Jobs Security

About the Role

We are looking for a highly skilled and strategic Senior DevSecOps Engineer to lead our security operations and infrastructure automation initiatives. In this role, you will bridge the gap between development, security, and operations, ensuring our on-premise environment remains secure, resilient, and efficient.
You will act as a subject matter expert, leveraging cutting-edge tools like CrowdStrike to automate threat detection and response, while maintaining robust perimeter security via Cloudflare.

Key Responsibilities
Implementation and automation of security tools in the CI/CD process (SAST, DAST, SCA).
Analysis of vulnerabilities in code, infrastructure and containers.
Development and configuration of security monitoring systems, incident response.
Monitoring and improving the security level of on-prem infrastructures.
Interaction with developers, DevOps and security teams to implement secure practices.
Active participation in the processes of IAM configuration, management of certificates, secrets and access policies.
Conducting internal security audits, participation in external (e.g. penetration) tests.

Requirements

Must-have:
Experience: 5+ years of experience in DevSecOps, Security Engineering, or a related field, with at least 2 years in a Senior role.
Tooling Expertise: Deep hands-on experience with the following specific tools:
Baremetal/on-premise infrastructure
Docker (Docker Swarm is a strong plus)
Gitlab CI 
CrowdStrike
Cloudflare
ELK.
SIEM Proficiency: Proven experience deploying and tuning SIEM solutions (e.g., Splunk, Elastic Security, Datadog, or similar).
Infrastructure: Strong background in managing on-premise infrastructure (physical servers, data centers, virtualization, networking).
Scripting: Proficiency in Python, Go, or Bash for automation and tooling.

Nice-to-have:
Experience with Kubernetes and such tools as Wiz.io and Torq.
Previous involvement in high-load, regulated, or 24/7 production environments (e.g., iGaming, FinTech, telecom or similar).

We offer
Fully remote work opportunity
Enhanced leave benefits:
20 days of paid vacation
5 paid days off
14 paid sick leaves
Company clubs & communities
Celebration gifts for personal milestones
Corporate online events, raffles & challenges
Corporate English program
Corporate yoga classes
Team-building activities
Coworking compensation
Training and development programs (internal & external).

Senior Site Reliability Engineering position 
Location: Remote
Industry: Computer and Network Security
Employment type: Full time / Contractor B2B

Summary

We are hiring a Senior SRE Specialist to manage deployments and keep our platform running smoothly across Azure and on‑premise environments. You will work directly with customers during live troubleshooting, own operational stability, and deliver targeted improvements.

Primary Responsibilities:

• Manage deployments across Azure and on‑premise infrastructure.
• Operate and maintain production systems at scale to ensure availability and performance.
• Respond to and resolve customer support tickets and join live troubleshooting sessions.
• Implement and improve CI/CD pipelines, container workflows, and automation.
• Collaborate with engineering teams to deliver ad hoc fixes and infrastructure improvements.
• Document operational procedures and contribute to runbooks and incident postmortems.

Requirements and Nice‑to‑Have

Required

• Senior level: 5+ years of relevant experience (ideally 7–8 years).
• Strong C# programming skills and solid software architecture fundamentals.
• Experience with production systems at scale.
• Direct customer‑facing experience for high‑level troubleshooting.
• Azure experience (must have some Azure exposure).
• Container knowledge: Docker and Kubernetes experience.
• CI/CD experience and familiarity with pipeline automation.
• Excellent communication skills and ability to work remotely.
   

Preferred / Nice‑to‑have

• Strong AWS background acceptable if accompanied by Azure experience.
• PowerShell scripting experience.
• Hands‑on experience with multiple pipeline technologies and infrastructure as code.

What We Offer

• Work on a mission‑critical product used by thousands of enterprises.
• Remote and flexible work arrangements.
• Direct customer engagement with visible impact on product stability.
• Competitive contractor terms for B2B engagements.

Company and Project Mission:

We are a global exposure management company protecting more than 40 000 customers with an AI‑powered platform that unifies visibility, insight, and action across the attack surface. The team’s mission is to keep the product in optimal operational condition by managing support tickets, ensuring system stability, and delivering targeted improvements to meet customer needs.

Summary

• Senior Security Engineer - penetration testing, threat modelling, 7+ years commercial experience.
• Python. Hands-on offensive and defensive security for web applications.
• Remote/Hybrid, UK, Chechia, Spain - employment contract, Poland, Romania, Slovakia, Bulgaria, Ukraine - B2B contract.

The role

This is a senior security engineering position with a strong emphasis on penetration testing and threat modeling. You'll work across the full security lifecycle: designing secure architectures, modeling threats, researching emerging attack vectors, and validating defenses through hands-on testing.

The focus is on long-term security improvements — identifying and addressing risks before they become incidents. You'll need both the attacker's mindset to find vulnerabilities and the engineering skills to help fix them properly.

