Jobs Security

About the company

Our client is a leading autonomous vehicle technology company operating at the cutting edge of self-driving software development. 

Role overview

We are not looking for a traditional SOC analyst. This role is about building detection systems, not clicking through alerts. You will work with large volumes of logs (cloud, application, network), design detection logic, and improve it over time. That includes both rule-based detection (SIEM/XDR) and data-driven approaches (statistical models, anomaly detection, simple ML where it makes sense). You should be comfortable treating logs as a data problem, not just a monitoring stream.

Important! This is not a role where you:

• sit in SIEM all day clicking alerts
• blindly add rules
• overcomplicate things with ML

This is a role where you: build detection systems that work in practice.

What you'll be doing

Detection & analytics

• Build and maintain detections across:
• application logs (auth, APIs, business logic abuse)
• cloud activity (CloudTrail, IAM, infrastructure changes)
• network telemetry (DNS, proxy, firewall, NetFlow)
• Work directly with data in platforms like Elasticsearch / Splunk / similar
• Write and tune detection logic (queries, correlation rules)
• Reduce noise — expect to spend time fixing false positives, not just adding new rules.

Working with data (this is a big part of the job)

• Build pipelines for:
• log ingestion
• normalization
• feature extraction
• Work with streaming or batch pipelines (Kafka / queues / scheduled jobs)
• Turn raw logs (e.g. CloudTrail) into structured data usable for detection.

Anomaly detection / ML (practical, not theoretical)

• Apply simple models where they add value (e.g. One-Class SVM or similar approaches)
• Focus on:
• behavior baselining
• anomaly scoring
• Tune models based on real output (false positives matter more than theory) 
• If ML does not improve signal — don't use it.

Automation & response

• Build response playbooks for common cases
• Automate where it actually saves time (not for the sake of it)
• Integrate with SOAR or write lightweight orchestration
• Improve:
• detection speed
• response consistency.

AI usage (realistic expectations)

• Use LLMs for:
• alert enrichment
• investigation summaries
• internal tooling
• Not building an "AI security platform"
• Focus on practical gains, not hype.

Threat hunting

• Run targeted hunts based on hypotheses
• Use internal data + external signals
• Identify gaps in logging and detection.

Requirements

• Solid experience with SIEM (Elastic, Splunk, Sentinel, etc.)
• Strong understanding of:
• cloud activity (especially AWS logs and IAM)
• network basics
• modern application behavior (APIs, auth flows)
• Comfortable working with large datasets (not afraid of raw logs)
• Python or similar for data processing
• Experience with automation (SOAR or custom scripts).

Nice-to-have (but not critical)

• Experience applying ML to logs (even simple models is enough)
• Familiarity with LLMs in tooling (not research)
• Experience with data pipelines (Kafka, Spark, etc.)
• MITRE ATT&CK mapping

What will make you effective here

• You don't trust alerts blindly
• You care about signal quality, not number of detections
• You can debug why a detection is noisy or useless
• You understand systems, not just tools
• You prefer building something once instead of repeating manual work.

How success looks like

• Fewer false positives
• Better visibility across systems
• Faster investigations
• Less manual work in SOC
• Detections that actually catch real issues

About the company

Our client is a leading autonomous vehicle technology company operating at the cutting edge of self-driving software development. 

Role overview

We are not looking for a traditional SOC analyst. This role is about building detection systems, not clicking through alerts. You will work with large volumes of logs (cloud, application, network), design detection logic, and improve it over time. That includes both rule-based detection (SIEM/XDR) and data-driven approaches (statistical models, anomaly detection, simple ML where it makes sense). You should be comfortable treating logs as a data problem, not just a monitoring stream.

Important! This is not a role where you:

• sit in SIEM all day clicking alerts
• blindly add rules
• overcomplicate things with ML

This is a role where you: build detection systems that work in practice.

What you'll be doing

Detection & analytics

• Build and maintain detections across:
• application logs (auth, APIs, business logic abuse)
• cloud activity (CloudTrail, IAM, infrastructure changes)
• network telemetry (DNS, proxy, firewall, NetFlow)
• Work directly with data in platforms like Elasticsearch / Splunk / similar
• Write and tune detection logic (queries, correlation rules)
• Reduce noise — expect to spend time fixing false positives, not just adding new rules.

Working with data (this is a big part of the job)

• Build pipelines for:
• log ingestion
• normalization
• feature extraction
• Work with streaming or batch pipelines (Kafka / queues / scheduled jobs)
• Turn raw logs (e.g. CloudTrail) into structured data usable for detection.

