial compensation for English classes + free speaking club.
Up to $180/year for sports activities.
Mentorship and knowledge sharing — people you can really learn from.
Career maps and growth plans to support your professional development.
New equipment provision, and accounting support if needed.
Competitive market-level salary with regular reviews.
Additional perks and compensations such as insurance fund, gifts etc.
Psychological safety and supportive culture.
Company values that align with yours.
Social responsibility — support the Armed Forces

📌 If you believe this role could be a great match for you, please send us your resume via the link — we’ll be happy to get in touch with you.

Project Description

We’re looking for a Senior Software Developer who understands Windows at a deep level and enjoys solving hard identity-security problems in elegant ways. We value clear thinking, clean code, and people who build things that last. You will have broad autonomy, minimal bureaucracy, and direct influence on the product architecture.

Client Description

Our client is a cybersecurity company from Germany which redefines authentication: removing passwords, unifying token types, and building a new foundation for enterprise identity. You will be shaping the platform that CIOs, CISOs, and engineers trust for critical access control. 
 

Position Requirements:

- Expert-level knowledge of Windows system architecture (Win32 APIs, security subsystems, identity stack)

- Strong experience in both C++ and in C#/.NET

- Solid understanding of cryptography, especially Windows crypto implementations (CNG, DPAPI, smartcard/PCSC, certificate handling)

- Ability to work on complex features independently and drive them from concept to stable production code

- Curiosity, creativity, and a willingness to challenge old assumptions

Nice to Have

- Experience with authentication technologies, identity protocols, SAML, FIDO, smart cards, secure design

- Background in building system-level security products or middleware

- Familiarity with cryptographic key management, or hardware-backed cryptography

Candidate Responsibilities

You will design and build native and managed Windows applications and services that form the backbone of a passwordless multifactor authentication platform. This includes secure desktop components, system-level integrations, and high-performance server modules that interact closely with Windows internals.

Who Are We?

Welltech is a global wellness technology company with Ukrainian roots. Our mission is to build and scale wellness apps globally through state-of-the-art, tech-driven performance marketing.

We are one of the most established players in the wellness app space, and we are accelerating. Over 25.5 million people across the world use our apps — Muscle Booster, Yoga-Go, and WalkFit — to build healthier habits, move more, and feel better every day. Every subscription represents a real person making a real change in their life, and we take that seriously.

With 500+ people across hubs in Cyprus, Ukraine, Poland, Spain, and the UK, we combine the scale of a market leader and the drive of a team that's just getting started.

What We're Looking For

We are seeking a talented and motivated Senior Security Engineer (x/f/m) to join our small but dedicated Security Team. In this role, you will play a crucial part in strengthening our overall security posture, collaborate across teams and domains, and own security initiatives company-wide.

Responsibilities:

• Own and drive execution of multiple key security initiatives, ensuring they are well-integrated, documented, and effectively support Welltech’s security goals.
• Collaborate with leadership to shape the team’s roadmap, providing your expertise.
• Mentor junior team members in the Security team to help them grow in their role.
• Collaborate with engineering, IT, and product teams to embed security best practices throughout the development lifecycle and operational processes.
• Champion continuous improvement in Security Engineering by regularly reviewing processes, implementing automation, and driving standardization to enhance team efficiency and organizational impact
• Lead PCI-DSS Compliance initiative with relevant stakeholders
• Design, implement, and maintain security controls and measures across Welltech’s systems, networks, and cloud environments.
• Contribute to threat modeling, risk assessments, and incident response, supporting a proactive and resilient security posture.
• Develop and refine internal security policies, standards, and tools to support company-wide security goals.
• Support and lead security awareness efforts, helping to foster a strong security culture throughout the organization.

Continuously evaluate emerging threats, technologies, and practices, driving improvements to Welltech’s overall security maturity.

Requirements:

• 5+ years of hands-on security engineering experience with proven expertise in implementing and managing security solutions
• Solid understanding of security principles, vulnerabilities, and common attack techniques.
• Proficiency with Python (especially writing Lambda functions).
• Experience with Kubernetes in production environments.
• Familiarity with CI/CD tooling and secure deployment practices.
• Very good knowledge of cloud platforms - AWS or Google Cloud.
• Big plus: Solid Experience with PCI.

• Nice to have: Experience with application security, DLP platforms, and observability.

   

  Soft Skills:

• Excellent written and verbal communication skills.
• A collaborative, proactive mindset and passion for continuous improvement.
• Ability to clearly communicate complex security concepts to technical and non-technical stakeholders.
• Strong organizational skills to effectively prioritize and manage multiple concurrent tasks and meet deadlines.