What you'll work on

• Penetration testing and security assessments against web applications and internal systems
• Leading security design reviews and threat modeling for new products and infrastructure changes
• Researching emerging threats and attack techniques, then translating findings into practical defense strategies
• Building security automations and tools, and prototypes to support testing and detection
• Collaborating with engineering teams to remediate vulnerabilities and improve secure development practices
• Contributing to security architecture decisions and standards

What we're looking for

• 7+ years in security engineering with substantial experience in both offensive and defensive work
• Proven, hands-on web applications penetration testing experience
• Strong programming skills, preferably Python, with experience building security tools or automation
• Deep expertise in at least one core security domain: cryptography, authentication/authorisation, secure architecture, or network security
• Clear understanding of attack vectors and methods, and how to anticipate them
• Good communication skills in English

Useful additions

• Experience securing serverless architectures or AI/ML platforms
• Background in cloud-native security (AWS, GCP, Kubernetes)
• DevSecOps experience- integrating security into CI/CD pipelines
• Relevant certifications (OSCP, OSCE, CISSP, or similar)

Would you be open to leading the Platform & Cloud Security direction in a top-tier iGaming product? We’re looking for a DevSecOps Engineer to work on a high-load system. You’ll collaborate closely with the CTO, have full ownership of decisions, remote, and top-of-the-market terms.

Main Responsibilities

– Establish the DevSecOps function, defining best practices and security standards across the Platform Tribe

– Integrate security into CI/CD pipelines (SAST, DAST, dependency scanning, container scanning)

– Harden infrastructure and runtime environments (Linux, Docker, Kubernetes/EKS, RBAC)

– Design and enforce cloud security controls in AWS (IAM least-privilege, GuardDuty, Security Hub, encryption at rest/in transit)

– Define and maintain IaC security policies (Terraform/Terragrunt, drift detection, policy-as-code)

– Implement and manage secrets management solutions (Vault, AWS Secrets Manager)

– Build centralized security monitoring & alerting (Datadog, ELK, CloudWatch, SIEM/SOAR)

– Lead vulnerability management and threat modeling practices

– Automate workflows through scripting (Python, Bash)

– Partner with backend, infrastructure, and platform engineers to embed security in design & delivery

– Contribute to compliance readiness (ISO 27001, GDPR, PCI-DSS)

– Act as a security subject-matter expert, mentoring engineers and raising awareness

– Continuously evaluate and implement new security tools and approaches

Mandatory Requirements

– 5+ years in Security Engineering / DevSecOps roles , with proven success delivering secure infrastructure and applications

– Strong skills in Python and Bash for building and automating security workflows

– Cloud Security (AWS focus) — Deep knowledge of IAM least-privilege design, encryption at rest/in transit, GuardDuty, Security Hub, and best practices for securing multi-account environments

– Implementation of security controls in pipelines (SAST, DAST, dependency scanning, container image scanning, policy-as-code)

– Hardening of Linux systems, Docker, Kubernetes/EKS; strong experience with RBAC, PodSecurity/OPA/Gatekeeper/Kyverno policies

– Terraform/Terragrunt, including policy-as-code, drift detection, and compliance enforcement

– Expertise with HashiCorp Vault, AWS Secrets Manager, or equivalent

– Hands-on with centralized logging, SIEM/SOAR tools (Datadog Security, ELK, CloudWatch, etc.) and incident response workflows

– In-depth understanding of secure network design, segmentation, and monitoring

– Experience with tools enabling temporary, approval-based access (Teleport, AWS IAM Identity Center, Okta, etc.)

– Ability to design and enforce zero trust principles (continuous verification, microsegmentation, contextual access)

– Familiarity with SBOM generation (CycloneDX, Syft), artifact signing (Cosign, Sigstore), and applying SLSA/in-toto frameworks

– Understanding of ISO 27001, GDPR, PCI-DSS (iGaming relevance), plus experience automating compliance checks with IaC and policy engines

Nice to have

– Exposure to Kafka or ClickHouse in security-sensitive environments

– Familiarity with GitOps tooling (FluxCD/ArgoCD)

– Broader knowledge of SOC 2, HIPAA, or other regulatory frameworks

We offer

– Compensation at top industry standards + quarterly bonuses based on transparent evaluation

– Remote-first flexibility and adaptable working hours

– Unlimited paid vacation & sick leave

– Comprehensive medical insurance (for you and your partner)

– Financial support for major life events

– Professional growth budget for courses, training, and certifications

Description

We are looking for a Senior DevSecOps who will help make our cloud infrastructure safe, stable, and automated. You will work together with the development, platform, and security teams to add security at every step of product creation.

This is a great chance to grow in security automation, improve processes, and bring modern DevSecOps practices into the company.

Requirements
Must-Have Skills

5+ years of hands-on experience in DevOps / DevSecOps / Cloud Engineering roles;

Deep expertise with AWS services (IAM, VPC, CloudTrail, GuardDuty, KMS, WAF);

Proven experience with Kubernetes security — RBAC, network segmentation, image scanning, Falco or similar runtime security tools;

Strong proficiency in Infrastructure-as-Code tools, particularly Terraform (modules, state management, policy as code);

Experience managing CI/CD pipelines on GitHub Actions with integrated vulnerability scanning and secret protection;

Solid knowledge of Cloudflare security suite (Zero Trust, WAF, DNS, Access, API Gateway rules);

Familiarity with SSO and MFA solutions (DUO SSO, OIDC flows, federation via SAML);

Scripting and automation using Python, Bash, or Go;

Strong understanding of network security, TLS management, logging, and monitoring pipelines;

Excellent collaboration and communication skills, with the ability to work effectively with cross-functional engineering and compliance teams.