Anomaly detection / ML (practical, not theoretical)

• Apply simple models where they add value (e.g. One-Class SVM or similar approaches)
• Focus on:
• behavior baselining
• anomaly scoring
• Tune models based on real output (false positives matter more than theory) 
• If ML does not improve signal — don't use it.

Automation & response

• Build response playbooks for common cases
• Automate where it actually saves time (not for the sake of it)
• Integrate with SOAR or write lightweight orchestration
• Improve:
• detection speed
• response consistency.

AI usage (realistic expectations)

• Use LLMs for:
• alert enrichment
• investigation summaries
• internal tooling
• Not building an "AI security platform"
• Focus on practical gains, not hype.

Threat hunting

• Run targeted hunts based on hypotheses
• Use internal data + external signals
• Identify gaps in logging and detection.

Requirements

• Solid experience with SIEM (Elastic, Splunk, Sentinel, etc.)
• Strong understanding of:
• cloud activity (especially AWS logs and IAM)
• network basics
• modern application behavior (APIs, auth flows)
• Comfortable working with large datasets (not afraid of raw logs)
• Python or similar for data processing
• Experience with automation (SOAR or custom scripts).

Nice-to-have (but not critical)

• Experience applying ML to logs (even simple models is enough)
• Familiarity with LLMs in tooling (not research)
• Experience with data pipelines (Kafka, Spark, etc.)
• MITRE ATT&CK mapping

What will make you effective here

• You don't trust alerts blindly
• You care about signal quality, not number of detections
• You can debug why a detection is noisy or useless
• You understand systems, not just tools
• You prefer building something once instead of repeating manual work.

How success looks like

• Fewer false positives
• Better visibility across systems
• Faster investigations
• Less manual work in SOC
• Detections that actually catch real issues

Our client is an international product-based IT company specializing in the iGaming industry. Born in 2014, they rocked the CIS region, and now take the success to the world. 

We are currently looking for a Anti-Fraud Specialist to strengthen our fraud prevention efforts in betting and casino products. This role involves analyzing user behavior, identifying suspicious activity, and improving anti-fraud processes. We value a proactive, detail-oriented mindset and strong analytical thinking.

📋 Key responsibilities and your contribution:

- Monitoring and analyzing betting and casino games to detect abnormal activity, fraudulent schemes.
- Developing and implementing anti-fraud systems: creating and optimizing algorithms designed to prevent fraud in games.
- Analyzing players and their behavior using statistical methods to identify suspicious patterns.
- Responding to incidents: conducting investigations into suspicious situations, identifying and blocking fraudsters.
- Preparing reports: creating reports on detected frauds and system vulnerabilities.

📚 Your qualifications:

- 1+ year of experience in anti-fraud and security in gambling or related industries (e.g., online casinos, sports betting, poker sites).
- Knowledge of poker and casino games, understanding of various types of fraud in these areas (e.g., bot usage, exploiting bonus offers, player collusion, etc.).
- Experience with Excel and analytical tools: Tableau/ PowerBI (will be a plus) for data analysis and anomaly detection.
- Knowledge and understanding of anti-fraud systems, such as real-time fraud prevention systems (e.g., session monitoring, transaction processing).
- Ability to perform detailed data analysis and identify unconventional user behavior patterns.
- Monitor and detect marketing-related fraud activities (bonus abuse, multi-accounting, affiliate fraud, CPA traffic manipulation), analyze user behavior and traffic patterns.

➕ Nice to have:

- Experience with machine learning systems for analyzing player behavior.
- Creating dashboards in Tableau or other analytical tools.

Benefits:

⭐ Days of recovery: 20 paid vacation day per year and unlimited sick leave days.
⭐ Health: corporate medical insurance, a company psychologist and a Cafeteria of Benefits for personal wellness choices.
⭐ Education: a variety of foreign languages course for you to choose from. Also we are open for your development and you can choose different courses /training for improving your skills.
⭐ Compensation: additional benefits that can be used according to company policy, e.g. paid business trips, international conference opportunities, lunch perks at our offices etc.
⭐ Work Environment: work remotely or from one of our offices in Cyprus, Portugal, Poland, equipped with the equipment you’ll need for success.