Cloudfresh ⛅️ is a Global Google Cloud Premier Partner, Zendesk Premier Partner, Asana Solutions Partner, GitLab Select Partner, Hubspot Platinum Partner, Okta Activate Partner, and Microsoft Partner.

Since 2017, we’ve been specializing in the implementation, migration, integration, audit, administration, support, and training for top-tier cloud solutions. Our products focus on cutting-edge cloud computing, advanced location and mapping, seamless collaboration from anywhere, unparalleled customer service, and innovative DevSecOps.

We’re looking for a Google Cloud Security Engineer to harden client environments across GCP. You’ll implement and help design security controls, automate guardrails, improve detection & response, and guide stakeholders through pragmatic, risk-based decisions across EMEA.

Requirements:

• 3+ years proven, hands-on experience in a Security Engineer, SecOps (or similar) role.
• Strong knowledge of building and operating Security Porture, Edge protection, WAF, Endpoint security.
• Technical certifications related to CyberSecurity Google Cloud Solutions, Cloudflare and JumpCloud are an advantage.
• Experience of presentation, documentation.
• Excellent communication and strategic planning abilities, able to explain trade-offs, influence remediation, and drive adoption of guardrails.
• Basic scripting experience (e.g., Python, Bash, or gcloud CLI).
• Fluency in English.

Responsibilities:

• Design, implement, and operate security controls for internal needs and clients across.
• Perform cybersecurity audits.
• Configure and monitor Security Command Center, audit logs, and threat protection.
• Establish logging, detection and incident response.
• Assist clients with implementation of Cybersecurity products (Google Cloud Security Center, Google Workspace Security, Cloudflare, JumpCloud) and compliance controls.
• Generate security assessment reports and provide actionable recommendations.
• Continuously assess the landscape: track new Vendors features and update baselines to improve posture, reliability, and cost efficiency.

Work conditions:

• Competitive Salary & Transparent Motivation: Receive a competitive base salary with performance-based bonuses, providing clear financial rewards for your success.
• Flexible Work Format: Work remotely with flexible hours, allowing you to balance your professional and personal life efficiently.
• Training with Leading Cloud Products: Access in-depth training on cutting-edge cloud solutions, enhancing your expertise and equipping you with the tools to succeed in an ever-evolving industry.
• International Collaboration: Work alongside A-players and seasoned professionals in the cloud industry. Expand your expertise by engaging with international markets across the EMEA and CEE regions.
• Vibrant Team Environment: Be part of an innovative, dynamic team that fosters both personal and professional growth, creating opportunities for you to advance in your career.

When applying to this position, you consent to the processing of your personal data by CLOUDFRESH for the purposes necessary to conduct the recruitment process, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR).
Additionally, you agree that CLOUDFRESH may process your personal data for future recruitment processes. You can withdraw this consetn at any time.

Who Are We?

Welltech is a global wellness technology company with Ukrainian roots. Our mission is to build and scale wellness apps globally through state-of-the-art, tech-driven performance marketing.

We are one of the most established players in the wellness app space, and we are accelerating. Over 25.5 million people across the world use our apps — Muscle Booster, Yoga-Go, and WalkFit — to build healthier habits, move more, and feel better every day. Every subscription represents a real person making a real change in their life, and we take that seriously.

With 500+ people across hubs in Cyprus, Ukraine, Poland, Spain, and the UK, we combine the scale of a market leader and the drive of a team that's just getting started.

What We're Looking For

Welltech’s success and constant growth is increasingly introducing new challenges to the security of our products. We are looking for a dedicated and experienced Senior/Staff Security Engineer to lead our security initiatives and drive our security strategy forward.

Responsibilities:

• Security Strategy Development: Design and implement mid and long-term security strategies, aligning them with business goals and technology roadmaps to ensure robust protection of digital assets. Collaborate across functions to integrate security practices into the broader organizational strategy.
• Risk Management: Identify, assess, and manage security risks, developing strategies to mitigate potential threats and vulnerabilities. Communicate risks and recommendations to senior leadership.
• Security Observability: Lead the transition from managed detection and response services to an in-house capability, ensuring seamless operational change and continuity. Develop and implement security monitoring and alerting strategies using Datadog and PagerDuty.
• Incident Response: Establish and manage an on-call incident response protocol to ensure swift and effective response to security incidents.
• Data Security Innovation: Partner with the Privacy team to establish foundational data security practices and policies, driving data security initiatives that comply with international industry standards and regulations.

• Certification & Compliance: Provide hands-on expertise to achieve and maintain PCI DSS certification. Ensure that security standards comply with industry regulations and best practices.