Nice-to-Have

Experience with policy-as-code frameworks (OPA, Conftest, Terraform Cloud Policies);

Hands-on knowledge of container security scanners (Trivy, Aqua, Anchore, Grype);

Exposure to SIEM / SOC integrations;

Familiarity with compliance frameworks (ISO 27001, NIST CSF, CIS Benchmarks);

Relevant certifications (AWS Security Specialty, Terraform Associate, CISSP, or DevSecOps certifications).

Responsibilities
Integrate security practices (SAST, DAST, SCA, secret management, compliance checks, etc) directly into CI pipelines on GitHub;

Build and manage infrastructure using Terraform (IaC) with a strong focus on least privilege, encryption, and auditing;

Strengthen security across Kubernetes clusters (RBAC, network policies, Falco runtime threat detection);

Implement security automation and continuous monitoring for vulnerabilities, misconfigurations, and drift in AWS + Kubernetes environments;

Collaborate closely with Development, Platform, SRE, Cloud Delivery Engineers, and Security teams to embed “security-by-design” principles throughout SDLC;

Conduct threat modeling, risk assessments, and incident response for cloud and container workloads;

Drive adoption of DevSecOps best practices, mentor team members, and promote a proactive security culture;

Continuously research and implement new security tools, policies, and automation opportunities to improve visibility and resilience.

Benefits

Why Join Us?

🎰 Be part of the international iGaming industry – Work with a top European solution provider and shape the future of online gaming;

💕 A Collaborative Culture – Join a supportive and understanding team;

💰 Competitive salary and bonus system – Enjoy additional rewards on top of your base salary;

📆 Unlimited vacation & sick leave – Because we prioritize your well-being;

📈 Professional Development – Access a dedicated budget for self-development and learning;

🏥 Healthcare coverage – Available for employees in Ukraine and compensation across the EU;

🫂 Mental health support – Free consultations with a corporate psychologist;

🇬🇧 Language learning support – We cover the cost of foreign language courses;

🎁 Celebrating Your Milestones – Special gifts for life’s important moments;

⏳ Flexible working hours – Start your day anytime between 9:00-11:00 AM;

🏢 Flexible Work Arrangements – Choose between remote, office, or hybrid work;

🖥 Modern Tech Setup – Get the tools you need to perform at your best;

🚚 Relocation support – Assistance provided if you move to one of our hubs.

LITSLINK is looking for a Senior DevSecOps / Infrastructure Engineer to join a long-term client project focused on building a privacy-first, zero-knowledge secure product.

This is a highly security-driven role where you will work on tamper-resistant infrastructure, data minimization, and security-by-design architecture.

Location & Format

• Remote
• Full-time
• Long-term
• Contract (gross)

Responsibilities

• Design and maintain secure cloud and/or bare-metal infrastructure
• Work with Kubernetes (network policies, cluster security, isolation)
• Implement Infrastructure as Code (Terraform / Ansible)
• Manage secrets and encryption systems (Vault, KMS, HSM)
• Build and support immutable infrastructure
• Develop secure CI/CD pipelines (reproducible builds)
• Set up monitoring with minimal logging (Prometheus, Grafana)
• Work with privacy-preserving networking / obfuscation techniques
• Participate in security reviews and architectural decisions

Requirements

• 6+ years of experience in DevSecOps / Infrastructure
• Strong Linux expertise (including system hardening)
• Hands-on experience with Kubernetes in production (security focus)
• Solid experience with Docker
• Experience with Terraform and/or Ansible
• AWS or GCP experience
• CI/CD pipelines setup and maintenance
• Experience with secrets management systems
• Monitoring experience (Prometheus, Grafana)
• Strong security mindset (threat modeling, risk mitigation)

Nice to Have

• Experience with immutable infrastructure
• Verifiable / reproducible builds
• Vault / HSM experience
• Experience with privacy-first products
• Bare-metal infrastructure (e.g., Hetzner)
• Zero-log or minimal logging approaches

Hiring Process

• Screening interview
• Technical interview
• Fast decision

We are global advocacy platform powering creator communities for the world's leading beauty and personal care brands. Founded in 2019, we help brands like L'Oréal, Estée Lauder, Coty, and Unilever build authentic relationships with millions of creators, driving user-generated content at scale.

What We Do:

• Connect brands with 350M+ creators globally through our proprietary database
• Power advocacy programs across 40+ markets (US, UK, EU, LATAM, Middle East, Asia)
• Process millions of creator interactions, content submissions, and campaign data points monthly
• Handle sensitive personal data (PII), financial transactions, and brand-creator relationships

Our Scale:

• Trusted by Fortune 500 beauty & personal care brands
• Processing 100k+ creator content submissions monthly
• Operating in 40+ countries with localized compliance requirements

Why Join Us:

• High-growth SaaS scale-up at the intersection of social, beauty, and enterprise tech
• Build security & compliance infrastructure from the ground up - you'll own it
• Work directly with Fortune 500 clients (L'Oréal, Unilever, Estée Lauder)
• Remote-first culture with global team
• Meaningful equity stake in a fast-growing company

The Role: Information Security & Compliance Manager

As our first Manager of InfoSec & Compliance, you'll be the guardian of trust - ensuring we meet the highest standards of data protection, security, and regulatory compliance as we scale globally. You'll build our compliance framework from the ground up, own enterprise client security reviews, and future-proof our platform for SOC 2, ISO 27001, and global data privacy regulations.