One of the world's largest providers of products and services to the energy industry has a need to develop, support and integrate software system in Oil & Gas domain.
You will be a member of a cross functional team.
Key project stakeholders are open for innovative ideas.
Project is based on SCRUM methodology.
This is a great opportunity to work in an international team, apply and learn modern IT technologies

• Responsibilities:

  Application Security with strong AI/ML security exposure
  Threat modeling and risk assessment for AI systems, APIs, and cloud-native applications
  Protection against prompt injection, adversarial ML, data poisoning, and model abuse
  Secure SDLC and CI/CD integration, including MLOps pipelines
  Hands-on experience with SAST, DAST, SCA, container scanning, and security automation
  Strong collaboration with development and data science teams

• Mandatory Skills Description:

  5+ years in Application Security, with at least 1-2 years focused on AI/ML security
  Strong secure coding and vulnerability management background (OWASP Top 10)
  Experience with cloud platforms (AWS and/or Azure)
  Strong programming skills in Python or Java
  Familiarity with AI platforms such as Amazon Bedrock, SageMaker, or Spark
  Strong communication skills

• Nice-to-Have Skills Description:

  Good knowledge of Microsoft Active Directory services
  Firewall and security group administration practical experience.
  Good understanding of AICPA SOC2 controls and processes.
  Thorough knowledge of network security and protocols.
  Knowledge of cryptography protocols and hands-on experience in SSL certificates generation.
  Penetration testing hands-on experience in Azure and AWS cloud environments and Kubernetes clusters.
   Web and desktop applications penetration testing hands-on experience.

Project description

One of the world's largest providers of products and services to the energy industry has a need to develop, support and integrate software system in Oil & Gas domain.
You will be a member of a cross functional team.
Key project stakeholders are open for innovative ideas.
Project is based on SCRUM methodology.
This is a great opportunity to work in an international team, apply and learn modern IT technologies

Responsibilities

Application Security with strong AI/ML security exposure

Threat modeling and risk assessment for AI systems, APIs, and cloud-native applications

Protection against prompt injection, adversarial ML, data poisoning, and model abuse

Secure SDLC and CI/CD integration, including MLOps pipelines

Hands-on experience with SAST, DAST, SCA, container scanning, and security automation

Strong collaboration with development and data science teams

Skills

Must have

5+ years in Application Security, with at least 1-2 years focused on AI/ML security

Strong secure coding and vulnerability management background (OWASP Top 10)

Experience with cloud platforms (AWS and/or Azure)

Strong programming skills in Python or Java

Familiarity with AI platforms such as Amazon Bedrock, SageMaker, or Spark

Strong communication skills

Nice to have

Good knowledge of Microsoft Active Directory services

Firewall and security group administration practical experience.

Good understanding of AICPA SOC2 controls and processes.

Thorough knowledge of network security and protocols.

Knowledge of cryptography protocols and hands-on experience in SSL certificates generation.

Penetration testing hands-on experience in Azure and AWS cloud environments and Kubernetes clusters.

Web and desktop applications penetration testing hands-on experience.

Languages

English: B2 Upper Intermediate

• One of the world's largest providers of products and services to the energy industry has a need to develop, support and integrate software system in Oil & Gas domain.
  You will be a member of a cross functional team.
  Key project stakeholders are open for innovative ideas.
  Project is based on SCRUM methodology.
  This is a great opportunity to work in an international team, apply and learn modern IT technologies
   

• Responsibilities:

  Application Security with strong AI/ML security exposure
  Threat modeling and risk assessment for AI systems, APIs, and cloud-native applications
  Protection against prompt injection, adversarial ML, data poisoning, and model abuse
  Secure SDLC and CI/CD integration, including MLOps pipelines
  Hands-on experience with SAST, DAST, SCA, container scanning, and security automation
  Strong collaboration with development and data science teams
   

• Mandatory Skills Description:

  5+ years in Application Security, with at least 1-2 years focused on AI/ML security
  Strong secure coding and vulnerability management background (OWASP Top 10)
  Experience with cloud platforms (AWS and/or Azure)
  Strong programming skills in Python or Java
  Familiarity with AI platforms such as Amazon Bedrock, SageMaker, or Spark
  Strong communication skills

GSOC Manager (Tier 4) | Full-time | Business hours + on-call availability

We are looking for a GSOC Manager (Tier 4) to own and lead the Global Security Operations Center at a program level.

This role is responsible for end-to-end GSOC performance, governance, vendor management, and strategic development, ensuring operational excellence across all global sites.