   

Requirements:

• Experience:
  • A minimum of 5 years in Security Engineering roles.
  • Demonstrated ability to lead large scale security projects and initiatives effectively.
  • Proven track record in implementing data security initiatives that meet industry standards.
  • Hands-on incident response experience with a track record of managing and mitigating security incidents effectively.
  • Experience with regulatory compliance standards and frameworks such as GDPR, PCI-DSS, or ISO 27001.
• Technical Skills:
  • Strong coding skills, with a focus on security-focused development.
  • Proven proficiency in utilizing Datadog and PagerDuty for detection and response operations.
  • Deep understanding of AWS security frameworks, practices, and tools to protect cloud-hosted environments.
• Soft Skills:
  • Strong communication skills with the ability to articulate complex security issues to technical and non-technical audiences.

RedCore is an international business group that creates technological solutions for digital markets. Our products and services cover fintech, marketing, e-commerce, customer service, communications and regulatory technologies.

We are looking for a Security System Engineer to join our teams!

Requirements:
- 2–4 years of experience in Endpoint Security / SOC / IT Security
- Hands-on experience with EDR solutions (SentinelOne, CrowdStrike, Microsoft Defender for Endpoint, or similar)
- Experience managing MDM solutions (ManageEngine, Intune, Jamf, or similar)
- Understanding of endpoint hardening principles and baseline configurations (CIS Benchmarks or similar)
- Experience with patch management processes and compliance tracking
- Hands-on experience in incident investigation
- Understanding of Incident Response processes and basic forensic practices
- Experience working with or integrating SIEM solutions (Splunk, ELK, Microsoft Sentinel, or similar)
- Understanding of the endpoint threat landscape (malware, phishing, privilege escalation, persistence techniques)
- Administrative-level experience with Windows and macOS

Will be plus:

- Experience with IdP solutions (JumpCloud, Okta, Azure AD)
- Basic scripting skills (Python, Bash, or PowerShell) for automation
- Experience participating in threat hunting activities
- Understanding of security standards and frameworks (ISO 27001, PCI DSS, SOC 2)
- Cybersecurity-related certifications

Soft Skills:

- Ability to independently investigate incidents and make decisions
- Ability to handle large volumes of alerts and effectively prioritize tasks
- Strong communication skills with SOC, IT, and cross-functional teams
- Attention to detail and a structured, analytical mindset

Responsibilities:
- Endpoint Security
- Ensure 100% endpoint coverage with security agents (EDR/AV, MDM, IdP)
- Manage and optimize EDR policies
- Implement and maintain secure baseline configurations for endpoint devices
- Manage device security policies via MDM
- Control software inventory on corporate devices
- Manage agent versions, ensuring timely updates and lifecycle (EOL) control
- Monitor patch compliance and prepare reporting across teams

Monitoring, Incident Response & Threat Hunting
- Integrate EDR, MDM, and IdP with SIEM, ensuring complete and reliable telemetry ingestion
- Participate in threat hunting activities to identify endpoint-level threats
- Investigate and respond to endpoint security incidents
- Collect and analyze forensic artifacts
- Participate in post-mortem analysis and define corrective actions

- Compliance & Audit
- Develop and maintain endpoint security policies
- Conduct regular audits and remediate out-of-compliance devices
- Ensure endpoint security posture aligns with current standards and regulatory requirements

Our benefits to you:

☘️An exciting and challenging job in a fast-growing business group, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and more

🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed

🧑🏻‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided

🏖Paid vacations, sick leave, personal events days, days off

💵Referral program — enjoy cooperation with your colleagues and get the bonus

📚Educational programs: regular internal training sessions, compensation for external education, attendance of specialized global conferences

🎯Rewards program for mentoring and coaching colleagues

🗣Free internal English courses

✈️In-house Travel Service

🦄Multiple internal activities: online platform for employees with quests, gamification, presents and news, clubs for movie / book / pets lovers and more

🎳Other benefits could be added based on your location

About the Role

We are looking for a highly skilled and strategic Senior DevSecOps Engineer to lead our security operations and infrastructure automation initiatives. In this role, you will bridge the gap between development, security, and operations, ensuring our on-premise environment remains secure, resilient, and efficient.
You will act as a subject matter expert, leveraging cutting-edge tools like CrowdStrike to automate threat detection and response, while maintaining robust perimeter security via Cloudflare.

Key Responsibilities
Implementation and automation of security tools in the CI/CD process (SAST, DAST, SCA).
Analysis of vulnerabilities in code, infrastructure and containers.
Development and configuration of security monitoring systems, incident response.
Monitoring and improving the security level of on-prem infrastructures.
Interaction with developers, DevOps and security teams to implement secure practices.
Active participation in the processes of IAM configuration, management of certificates, secrets and access policies.
Conducting internal security audits, participation in external (e.g. penetration) tests.