This is a foundational role. You'll have the autonomy to shape our security posture, define policies, and build the systems that enterprise clients demand.

What You'll Do

Compliance & Regulatory (40%)

• Own GDPR, CCPA, LGPD, and emerging data privacy regulations across 40+ markets
• Maintain SOC 2 Type II certification (or lead first certification if not yet achieved)
• Prepare for ISO 27001 certification roadmap
• Manage DPIAs (Data Protection Impact Assessments) for new features/markets
• Be the go-to expert for client compliance questionnaires, security reviews, and audits
• Ensure vendor compliance (AWS, payment processors, third-party APIs)

Client Security & Enterprise Sales Enablement (30%)

• Own enterprise client security reviews (infosec questionnaires, pen test reports, architecture reviews)
• Support sales team with security documentation, certifications, and client security calls
• Build & maintain security collateral (security white papers, data flow diagrams, compliance matrices)
• Act as security liaison for enterprise clients (L'Oréal, Unilever, Estée Lauder)
• Negotiate data processing agreements (DPAs) and BAAs

InfoSec Infrastructure & Risk Management (30%)

• Design and implement security policies, procedures, and controls
• Conduct regular risk assessments and threat modeling
• Manage vulnerability management program (pen tests, bug bounties, security scanning)
• Oversee incident response planning and execution
• Drive security awareness training for engineering and ops teams
• Monitor security tools (SIEM, CASB, endpoint protection) and respond to alerts

Join Innoneers – Shaping the Future of Software Engineering!
 

At Innoneers, we don’t just build software; we engineer innovation. We are a dynamic software development company dedicated to transforming complex business challenges into seamless digital experiences. Specializing in Web, Mobile, and Cloud solutions, we pride ourselves on our technical agility and "Engineering Excellence" mindset.
 

As we scale our operations, we are looking for a passionate SoC Verification Engineer to join our team. If you thrive in an environment where clean code meets cutting-edge technology (Node.js, React, AWS, Python) and want to make a tangible impact on global projects in E-commerce, Fintech, and Logistics, Innoneers is the place for you.

We will trust you with:

• Develop and maintain SystemVerilog/UVM-based verification environments at both module and SoC level;
• Write test sequences, define functional coverage models, and ensure coverage closure;
• Debug simulation results using waveform tools and collaborate with design teams to resolve issues;
• Drive constrained-random stimulus generation and continuous improvements in our verification methodology;
• Apply modern EDA tools and automate verification flows to maximize speed and quality;
• Contribute to quality assurance, release-readiness, and design-test alignment for every chip.
   

What you’ll need to succeed:

• 8+ years of digital verification, including 4+ years of constrained-random verification with UVM.
• 2+ years of embedded C development for SoC verification.
• Experience designing verification architecture from design specifications and creating test plans.
• Ability to translate functional requirements into functional coverage models.
• Skilled in constrained-random stimulus generation and coverage analysis/closure.
• Strong expertise in root-cause analysis and debugging SystemVerilog RTL.
• Proficiency in scripting with Python or similar languages.
• Solid experience with Linux, bash, or equivalent environments.
• Proficient with commercial EDA tools.
• Experience collaborating effectively with cross-functional teams.
• Hands-on experience with UVM verification architecture and vertical reuse of lower-level UVCs/environments.
• Skilled in mixed-language simulation and system modeling.
• Experience with effort estimation, project planning, scheduling, and tracking.

• Proven ability to lead and mentor a small team.

   

Nice-to-haves:

• Experience with SystemC for modeling and simulation.
• Knowledge of UPF and low-power verification methodologies.
• Exposure to formal verification techniques.
• Hands-on experience with FPGA validation and bring-up.
• Experience with full-chip emulation and bring-up.
• Familiarity with OpenOCD/GDB for software-driven verification.
• Experience in SystemVerilog RTL design.

If you're ready to shape the future of technology with us, apply and let's talk!

We are looking for a Senior Compliance Manager with strong and seasoned hands-on experience in IT service companies to lead our compliance and data protection framework from a contractual, regulatory, and information security perspective.

This role is operational and execution-focused, not advisory only. You will be responsible for building, implementing, and maintaining a robust compliance program that is closely tailored to our software engineering services business model and complies with the data security and contractual requirements of our enterprise-level clients.

Day-to-day, you will practically translate client contractual obligations into actionable compliance controls, work closely with Legal, Delivery, IT, and Security Departments to evaluate and identify vulnerabilities, propose and implement workable solutions, and ensure continuous audit readiness (ISO 27001, SOC2, and client-driven audits). This role also involves supporting internal and external audits, client due diligence questionnaires, vendor risk activities, internal compliance onboarding, and ongoing training of Proxet personnel, and ongoing alignment with client security expectations across multiple jurisdictions (U.S., Europe, Latin America).

If you understand how compliance works inside a global IT services organization, this role is for you.