🔹 Key responsibilities:

• Own overall GSOC performance, monitor KPIs, ensure SLA compliance, and drive continuous improvement initiatives
• Lead monthly operational reviews with Shift Supervisors and quarterly steering reviews with CSO and regional security leadership
• Manage GSOC staffing model including hiring, onboarding, shift planning, and performance management for Bangalore-based teams
• Act as primary owner of vendor relationships, including Verkada and other integrated security technology providers
• Maintain and continuously update SOPs, escalation protocols, and the GSOC CONOPS playbook
• Manage GSOC budget including headcount, tooling, training, and operational expenses
• Oversee post-incident reviews for all P1 events and ensure corrective actions are implemented
• Coordinate cross-functionally with IT, Facilities, Legal, and HR on security-related initiatives
• Represent GSOC in executive-level forums and provide regular reporting to CSO on performance, risk, and roadmap
• Drive automation and technology improvements to reduce false positives and operator workload

🔹 Requirements:

• 8–12 years of experience in physical or corporate security, with 3–4+ years in SOC/GSOC leadership roles
• Strong program management skills, including vendor management and budget ownership
• Executive-level communication skills in English
• Deep understanding of physical security systems (CCTV, access control, cloud security platforms)
• Proven experience leading distributed operational teams across shifts and time zones

🔹 Nice to have:

• CPP (Certified Protection Professional) certification — strongly preferred
• Experience managing GSOC operations for 50+ global sites
• Familiarity with ASIS International standards and security frameworks
• Experience with Verkada or similar enterprise physical security platforms
• Understanding of privacy regulations (GDPR, PDPA, PIPL) related to video surveillance and data governance

GSOC Shift Supervisor (Tier 3) | Full-time | Shift-based (24/7 coverage)

We are looking for a GSOC Shift Supervisor (Tier 3) to lead global security operations during active shifts.

This is the highest operational authority role on shift, responsible for commanding critical incidents (P1), managing shift performance, and coordinating executive-level communication during major events.

🔹 Key responsibilities:

• Take full command of all P1 (Critical) incidents from initiation to resolution
• Serve as the main communication point for executive leadership, regional managers, and external authorities (law enforcement, emergency services)
• Monitor and manage shift performance in real time (SLA compliance, workload distribution, escalation support)
• Conduct structured shift handovers between outgoing and incoming supervisors ensuring full operational continuity
• Authorize emergency actions such as door lockdowns, access suspension, and evacuation support
• Approve deviations from standard SOPs when required and document decision rationale
• Review and approve all incident reports generated during the shift
• Identify recurring issues, SOP gaps, and training needs, escalating them to GSOC management
• Act as GSOC Manager designate during absence periods when required

🔹 Requirements:

• 5–8 years of experience in physical security, corporate security operations, SOC/GSOC, or related field
• At least 2 years in a supervisory, shift lead, or team lead role
• Proven experience managing high-pressure, time-critical security incidents
• Strong leadership skills with the ability to coordinate multiple stakeholders during active incidents
• Excellent English communication skills, including executive-level reporting
• Strong understanding of video surveillance, access control, and integrated security systems

🔹 Nice to have:

• Prior experience in a SOC/GSOC shift supervisor or lead role in a global enterprise environment
• Formal incident command training (ICS, BSIA, or equivalent)
• Security certifications such as CPP, PSP, or equivalent senior credentials
• Experience with crisis communication and coordination with law enforcement

Security Monitoring Officer (SMO) | GSOC | Full-time | Shift-based (24/7 rotation)

We are looking for a Security Monitoring Officer (Tier 1) to join a global Security Operations Center (GSOC).

This is a frontline role responsible for real-time security monitoring and first-level incident response across global sites.

🔹 Key responsibilities:

• Monitor live video feeds, access control systems, sensors, and device health via Verkada Command
• Acknowledge, triage, and classify security alerts within SLA timelines (P1 < 1 min, P4 < 15 min)
• Execute Tier 1 SOPs for low and medium severity incidents
• Escalate P1/P2 incidents to Tier 2 analysts
• Maintain accurate incident logs in the GSOC ticketing system
• Monitor device health and trigger auto-remediation for offline cameras/controllers
• Communicate with Site Security Liaisons during active incidents
• Perform structured shift handovers with complete incident updates

🔹 Requirements:

• 1–3 years of experience in CCTV, physical security monitoring, SOC/NOC, or similar operations environment
• Experience with video surveillance and access control systems (Verkada is a strong advantage)
• Strong English communication skills (written and spoken)
• Ability to stay focused and composed in high-pressure situations
• Willingness to work rotating shifts (nights, weekends, holidays)

🔹 Nice to have:

• Experience with ServiceNow, Jira, or similar ticketing systems
• Basic understanding of IP networking and camera connectivity
• Security certifications (SIA, CPP foundation level, etc.)