Requirements

Must-have:
Experience: 5+ years of experience in DevSecOps, Security Engineering, or a related field, with at least 2 years in a Senior role.
Tooling Expertise: Deep hands-on experience with the following specific tools:
Baremetal/on-premise infrastructure
Docker (Docker Swarm is a strong plus)
Gitlab CI 
CrowdStrike
Cloudflare
ELK.
SIEM Proficiency: Proven experience deploying and tuning SIEM solutions (e.g., Splunk, Elastic Security, Datadog, or similar).
Infrastructure: Strong background in managing on-premise infrastructure (physical servers, data centers, virtualization, networking).
Scripting: Proficiency in Python, Go, or Bash for automation and tooling.

Nice-to-have:
Experience with Kubernetes and such tools as Wiz.io and Torq.
Previous involvement in high-load, regulated, or 24/7 production environments (e.g., iGaming, FinTech, telecom or similar).

We offer
Fully remote work opportunity
Enhanced leave benefits:
20 days of paid vacation
5 paid days off
14 paid sick leaves
Company clubs & communities
Celebration gifts for personal milestones
Corporate online events, raffles & challenges
Corporate English program
Corporate yoga classes
Team-building activities
Coworking compensation
Training and development programs (internal & external).

Come Back Agency supports US software and technology companies by running their hiring process. We work with delivery and leadership teams to define roles, screen candidates, and manage interviews. Successful candidates are hired directly by the company and become part of its team.

This position is with a US-based software company providing custom development and AI implementation for North American clients. The team builds and maintains production software, including AI-enabled systems, and works in long-term client engagements. Team members operate as part of an internal, distributed team and collaborate directly with client stakeholders.

About the role

The company is moving deeper into enterprise work. We need a DevOps engineer who can help harden our infrastructure, implement security best practices, and drive compliance readiness so we can pass enterprise vendor reviews and pursue certifications like SOC 2 and ISO 27001. You will work closely with engineering and leadership across infrastructure, security, and compliance.

What you will do:

• Build and maintain secure cloud infrastructure and CI/CD pipelines
• Implement access control, least privilege, and secrets management across environments
• Standardize logging, monitoring, alerting, and audit trails
• Create and maintain secure SDLC practices, including code scanning, dependency scanning, and change control
• Set up incident response basics, including runbooks, on-call expectations, and post-incident process
• Compliance readiness for SOC 2 and ISO 27001 by implementing required technical controls and gathering evidence
• Vulnerability management and patching routines for infrastructure and dependencies
• Improve backup, disaster recovery, and business continuity practices
• Support client security questionnaires with clear technical answers and evidence

Requirements:

• Up to 2 years of DevOps experience with cloud infrastructure and deployment pipelines
• Hands-on experience with AWS, including IAM, networking, compute, and logging services
• Experience with Infrastructure as Code such as Terraform
• Experience with containerization and orchestration, Docker and Kubernetes preferred
• Comfort setting up security tooling, SAST, DAST, dependency scanning, secret scanning
• Ability to document systems clearly and work with auditors or compliance tools when needed
• English at B2 level or higher - you will collaborate directly with US client stakeholders

Nice to have:

• SOC 2 or ISO 27001 experience, even if you were the technical owner not the compliance PM
• Experience with Vanta, Drata, Secureframe, or similar evidence automation tools
• Experience working with HIPAA or other regulated client environments
• AWS certifications such as Solutions Architect or Security Specialty

What We Offer:

• Working hours aligned with US time zones, typically 16:00-23:59 Kyiv time
• English lessons to support clear and confident communication
• Paid vacation and sick days
• Fully remote work
• Opportunities for professional growth within the team
• Structured, personalized onboarding to help you ramp up effectively

Apply with your resume and a short note outlining your relevant experience. You can also submit it through our website at comeback.ua. Selected candidates will be contacted by Come Back Agency.

We are looking for a  DevSecOps Engineer to join our team and help maintain and improve a secure cloud infrastructure on AWS. Our applications run on Kubernetes (EKS), Cloudflare is used for edge protection, and Wazuh serves as our SIEM / HIDS platform.
 

This role is suited for an engineer with hands-on experience who will work within an existing architecture and established best practices, rather than owning the full system design.

Requirements:
AWS / Cloud

• 2+ years of commercial experience with AWS;
• Hands-on experience with EKS or other managed Kubernetes platforms;
• Basic understanding of IAM, VPC, Security Groups, and CloudWatch.