Responsibilities

• Reviewing and interpreting client contractual requirements with respect to security, compliance, and data privacy into actionable and deployable operational activities consistent with industry practice for a software engineering services business. 
• Build and maintain a compliance chart per client by mapping client requirements to internal controls. Identify gaps and coordinate remediation with IT, Security, Delivery, and Legal Departments.
• Conduct quarterly internal compliance audits across projects.
• Implement and maintain GDPR compliance, support DPA review and negotiation.
• Ensure new client pre-sales and onboarding align with the Company's compliance program.
• Ensure proper data classification and data handling controls.
• Contribute to the development and maintenance of internal policies, procedures, and controls related to security and compliance.
• Perform risk assessments and develop appropriate risk treatment plans.
• Support vendor and third-party risk management processes and assessments.
• Monitor changes in regulatory landscapes and translate them into actionable recommendations.
• Create and deliver Company-wide appropriate and tailored awareness training on data protection and regulatory compliance requirements for internal teams.
• Act as a point of contact for compliance-related topics during engagements and audits.
• Apply data retention and secure data disposal requirements in line with regulatory and contractual obligations.
• Follow and support the company’s established cybersecurity standards and roadmap, ensuring alignment with defined requirements, milestones, and priorities.
• Prepare compliance dashboards and reports for leadership.

Requirements

• 5+ years of experience in compliance, GRC, risk management.
• 4+ years of experience in compliance in an IT service/outsourcing company.
• Hands-on experience with security frameworks (e.g., ISO/IEC 27001, SOC 2) and standards implementation and remediation experience.
• Excellent English skills, including familiarity with and strong contractual review skills (MSA, SOW, DPA), and experience in collaborating with Legal Departments.
• Strong familiarity with global data protection laws (GDPR, CCPA/CPRA, UK GDPR) and practical GDPR, CCPA/CPRA, DPF implementation experience.
• Understanding of industry-specific compliance and regulatory standards across sectors, including funds, healthcare, and private equity.
• Ability to support Engineering (Delivery) by identifying and tracking compliance issues and coordinating timely mitigation actions with relevant stakeholders.
• Ability to translate regulatory and security requirements into practical, business-aligned, actionable controls.
• Ability to conduct risk assessments and define appropriate risk treatment measures.
• Understanding of data handling, intellectual property rights, and related contractual considerations.
• Experience with controls and governance for AI usage.
• Experience preparing and maintaining documentation for audits, regulators, and clients.
• Strong attention to detail and ability to manage multiple compliance initiatives in parallel.
• Strong communication and interpersonal skills.
• Strong documentation skills and high attention to detail.
• English: Upper intermediate or higher.
• Ability to work independently and as part of a team.
   

Would be a plus:

• Experience with regulatory requirements across multiple jurisdictions (e.g., U.S., Europe, Latin America).
• Practical experience with BCP/DRP implementation and maintenance.
• Hands-on experience with healthcare compliance frameworks (e.g., HIPAA).
• Experience with the investment fund clients and private equity vertical domain expertise, including PCI DSS.
• Professional certifications such as CCEP, CISA, CISM, CRISC, CISSP, or equivalent.
• Experience in data-intensive projects (DWH, BI, AI, analytics).

RedCore is an international business group that creates technological solutions for digital markets. Our products and services cover fintech, marketing, e-commerce, customer service, communications, and regulatory technologies.

We are looking for an Access Manager to join our team!

 Requirements:

- Strong practical experience with IAM / Identity Access Management and provisioning systems.
- Hands-on experience with IDP solutions (JumpCloud or similar), including configuration and troubleshooting.
- Experience managing Google Workspace environment (users, groups, roles, admin controls).
- Deep understanding of SSO (SAML, OIDC), schema management, and identity federation.
- Experience with User Lifecycle Management (Joiner–Mover–Leaver process).
- Practical knowledge of Group Mapping and Role Mapping models.
- Experience integrating access with internal and third-party systems (Access Integration).
- Understanding and implementation of Just-In-Time (JIT) Access principles.
- Experience with backup and recovery strategies for identity systems (e.g., AirBack or similar tools).
- Understanding of access governance, audit processes, and least privilege principles.

Will be plus:

- Basic scripting/automation skills; strong plus: JavaScript, TypeScript, Python.

Responsibilities:
- Manage and optimize IAM infrastructure (JumpCloud, Google Workspace, SSO integrations).
- Configure and maintain SSO integrations with internal and external services.
- Own and improve the full user lifecycle process (provisioning, deprovisioning, role changes).
- Design and maintain role and group mapping models aligned with business structure.
- Implement and monitor JIT access workflows.
- Integrate new systems into the identity ecosystem following security standards.
- Participate in audits, access reviews, and compliance processes.
- Automate repetitive IAM tasks using scripting where applicable.
- Collaborate with Security, IT, and Engineering teams on access-related initiatives.

Our benefits to you:
☘️An exciting and challenging job in a fast-growing business group, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and more

🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed

🧑🏻‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided

🏖Paid vacations, sick leave, personal events days, days off

💵Referral program — enjoy cooperation with your colleagues and get the bonus

📚Educational programs: regular internal training sessions, compensation for external education, attendance of specialized global conferences

🎯Rewards program for mentoring and coaching colleagues

🗣Free internal English courses

✈️In-house Travel Service

🦄Multiple internal activities: online platform for employees with quests, gamification, presents and news, clubs for movie / book / pets lovers and more

🎳Other benefits could be added based on your location

Our client is an international product-based IT company specializing in the iGaming industry. Born in 2014, they rocked the CIS region, and now take the success to the world. 