One of the world's largest providers of products and services to the energy industry has a need to develop, support and integrate software system in Oil & Gas domain.
You will be a member of a cross functional team.
Key project stakeholders are open for innovative ideas.
Project is based on SCRUM methodology.
This is a great opportunity to work in an international team, apply and learn modern IT technologies

Responsibilities

Application Security with strong AI/ML security exposure

Threat modeling and risk assessment for AI systems, APIs, and cloud-native applications

Protection against prompt injection, adversarial ML, data poisoning, and model abuse

Secure SDLC and CI/CD integration, including MLOps pipelines

Hands-on experience with SAST, DAST, SCA, container scanning, and security automation

Strong collaboration with development and data science teams

Skills

Must have

5+ years in Application Security, with at least 1-2 years focused on AI/ML security

Strong secure coding and vulnerability management background (OWASP Top 10)

Experience with cloud platforms (AWS and/or Azure)

Strong programming skills in Python or Java

Familiarity with AI platforms such as Amazon Bedrock, SageMaker, or Spark

Strong communication skills

Nice to have

Good knowledge of Microsoft Active Directory services

Firewall and security group administration practical experience.

Good understanding of AICPA SOC2 controls and processes.

Thorough knowledge of network security and protocols.

Knowledge of cryptography protocols and hands-on experience in SSL certificates generation.

Penetration testing hands-on experience in Azure and AWS cloud environments and Kubernetes clusters.

Web and desktop applications penetration testing hands-on experience.

ICONIC21 is a premier provider of live dealer and casino games, delivering a diverse and immersive portfolio for global markets. We create high-quality gaming experiences focused on innovation, reliability, and strong visual appeal.

Our portfolio covers live casino games, slot games, and virtual (RNG) products, all designed to maximize player engagement and long-term value. Every solution we deliver is built to elevate our partners’ brands and enhance the overall gaming experience.

ICONIC21 is looking for experienced Technical Compliance Manager to own and drive the technical side of our regulatory compliance programme across multiple igaming jurisdictions. You will be the primary point of contact for all technical certification and audit matters, ensuring our platform, games, and information security practices meet the requirements of our licensed markets — and are ready for the new ones on the horizon.

Responsibilities:
Information Security Management (ISMS)

• Implement and maintain the ISO/IEC 27001 ISMS framework, ensuring policies, controls, and documentation remain audit-ready at all times.
• Lead internal ISMS audits, risk assessments, and management reviews; coordinate external surveillance and recertification audits.

• Manage remediation of audit findings and drive continuous improvement of security controls.

   

RNG & Games Certification

• Manage the end-to-end RNG, gaming platform and games certification process across regulated markets, working directly with approved Testing Laboratories (BMM, GLI, Gaming Associates, etc.).
• Coordinate technical submissions — maths reports, PAR sheets, game logic documentation — to labs and regulators.
• Track certification status for all game titles and ensure no non-certified game is made available in regulated markets.

• Liaise with the Game Development and Platform teams to integrate compliance checkpoints into the release pipeline.

   

Multi-Jurisdictional Regulatory Compliance 

• Acting as the technical compliance lead across regulated markets, including Malta (MGA), Ontario (AGCO), Romania (ONJN), Italy (ADM), Portugal (SRIJ), and additional markets as the business expands.
• Interpret technical requirements from regulatory frameworks and translate them into actionable specifications for internal engineering teams.
• Prepare, submit, and track technical licence applications and renewals, including system audits, platform certifications, and technical standards submissions.

• Maintain a compliance matrix mapping each jurisdiction's technical requirements to platform capabilities and evidence artifacts.

   

Regulatory Relationships & Submissions

• Serve as the primary technical liaison with regulators, testing labs, and certification bodies.
• Prepare and review technical documentation — system descriptions, data flow diagrams, security architectures — for regulatory submission.

• Monitor regulatory developments and proactively assess the technical impact of new or amended requirements.