Kubernetes / Containers

• Experience with Kubernetes (deployments, services, ingress);
• Understanding of Kubernetes RBAC (ability to apply and maintain existing policies);
• Experience with Docker (building and running containers).

Security / Monitoring

• Experience with Wazuh or other SIEM / security monitoring solutions;
• Understanding of logging, alerting, and basic HIDS principles;
• Hands-on experience with Cloudflare (DNS, basic WAF configuration).

DevOps / Automation

• Experience with CI/CD tools (GitLab CI, GitHub Actions);
• Infrastructure as Code: Terraform;
• Bash or Python for basic automation tasks.

Networking

• Understanding of HTTP/S, DNS, and TLS;
• Basic knowledge of cloud networking concepts.

Responsibilities:

• Maintain and enhance CI/CD pipelines with integrated security checks;
• Support and operate Kubernetes clusters (AWS EKS);
• Configure and maintain Wazuh (agents, basic rules, alerts, dashboards);
• Support and optimize Cloudflare services (DNS, basic WAF rules, rate limiting);
• Deploy and update infrastructure using IaC (Terraform / CloudFormation);
• Manage access controls (AWS IAM, Kubernetes RBAC);
• Monitor logs and security alerts and participate in incident response;
• Apply basic hardening practices for containers and EKS nodes;
• Collaborate with development teams to ensure secure application deployments;
• Configure infrastructure according to CIS benchmarks.

Nice to Have:

• Experience with security scanning tools (Burp, Snyk, kube-bench);
• Familiarity with AWS Security Hub or GuardDuty;
• Basic understanding of Zero Trust principles;
• Experience with multi-account AWS environments;
• Exposure to security policies or compliance controls;
• Experience with ELK Stack.
   

What We Offer:

• Work in a team with established processes and mentoring;
• Clear growth path toward a Senior DevSecOps Engineer role;
• Modern cloud-native technology stack (AWS, Kubernetes, Terraform);
• Flexible work format (remote / hybrid);
• Competitive compensation based on experience

Who We Are 
 

At Digital Shelf by NIQ, we’re passionate about technological innovation and excellence in cybersecurity. Our cutting-edge solutions enable us to scrape data for 12 billion products and manage over 20 billion data points. In a market where anti‑bot technologies represent a $10B industry in constant evolution and consolidation, our dedicated teams tackle real‑world challenges with precision and creativity. 
 

What You’ll Do 
 

• Reverse Engineering & Decompilation: 
  Analyze web and mobile applications (APK/IPA) to uncover hidden mechanisms. Disassemble code to understand its inner workings, with a focus on cryptographic functions that secure our systems. 
• Overcoming Anti‑Bot Mechanisms: 
  Evaluate and bypass advanced security protocols such as TLS, HTTP/2, HTTP/3, WebSockets, DoH, and session management. Identify vulnerabilities to enhance our data extraction methods. 
• Developing Custom Tools: 
  Build robust Python scripts and frameworks that automate bypass procedures and dynamically adjust security measures, whether by modifying TLS stacks or patching JavaScript on the fly. 
• Implementing Stealthy Scraping Techniques: 
  Engineer sophisticated methods such as browser patching, headless browser evasion, proxy tunneling, and human‑behavior emulation to keep our operations discreet. 
• Continuous Innovation: 
  Regularly test, disrupt, and improve our tools to stay ahead of ever‑evolving defenses. 

Your Profile 
 

• P45510n4t3 C0d3 W4rr10r: 
  You thrive on pushing systems to their limits while upholding the highest ethical standards. R3v3rs3 3ng1n33r1ng isn’t just a skill it’s your creative playground. 
• R3v3rs3 3ng1n33r1ng Expertise: 
  Whether using tools like IDA Pro, Ghidra, or your own custom-built solutions, you excel at dissecting both binary and web code to uncover core functionalities. 
• W3b & N3tw0rk Pr0t0c0l Savant: 
  You possess deep expertise in pr0t0c0ls such as TLS, HTTP/2, WebSockets, DoH, and more, leveraging that knowledge to find innovative solutions. 
• Advanced Python Developer: 
  Your coding abilities go far beyond basic scripting. We're looking for a coder, someone who can design and implement robust, efficient solutions for complex challenges. 
• Collaborative Innovator: 
  While you excel as an independent problem-solver, you also thrive in a dynamic team environment that values open communication and continuous learning. 

How to Apply 
 

If you’re a dedicated code warrior with a passion for dissecting and rebuilding intricate systems and you consistently deliver high‑quality, efficient code, send us your resume.

What we offer

Direct contract with the USA
Flexible work hours and remote work

20 business days of paid vacation
Flexible days off

Maternity/Paternity leaves

Medical insurance 

Join Digital Shelf by NIQ and help us reshape the digital frontier. 