We are currently looking for a Anti-Fraud Specialist to strengthen our fraud prevention efforts in betting and casino products. This role involves analyzing user behavior, identifying suspicious activity, and improving anti-fraud processes. We value a proactive, detail-oriented mindset and strong analytical thinking.

📋 Key responsibilities and your contribution:

- Monitoring and analyzing betting and casino games to detect abnormal activity, fraudulent schemes.
- Developing and implementing anti-fraud systems: creating and optimizing algorithms designed to prevent fraud in games.
- Analyzing players and their behavior using statistical methods to identify suspicious patterns.
- Responding to incidents: conducting investigations into suspicious situations, identifying and blocking fraudsters.
- Preparing reports: creating reports on detected frauds and system vulnerabilities.

📚 Your qualifications:

- 1+ year of experience in anti-fraud and security in gambling or related industries (e.g., online casinos, sports betting, poker sites).
- Knowledge of poker and casino games, understanding of various types of fraud in these areas (e.g., bot usage, exploiting bonus offers, player collusion, etc.).
- Experience with Excel and analytical tools: Tableau/ PowerBI (will be a plus) for data analysis and anomaly detection.
- Knowledge and understanding of anti-fraud systems, such as real-time fraud prevention systems (e.g., session monitoring, transaction processing).
- Ability to perform detailed data analysis and identify unconventional user behavior patterns.
- Monitor and detect marketing-related fraud activities (bonus abuse, multi-accounting, affiliate fraud, CPA traffic manipulation), analyze user behavior and traffic patterns.

➕ Nice to have:

- Experience with machine learning systems for analyzing player behavior.
- Creating dashboards in Tableau or other analytical tools.

Benefits:

⭐ Days of recovery: 20 paid vacation day per year and unlimited sick leave days.
⭐ Health: corporate medical insurance, a company psychologist and a Cafeteria of Benefits for personal wellness choices.
⭐ Education: a variety of foreign languages course for you to choose from. Also we are open for your development and you can choose different courses /training for improving your skills.
⭐ Compensation: additional benefits that can be used according to company policy, e.g. paid business trips, international conference opportunities, lunch perks at our offices etc.
⭐ Work Environment: work remotely or from one of our offices in Cyprus, Portugal, Poland, equipped with the equipment you’ll need for success.

About Playson

Founded in 2012, Playson is a leading iGaming supplier recognized worldwide. We provide our partners with a high-end, microservice-based Platform-as-a-Service capable of processing billions of financial transactions daily. Our global infrastructure is designed for cross-regional performance, with a relentless focus on latency reduction and flawless player experience, regardless of bandwidth or connectivity.

We are now building a Platform & Cloud Security function and are looking for the first hire to launch and lead it. This is a rare opportunity to set the standards from scratch and shape how security is embedded into a modern, high-load, cloud-native environment.

Key Responsibilities

• Establish the DevSecOps function at Playson, defining best practices and security standards across the Platform Tribe.
• Integrate security into CI/CD pipelines (SAST, DAST, dependency scanning, container scanning).
• Harden infrastructure and runtime environments (Linux, Docker, Kubernetes/EKS, RBAC).
• Design and enforce cloud security controls in AWS (IAM least-privilege, GuardDuty, Security Hub, encryption at rest/in transit).
• Define and maintain IaC security policies (Terraform/Terragrunt, drift detection, policy-as-code).
• Implement and manage secrets management solutions (Vault, AWS Secrets Manager).
• Build centralized security monitoring & alerting (Datadog, ELK, CloudWatch, SIEM/SOAR).
• Lead vulnerability management and threat modeling practices.
• Automate workflows through scripting (Python, Bash).
• Partner with backend, infrastructure, and platform engineers to embed security in design & delivery.
• Contribute to compliance readiness (ISO 27001, GDPR, PCI-DSS).
• Act as a security subject-matter expert, mentoring engineers and raising awareness.
• Continuously evaluate and implement new security tools and approaches.

Requirements

• 5+ years in Security Engineering / DevSecOps roles, with proven success delivering secure infrastructure and applications.
• Strong skills in Python and Bash for building and automating security workflows.
• Cloud Security (AWS focus) - Deep knowledge of IAM least-privilege design, encryption at rest/in transit, GuardDuty, Security Hub, and best practices for securing multi-account environments.
• Implementation of security controls in pipelines (SAST, DAST, dependency scanning, container image scanning, policy-as-code).
• Hardening of Linux systems, Docker, Kubernetes/EKS; strong experience with RBAC, PodSecurity/OPA/Gatekeeper/Kyverno policies.
• Terraform/Terragrunt, including policy-as-code, drift detection, and compliance enforcement.
• Expertise with HashiCorp Vault, AWS Secrets Manager, or equivalent.
• Hands-on with centralized logging, SIEM/SOAR tools (Datadog Security, ELK, CloudWatch, etc.) and incident response workflows.
• In-depth understanding of secure network design, segmentation, and monitoring.
• Experience with tools enabling temporary, approval-based access (Teleport, AWS IAM Identity Center, Okta, etc.).
• Ability to design and enforce zero trust principles (continuous verification, microsegmentation, contextual access).
• Familiarity with SBOM generation (CycloneDX, Syft), artifact signing (Cosign, Sigstore), and applying SLSA/in-toto frameworks.
• Understanding of ISO 27001, GDPR, PCI-DSS (iGaming relevance), plus experience automating compliance checks with IaC and policy engines.