   

Cross-Functional Collaboration

• Partner with Product, Engineering, and Platform teams to embed compliance into the software development lifecycle (SDLC).
• Advise on technical architecture decisions from a compliance and certification perspective.
• Support the Legal & Commercial teams with technical input during market entry assessments and licence applications.

• Provide training and awareness to internal stakeholders on technical compliance obligations.

   

Requirements:

• Proven experience of 5+ years in a technical compliance, regulatory, or information security role within the iGaming industry.
• Hands-on experience with ISMS implementation and ISO/IEC 27001 audits.
• Direct experience managing RNG and game certification processes with recognized testing laboratories.
• Proven track record working across multiple regulated jurisdictions.
• Strong understanding of iGaming technical standards, including MGA and AGCO frameworks.
• Knowledge of RNG standards and game mathematics.
• Strong understanding of information security frameworks.
• Knowledge of responsible gambling technical requirements and player protection mechanisms.

• Advanced English.

   

What We Offer:

• Challenging and exciting tasks, and all the needed tools to achieve them.
• A real opportunity for professional growth in a team of professionals.
• 21 days of vacation, 5 flexible days for your needs, 15 sick leave days.
• National holidays according to the official calendar.
• Individual benefit limit to support your health and wellness needs.
• Annual bonus based on company and individual performance results.

About Playson

Founded in 2012, Playson is a leading iGaming supplier recognized worldwide. We provide our partners with a high-end, microservice-based Platform-as-a-Service capable of processing billions of financial transactions daily. Our global infrastructure is designed for cross-regional performance, with a relentless focus on latency reduction and flawless player experience, regardless of bandwidth or connectivity.

We are now building a Platform & Cloud Security function and are looking for the first hire to launch and lead it. This is a rare opportunity to set the standards from scratch and shape how security is embedded into a modern, high-load, cloud-native environment.

Key Responsibilities

• Establish the DevSecOps function at Playson, defining best practices and security standards across the Platform Tribe.
• Integrate security into CI/CD pipelines (SAST, DAST, dependency scanning, container scanning).
• Harden infrastructure and runtime environments (Linux, Docker, Kubernetes/EKS, RBAC).
• Design and enforce cloud security controls in AWS (IAM least-privilege, GuardDuty, Security Hub, encryption at rest/in transit).
• Define and maintain IaC security policies (Terraform/Terragrunt, drift detection, policy-as-code).
• Implement and manage secrets management solutions (Vault, AWS Secrets Manager).
• Build centralized security monitoring & alerting (Datadog, ELK, CloudWatch, SIEM/SOAR).
• Lead vulnerability management and threat modeling practices.
• Automate workflows through scripting (Python, Bash).
• Partner with backend, infrastructure, and platform engineers to embed security in design & delivery.
• Contribute to compliance readiness (ISO 27001, GDPR, PCI-DSS).
• Act as a security subject-matter expert, mentoring engineers and raising awareness.
• Continuously evaluate and implement new security tools and approaches.

Requirements

• 5+ years in Security Engineering / DevSecOps roles, with proven success delivering secure infrastructure and applications.
• Strong skills in Python and Bash for building and automating security workflows.
• Cloud Security (AWS focus) - Deep knowledge of IAM least-privilege design, encryption at rest/in transit, GuardDuty, Security Hub, and best practices for securing multi-account environments.
• Implementation of security controls in pipelines (SAST, DAST, dependency scanning, container image scanning, policy-as-code).
• Hardening of Linux systems, Docker, Kubernetes/EKS; strong experience with RBAC, PodSecurity/OPA/Gatekeeper/Kyverno policies.
• Terraform/Terragrunt, including policy-as-code, drift detection, and compliance enforcement.
• Expertise with HashiCorp Vault, AWS Secrets Manager, or equivalent.
• Hands-on with centralized logging, SIEM/SOAR tools (Datadog Security, ELK, CloudWatch, etc.) and incident response workflows.
• In-depth understanding of secure network design, segmentation, and monitoring.
• Experience with tools enabling temporary, approval-based access (Teleport, AWS IAM Identity Center, Okta, etc.).
• Ability to design and enforce zero trust principles (continuous verification, microsegmentation, contextual access).
• Familiarity with SBOM generation (CycloneDX, Syft), artifact signing (Cosign, Sigstore), and applying SLSA/in-toto frameworks.
• Understanding of ISO 27001, GDPR, PCI-DSS (iGaming relevance), plus experience automating compliance checks with IaC and policy engines.