About The Position

MWDN is an international recruitment and outstaffing company with 23+ years of experience connecting exceptional tech talent with leading companies across Israel, the USA, Great Britain, and Western Europe. In this role, MWDN acts as the recruitment partner, and the selected candidate will work directly with the client’s team on their product in an international environment.
 

Why does MWDN rock?

Here’s what you can expect when you join MWDN:

• Security: We carefully vet our clients to minimize risks and ensure reliability and timely payments—no fraud or unpleasant surprises.
• Career support: If a project isn’t the right fit, we support you and actively help find new opportunities that match your skills and career goals.
• Legal assistance: We provide guidance on legal matters, including opening and managing your independent contractor or sole proprietorship status, taxes, and related processes.
• Professional development: We offer English courses and professional growth opportunities, as well as team-building events.

Why choose us? MWDN is ranked among the top 5 IT employers in our region according to DOU. We take pride in our transparency and strong commitment to our team. Curious to learn more? See what our employees say about working with us on DOU.
 

What is your new project?

• Domain: Identity and Access Management (IAM) software
• Location: Israel
• Company size: 200-500 employees
• Founded in: 2014
   

What is your new project?

Are you ready to join a game-changing force in identity and access management?

Our client is revolutionizing the way enterprises protect user identities in a passwordless world. You’ll be working at the intersection of cutting-edge biometrics, behavioral analytics, and next-gen identity orchestration — helping the world’s leading brands safeguard millions of users. Backed by more than 100 M Series A — one of the largest in cybersecurity history — and trusted by major global enterprises, they offer the agility of an innovator with the strength and backing of an industry leader.

Ready to take part in redefining IAM for the modern era? Let’s talk.
 

What makes you a great fit

• 3+ years of hands-on experience in security research, mobile security, browser research, fraud research, detection research, reverse engineering, or a related technical role.
• Experience with web browsers, mobile browsers, WebViews, browser APIs, JavaScript runtime behavior, browser automation, fingerprinting, client-side web security, and low-level browser technologies.
• Familiarity with the architecture or codebase of modern open-source browsers and rendering engines, such as Chromium, WebKit, Blink, or Gecko, with the ability to reason about how browser internals can expose new security and fraud signals.
• Experience with native Android and/or iOS applications, mobile OS behavior, app instrumentation, emulators, device spoofing, mobile automation, mobile security, and low-level platform APIs.
• Attacker mindset and practical understanding of how malicious actors attempt to bypass detection using automation, AI agents, spoofing, and anti-detection techniques.
• Ability to identify subtle technical signals and turn them into practical detection or data collection opportunities.
• Experience designing technical experiments and validating research hypotheses.
• Experience with one or more SDK development languages and environments, such as TypeScript/JavaScript for web, Kotlin/Java for Android, or Swift/Objective-C for iOS, with the ability to understand implementation constraints and collaborate effectively with SDK engineering teams.
• Scripting ability, preferably in Python, for building research tools, automation, and analysis workflows.
• Ability to work independently on ambiguous problems and communicate findings clearly to engineering, product, and research stakeholders.
   

Advantages

• Experience with Web SDKs, Mobile SDKs, client-side telemetry, device intelligence, behavioral signals, AI agent detection, or fraud detection products.
• Experience researching bots, credential stuffing, scraping, headless browsers, AI-assisted automation, app cloning, SDK abuse, phishing kits, malware, or
• anti-detection frameworks.
• Experience with reverse engineering Android or iOS applications.
• Familiarity with detection quality measurement, feature evaluation, false-positive analysis, production monitoring, or machine learning concepts.
• Bachelor’s degree in Computer Science, Cybersecurity, Data Science, or a related field— or equivalent hands-on experience.
  
   

Your day-to-day in this position

• Research browser, WebView, Android, and iOS environments from an attacker’s perspective.
• Identify new security signals, behavioral indicators, and technical patterns that can improve fraud, abuse, automation, and AI agent detection.
• Investigate attacker techniques involving bots, browser automation, AI agents, emulators, device spoofing, hooking, instrumentation, remote access tools, and
• anti-detection methods.
• Design and run experiments to compare legitimate, automated, AI-assisted, and manipulated environments.
• Evaluate proposed signals for reliability, stability, spoofability, privacy sensitivity, performance impact, and production feasibility.
• Translate research findings into clear SDK feature requirements for web and mobile data collection.
• Build internal tools, scripts, and lab environments to support signal research and validation.
• Collaborate with SDK, engineering, product, and detection teams to move research from hypothesis to production.
  