Nice to have:

• Exposure to Kafka or ClickHouse in security-sensitive environments.
• Familiarity with GitOps tooling (FluxCD/ArgoCD).
• Broader knowledge of SOC 2, HIPAA, or other regulatory frameworks.

What We Offer

• Compensation at top industry standards + quarterly bonuses based on transparent evaluation.
• Remote-first flexibility and adaptable working hours.
• Unlimited paid vacation & sick leave.
• Comprehensive medical insurance (for you and your partner).
• Financial support for major life events.
• Professional growth budget for courses, training, and certifications.

Recruitment Process

1. HR Interview – 45 min
2. Hiring Manager Interview – 60 min
3. Technical Interview – 90 min
4. Final Interview with Head of Platform & CTO – 60 min

PwC is a global network of more than 370,000 professionals in 149 countries that turns challenges into opportunities. We create innovative solutions in audit, consulting, tax and technology, combining knowledge from all over the world.

PwC SDC Lviv, opened in 2018, is part of this global space. It is a place where technology is combined with team spirit, and ambitious ideas find their embodiment in real projects for Central and Eastern Europe.

What do we guarantee?

• Work format: Remote or in a comfortable office in Lviv - you choose.
• Development: Personal development plan, mentoring, English and Polish language courses.
• Stability: Official employment from day one, annual review of salary and career prospects.
• Corporate culture: Events that unite the team and a space where everyone can be themselves.

We are seeking a Security Engineer to provide deep technical expertise, tooling evaluations, and hands‑on engineering support across our security program. This role acts as a builder‑defender, driving practical security control implementation, assessing emerging technologies, and ensuring secure integration patterns for modern applications—including but not limited to AI systems. You will bridge high‑level security strategy with real engineering execution.

Key Responsibilities:
 

• Implement and operationalize security controls, translating policies and theoretical requirements into real, functioning technical solutions.
• Evaluate and integrate modern security tools, performing hands‑on testing and delivering data‑driven recommendations.
• Design and review secure architecture patterns for application and platform integrations (APIs, cloud services, third‑party tools, internal services).
• Conduct threat modeling for complex use cases, identifying risks such as data exposure, API abuse, system compromise, and emerging AI‑related attack vectors.
• Provide technical security guidance to engineering and product teams proposing new solutions or integrations.
• Partner closely with DevSecOps teams to embed security practices into CI/CD pipelines, container workflows, and cloud environments.

Requirements:
 

• 4+ years in Application Security, Cloud Security, Security Engineering, or DevSecOps.
• Strong knowledge of API security, OAuth/OIDC, containers, and cloud‑native services.
• Hands‑on experience with security tools (posture management, vulnerability scanners, SIEM/SOAR).
• Ability to assess third‑party vendors and modern security technologies.
• Proficiency in Python or another scripting language.
• Understanding of generative AI risks (prompt injection, data leakage) is a plus.
• Strong analytical thinking and clear communication skills.
• Self‑driven, adaptable, and proactive in a fast‑changing tech landscape.

Policy statements:
https://www.pwc.com/ua/uk/about/privacy.html

We are looking for a DevSecOps Engineer with 3+ years of experience to help audit, strengthen, and improve the security posture of a small but growing SaaS platform serving nonprofit and corporate clients. 

This role is security-first, with DevOps responsibilities as a secondary layer. The main goal is to assess the current infrastructure, identify security and compliance gaps, and implement a practical roadmap to improve the platform’s overall resilience, compliance readiness, and long-term sustainability. 

Project scope: 

- Initial security and infrastructure audit 

- Identify risks, vulnerabilities, and operational gaps 

- Build and prioritize a remediation roadmap 

- Implement key improvements over a 2–3 month engagement 

- Potential for ongoing periodic security reviews and advisory support afterward 

Current stack / environment: 

- Git 

- GitHub Actions 

- Docker 

- AWS 

- Render 

What you will do: 

- Audit the current cloud and application setup from a security and DevSecOps perspective 

- Review infrastructure, deployment processes, DNS configuration, access controls, and backup/disaster recovery practices 

- Identify gaps related to SOC 2 readiness and help prepare for stronger enterprise security expectations 

- Assess security controls around CI/CD, secrets management, container images, user access, and production environments 

- Review existing vulnerability scanning practices and recommend improvements, including dynamic scanning where needed 

- Help define and implement practical controls such as firewalling, hardening, monitoring, least-privilege access, and security hygiene improvements 

- Investigate risks related to DNS, exposed services, stale records, misconfigurations, and other overlooked infrastructure issues 

- Support the team in creating a sustainable, right-sized security approach for a small organization without overengineering 