Nice to have:

• Exposure to Kafka or ClickHouse in security-sensitive environments.
• Familiarity with GitOps tooling (FluxCD/ArgoCD).
• Broader knowledge of SOC 2, HIPAA, or other regulatory frameworks.

What We Offer

• Compensation at top industry standards + quarterly bonuses based on transparent evaluation.
• Remote-first flexibility and adaptable working hours.
• Unlimited paid vacation & sick leave.
• Comprehensive medical insurance (for you and your partner).
• Financial support for major life events.
• Professional growth budget for courses, training, and certifications.

Recruitment Process

1. HR Interview – 45 min
2. Hiring Manager Interview – 60 min
3. Technical Interview – 90 min
4. Final Interview with Head of Platform & CTO – 60 min

N-iX is looking for skilled Senior/Lead Active Directory Engineer to join our team! Our customer is the European online car market with over 30 million monthly users, with a market presence in 18 countries. As a Lead Active Directory Engineer, you will play a pivotal role in shaping the future of online car markets and enhancing the user experience for millions of car buyers and sellers. We require a Lead Engineer to assess, clean up, and harden multiple inherited single-forest, single-domain Active Directory environments. These environments require standardization, security hardening, and alignment with current best practices. The focus will be on improving AD structure, security posture, Group Policy hygiene, and operational consistency, while also evaluating long-term viability and integration with enterprise IAM platforms. This is a hands-on senior role requiring deep expertise in Active Directory architecture, security, identity integration, and remediation of legacy configurations, including alignment with industry audit and compliance standards (e.g., PCI DSS).

Requirements:

• EDT Timezone work hours
• Extensive hands-on experience (typically 7+ years) with Active Directory engineering and administration.
• Proven experience performing AD clean-up, consolidation, or post-transition integration work.
• Strong expertise in: Active Directory (single-domain environments at scale), Group Policy design, cleanup, and optimization, OU design and delegation models.
• Demonstrated experience with: AD security hardening (tiered admin model, least privilege, attack surface reduction), identifying and remediating, stale objects (users, computers, groups), legacy permissions and misconfigurations, GPO sprawl and conflicts.
• Experience integrating Active Directory with IAM/IdP platforms, including: Azure AD / Entra ID - must have, Okta - nice to have, etc, SSO, federation, and identity synchronization (e.g., AAD Connect or equivalent), role-based access control (RBAC) and identity lifecycle management.
• Experience working within regulated or audited environments, including: PCI DSS (or similar frameworks such as ISO 27001, NIST).
• Implementing controls related to identity, access management, and auditability.
• Strong knowledge of: Authentication protocols (Kerberos, NTLM, SAML/OIDC basics), DNS (AD-integrated), replication, and site topology.
• Experience with tools such as: ADUC, ADSIEdit, Group Policy Management Console, PowerShell (AD module - must have) for bulk changes and reporting.
• Experience in auditing and improving: privileged access (Domain Admins, Enterprise Admins), service accounts and delegation.
• At least upper-intermediate English level.

 Responsibilities:

• Perform a comprehensive assessment of current AD environments.
• Identify and remediate: inactive/stale objects, legacy groups and excessive permissions, GPO duplication, conflicts, and inefficiencies.
• Redesign and implement: OU structure and delegation model, Group Policy strategy aligned to best practices.
• Implement security hardening measures, including: privileged access model (e.g., tiering), reduction of attack surface and legacy protocols.
• Alignment with audit/compliance requirements (e.g., PCI DSS controls).
• Integrate AD environments with enterprise IAM platforms, including: identity synchronization and federation, access model alignment (RBAC / least privilege), SSO enablement and identity lifecycle processes.
• Review and optimize: AD Sites and Services (replication topology), DNS configuration and health.
• Develop and execute cleanup and remediation plans with minimal disruption.
• Automate tasks and reporting using PowerShell.
• Produce clear documentation and operational standards, including audit-ready configurations.

Nice-to-Have Certifications:

• Microsoft Certified: Windows Server Hybrid Administrator Associate
• Microsoft Certified: Identity and Access Administrator Associate (SC-300)
• Microsoft Certified: Azure Solutions Architect Expert
• MCSA / MCSE (legacy but relevant)
• Security certifications (e.g., CISSP, Security+, CISM)
• Okta Certified Professional / Administrator (or similar IAM certifications)

JarvisHeart is a rapidly expanding global IT & Tech company based in Cyprus, dedicated to its team, providing an inspiring dynamic work culture.Established in 2024, we are aimed to deliver services and solutions for businesses. We attract and retain the best IT professionals, offering avenues for development and progress to provide exceptional solutions to clients around the globe. Join us and become a part of JarvisHeart’s success story.