   

Our next steps

✅ Intro call with a Recruiter — ✅ Intro call with client — ✅ Technical interview — ✅ CTO interview — ✅ HR interview — ✅ Reference check — ✅ Offer

About the company

Our client is a leading autonomous vehicle technology company operating at the cutting edge of self-driving software development. 

Role overview

We are not looking for a traditional SOC analyst. This role is about building detection systems, not clicking through alerts. You will work with large volumes of logs (cloud, application, network), design detection logic, and improve it over time. That includes both rule-based detection (SIEM/XDR) and data-driven approaches (statistical models, anomaly detection, simple ML where it makes sense). You should be comfortable treating logs as a data problem, not just a monitoring stream.

Important! This is not a role where you:

• sit in SIEM all day clicking alerts
• blindly add rules
• overcomplicate things with ML

This is a role where you: build detection systems that work in practice.

What you'll be doing

Detection & analytics

• Build and maintain detections across:
• application logs (auth, APIs, business logic abuse)
• cloud activity (CloudTrail, IAM, infrastructure changes)
• network telemetry (DNS, proxy, firewall, NetFlow)
• Work directly with data in platforms like Elasticsearch / Splunk / similar
• Write and tune detection logic (queries, correlation rules)
• Reduce noise — expect to spend time fixing false positives, not just adding new rules.

Working with data (this is a big part of the job)

• Build pipelines for:
• log ingestion
• normalization
• feature extraction
• Work with streaming or batch pipelines (Kafka / queues / scheduled jobs)
• Turn raw logs (e.g. CloudTrail) into structured data usable for detection.

Anomaly detection / ML (practical, not theoretical)

• Apply simple models where they add value (e.g. One-Class SVM or similar approaches)
• Focus on:
• behavior baselining
• anomaly scoring
• Tune models based on real output (false positives matter more than theory) 
• If ML does not improve signal — don't use it.

Automation & response

• Build response playbooks for common cases
• Automate where it actually saves time (not for the sake of it)
• Integrate with SOAR or write lightweight orchestration
• Improve:
• detection speed
• response consistency.

AI usage (realistic expectations)

• Use LLMs for:
• alert enrichment
• investigation summaries
• internal tooling
• Not building an "AI security platform"
• Focus on practical gains, not hype.

Threat hunting

• Run targeted hunts based on hypotheses
• Use internal data + external signals
• Identify gaps in logging and detection.

Requirements

• Solid experience with SIEM (Elastic, Splunk, Sentinel, etc.)
• Strong understanding of:
• cloud activity (especially AWS logs and IAM)
• network basics
• modern application behavior (APIs, auth flows)
• Comfortable working with large datasets (not afraid of raw logs)
• Python or similar for data processing
• Experience with automation (SOAR or custom scripts).

Nice-to-have (but not critical)

• Experience applying ML to logs (even simple models is enough)
• Familiarity with LLMs in tooling (not research)
• Experience with data pipelines (Kafka, Spark, etc.)
• MITRE ATT&CK mapping

What will make you effective here

• You don't trust alerts blindly
• You care about signal quality, not number of detections
• You can debug why a detection is noisy or useless
• You understand systems, not just tools
• You prefer building something once instead of repeating manual work.

How success looks like

• Fewer false positives
• Better visibility across systems
• Faster investigations
• Less manual work in SOC
• Detections that actually catch real issues

We are looking for a practical security engineer who can improve detection quality, investigate real incidents, and help reduce manual SOC work.

This role is not about building an “AI security platform”. The focus is on better visibility, cleaner detections, faster investigations, and useful automation.

What You Will Work On

Threat Hunting

Run targeted hunts based on clear hypotheses, including:

• Suspicious cloud activity
• Abnormal IAM or API usage
• Unusual network or application behavior
• Weak or missing detection coverage
• Gaps in logging and telemetry

You will use internal data and external threat intelligence to validate risks and improve detection logic.

Security Incident Investigation

Investigate security alerts and incidents end-to-end:

• Understand what happened
• Validate whether the alert is real or noisy
• Identify affected users, systems, and data
• Collect evidence from logs and infrastructure
• Document findings clearly
• Recommend fixes or detection improvements

Expected experience: 2+ years of hands-on security incident investigation.

Detection Engineering

Improve existing detections and create new ones where needed:

• Reduce false positives
• Improve signal quality
• Tune alerts based on real data
• Validate whether detections catch meaningful activity
• Map useful detections to MITRE ATT&CK where appropriate

Automation and Internal Tooling

Build small but useful tools to reduce repetitive work:

• Scripts for log analysis
• Alert enrichment
• Investigation helpers
• Data normalization
• Tool integrations
• Basic SOAR-style automation

Practical AI / LLM Usage

Use LLMs only where they bring practical value:

• Alert enrichment
• Investigation summaries
• Internal tooling
• Analyst productivity

No hype. No AI-first positioning. AI is just one tool in the workflow.