- Translate findings into an actionable roadmap with clear priorities, balancing risk, cost, and implementation effort 

- Help improve confidence in responding to enterprise security questionnaires from large corporate clients 

What we are looking for: 

- 3+ years of hands-on experience in DevSecOps, DevOps with a strong security focus, or cloud/infrastructure security 

- Strong experience with AWS and cloud security best practices - Experience with GitHub Actions, CI/CD security, Docker, and container/image scanning 

- Experience reviewing and securing hosted platforms, including PaaS environments such as Render or similar 

- Solid understanding of IAM/access control, secrets management, DNS security, backups, disaster recovery, and infrastructure hardening 

- Experience identifying and remediating security gaps in small or mid-sized SaaS environments 

- Familiarity with SOC 2 controls and general compliance-oriented security practices 

- Ability to recommend pragmatic, cost-conscious solutions for a small team 

- Strong communication skills and ability to explain risks, tradeoffs, and priorities clearly to non-security stakeholders 

- English level: B2 minimum

Availability requirements: 

- Must be available for overlap from 14:00 to 16:00 Mountain Time (MT) 

- Outside of that window, the working schedule is flexible 

Nice to have: 

- Experience with GDPR readiness or compliance-related security improvements 

- Experience supporting penetration testing remediation 

- Experience with SSO/security controls for B2B or enterprise clients 

- Experience working with lean startups, nonprofits, or small product teams

We are looking for someone practical, hands-on, and able to combine audit thinking with execution. 

Engagement: 

- Estimated initial duration: 2–3 months 

- Potential for ongoing part-time or periodic audit/advisory support

Head of Cybersecurity Product Management 

Softprom

Europe / CEE | Hybrid or Remote
Full-time
IT Distributor / VAD (Cybersecurity & Enterprise IT)

About Softprom

Softprom is an international IT distributor and value-added partner operating across Central and Eastern Europe, CIS, and neighboring regions.
We work with leading global vendors in Cybersecurity, Cloud, Infrastructure, and Enterprise IT, helping partners and customers build secure, scalable solutions.

We are now looking for a Head of Cybersecurity Product Management to lead and develop our cybersecurity product portfolio and team.

About the role

This is a senior leadership role for an experienced B2B product professional who understands IT distribution and cybersecurity markets.

You will be responsible for product strategy, portfolio development, vendor management, and people leadership, acting as a key link between vendors, sales, marketing, pre-sales, and top management.

We are looking for a system-oriented leader who builds processes and teams — not someone who tries to do everything alone.

Key responsibilities

• Lead and develop a team of Product Managers (2–3+ people)
   
• Own and manage the cybersecurity product portfolio (multiple vendors and solutions)
   
• Build and optimize product management processes, including:
   
  • onboarding and launch of new vendors
     
  • product lifecycle management
     
  • cross-functional collaboration with Sales, Marketing, and Pre-Sales
     
• Act as the main point of contact for cybersecurity vendors (local and international)
   
• Define product strategy, positioning, and go-to-market approach
   
• Participate in:
   
  • pricing and margin strategy
     
  • sales forecasting and pipeline planning
     
  • product P&L ownership
     
• Set goals and KPIs for product managers, conduct performance reviews and mentoring
   
• Represent the product function in communication with top management
  
   

Requirements (Must-have)

Experience & Expertise

• 5+ years of experience in B2B IT product management
   
• 2+ years of experience managing product managers (team lead / head role)
   
• Hands-on experience working with:
   
  • IT vendors (local and/or international)
     
  • multi-product portfolios
     
• Strong understanding of the cybersecurity market, including:
   
  • solution categories (NGFW, EDR/XDR, IAM, SIEM, DLP, SASE, etc.)
     
  • competitive landscape
     
  • typical customer use cases
    
     

Management & Business Skills

• Ability to:
   
  • set goals and KPIs
     
  • prioritize products and initiatives
     
  • develop people through mentoring and performance management
     
• Proven experience building and improving product processes
   
• Solid business mindset with understanding of:
   
  • product P&L
     
  • go-to-market strategy
     
  • pricing and positioning
     
  • sales forecasting
     
• Confident working with numbers: pipeline, funnel, margins
  
   

Communication

• Strong negotiation and stakeholder management skills
   
• Ability to speak the same language with:
   
  • vendors
     
  • sales teams
     
  • technical experts
     
  • executive management
    
     
• English — Upper-Intermediate or higher (negotiations, presentations, documentation)
  
   

Nice to have

• Experience working in a distributor or VAD
   
• Exposure to regional markets (CEE, CIS, Baltics)
   
• Experience launching new vendors or products from scratch
   
• Understanding of partner ecosystem:
   
  • resellers
     
  • system integrators
     
  • MSPs
     
• Relevant certifications:
   
  • CISSP / CISM
     
  • vendor certifications
    
     

Personal qualities

• High level of ownership and accountability
• Ability to work effectively in ambiguous and changing environments
• Proactive, results-oriented mindset
• Natural authority without micromanagement
• Strong multitasking and prioritization skills
  
   

Why Softprom

• Strategic leadership role with real influence on business results
• Mature B2B environment and international vendor portfolio
• Opportunity to shape and scale cybersecurity business across regions
• Professional, experienced team
• Long-term growth and stability