We are seeking a highly skilled Anti-Fraud manager to spearhead fraud detection efforts. The ideal candidate will have a strong background in fraud prevention and risk management.

Key Responsibilities:
• Real-time monitoring and analysis of player activity, including deposits, withdrawals, bets, gaming patterns, and behavioral data.
• Detection and investigation of suspicious activities such as bonus abuse, multi-accounting, collusion, chargebacks, money laundering (AML), and other fraud schemes.
• Working with the verification system: review of KYC documents, verification of payment methods and Source of Funds analysis.
• Analysis of fraud incidents, preparation of reports, and development of recommendations for risk mitigation.
• Monitoring fraud trends in the iGaming industry and proposing improvements.

Work Schedule: 5-Day Rotating Schedule (8-hour shifts)

Option A: Working days — Sunday + Monday + Tuesday + Wednesday + Thursday Option B: Working days — Tuesday + Wednesday + Thursday + Friday + Saturday

5 working days per week with 8-hour shifts and 2 consecutive days off.

Required Qualifications:

• At least 1–2 years of experience in anti-fraud, fraud prevention, or risk management within the iGaming / online casino
• Proficiency in English.
• Strong analytical and problem-solving skills.
• Ability to work in a fast-paced, high-pressure environment.
• Readiness to work on a weekend-priority schedule (Saturday or Sunday as regular working days)
• Experience with anti-fraud and KYC tools will be considered a strong advantage.

Optional Qualifications:

• Experience with international fraud prevention strategies.
• Knowledge of compliance requirements in Canada and Europe.

What we offer:

• 17 vacation days (Enjoy vacation policy to recharge and explore. We believe work-life balance is key to personal and professional well-being.)
• 15 paid sick days (Your health matters. We offer paid sick leave to ensure you can recover without financial stress)
• Insurance after the probation period (Your well-being is our priority. After completing the probationary period, you’ll gain access to our comprehensive insurance plan to support your health and peace of mind.)
• Public holidays off (Take time to celebrate and enjoy national holidays with friends and family without worrying about work.)
• Work equipment provided (Start your journey with the best tools for success! We provide all the necessary equipment to help you work efficiently and comfortably.)

If you’re ready to take on this exciting challenge and contribute to a fast-growing industry, apply now!

We are seeking a highly skilled Anti-Fraud manager to spearhead fraud detection efforts. The ideal candidate will have a strong background in fraud prevention and risk management.

Key Responsibilities:
• Real-time monitoring and analysis of player activity, including deposits, withdrawals, bets, gaming patterns, and behavioral data.
• Detection and investigation of suspicious activities such as bonus abuse, multi-accounting, collusion, chargebacks, money laundering (AML), and other fraud schemes.
• Working with the verification system: review of KYC documents, verification of payment methods and Source of Funds analysis.
• Analysis of fraud incidents, preparation of reports, and development of recommendations for risk mitigation.
• Monitoring fraud trends in the iGaming industry and proposing improvements.

Work Schedule: 5-Day Rotating Schedule (8-hour shifts)
Option A: Working days — Sunday + Monday + Tuesday + Wednesday + Thursday Option B: Working days — Tuesday + Wednesday + Thursday + Friday + Saturday
5 working days per week with 8-hour shifts and 2 consecutive days off.

Required Qualifications:
 

• At least 1–2 years of experience in anti-fraud, fraud prevention, or risk management within the iGaming 
• Proficiency in English.
• Strong analytical and problem-solving skills.
• Ability to work in a fast-paced, high-pressure environment.
• Readiness to work on a weekend-priority schedule (Saturday or Sunday as regular working days)
• Experience with anti-fraud and KYC tools will be considered a strong advantage.

Optional Qualifications:
 

• Experience with international fraud prevention strategies.
• Knowledge of compliance requirements in Canada and Europe.

What we offer:
• Opportunity to make an impact and see the results of your work within the company.
• Competitive compensation that grows with your achievements.
• Paid vacation and sick leave.
• Medical insurance.
• Budget for conferences, workshops, and training to support your professional growth.
• Free English language courses.
• Flexible work schedule. 

If you’re ready to take on this exciting challenge and contribute to a fast-growing industry, apply now!