Requirements

• Solid experience with SIEM tools, such as:   - Elastic   - Splunk   - Microsoft Sentinel   - Similar platforms
• 2+ years investigating real security incidents
• Strong understanding of:   - AWS logs and IAM activity   - Cloud security basics   - Network fundamentals   - APIs, authentication flows, and modern application behavior
• Comfortable working with:   - Large datasets   - Raw logs   - Noisy alerts   - Incomplete telemetry
• Python or similar language for data processing
• Experience with automation:   - SOAR   - Scripts   - Internal tools   - Custom workflows
• Basic DevOps knowledge:   - AWS   - Linux   - Docker   - Kubernetes basics   - CI/CD basics   - Cloud infrastructure concepts   - Logs, metrics, and monitoring

Nice to Have

• Experience applying simple ML or statistical methods to logs
• Familiarity with LLMs in internal tooling
• Experience with data pipelines:   - Kafka   - Spark   - Similar systems
• MITRE ATT&CK mapping
• Detection-as-code experience
• Understanding of infrastructure monitoring:   - Prometheus   - Grafana   - OpenTelemetry

What Will Make You Effective Here

You will be effective in this role if:

• You do not trust alerts blindly
• You care about signal quality, not the number of detections
• You can explain why a detection is noisy or useless
• You understand systems, not just security tools
• You are comfortable reading raw logs
• You prefer building automation once instead of repeating manual work
• You can work with engineers and explain security findings in practical terms

Are you passionate about making the internet a safer place? We are looking for a Middle Security Operations Researcher to join our team and help protect enterprise clients from harmful bots and online threats. This is a remote, full-time role that offers the opportunity to work directly with global customers, analyzing traffic patterns and neutralizing malicious activity.

At Sigma Software, we value expertise, ownership, and proactive communication. You will collaborate with a diverse international team while enjoying the flexibility of working from anywhere.

Why join us? You will work on impactful cybersecurity projects, gain exposure to cutting-edge analytics tools, and contribute to safeguarding digital ecosystems worldwide.

CUSTOMER
Our customer is a global provider of comprehensive security solutions, protecting individuals, organizations, and communities from a wide range of risks, particularly in the digital space. Their enterprise-focused products specialize in bot defense and invalid traffic detection, helping clients safeguard critical systems and maintain operational integrity.

PROJECT
The project focuses on real-time threat detection and bot mitigation for enterprise-scale clients. Security Operations Researchers collaborate directly with customers, leveraging advanced analytics platforms to identify malicious traffic patterns and neutralize online threats. This dynamic environment requires both technical expertise and strong communication skills.

JOB DESCRIPTION:

• Provide Tier 2 technical support to customers in real time, delivering clear and professional responses
• Analyze logs, graphs, and dashboards, isolating and investigating data using tools like Kibana
• Manage and organize cases, tickets, and requests in Salesforce
• Perform back-office tasks, including writing and maintaining suspicious field expressions
• Write and optimize SQL queries for data retrieval, analysis, and manipulation in BigQuery
• Communicate with global customers, ensuring timely responses and effective issue resolution
• Work in a shift-based schedule, including weekend shifts

QUALIFICATION:

• 3+ years of experience in data analysis, including working with logs and dashboards
• Experience working with web traffic data, including HTTP traffic, logs, request analysis, and traffic pattern investigation
• Strong SQL skills: Common Table Expressions (CTE), aggregations, GROUP BY, ORDER BY, filters, window functions (e.g., RANK()), and subqueries
• Experience with SIEM systems. Nice to have: experience with the Elastic Stack
• Technical understanding of web technologies and client–server architecture (APIs, HTTP, basic HTML/JavaScript)
• Strong troubleshooting and problem-solving skills
• Experience in customer support, including direct communication with clients; professionalism and politeness are essential

• Strong English communication skills

   

WILL BE A PLUS:

• Experience in a Cybersecurity Analyst/Researcher role, ideally supporting external customers in threat detection and response
• Experience in web security and security research: web application security, bot management, fraud detection
• Basic Python skills
• Experience with Kibana

PERSONAL PROFILE:

• High level of responsibility and ownership
• Ability to work independently with minimal supervision
• Planning and decision-making skills with considerations for multiple integrated systems
• Proactive communicator who keeps stakeholders informed without being prompted

Work schedule: 40 hours per week, 5 days per week. Workdays can be adjusted to start earlier or later, including weekends if necessary.