Jobs Security

Our Mission and Vision

At Solidgate, our mission is clear: to empower outstanding entrepreneurs to build exceptional internet companies. We exist to fuel the builders — the ones shaping the digital economy — with the financial infrastructure they deserve. To achieve that, we’re on a bold path: to become the #1 payments orchestration platform in the world.

We believe the future of payments is shaped by people who think big, take ownership, and bring curiosity and drive to everything they do. That’s exactly the kind of teammates we want on board.
 

About the Role

Solidgate builds financial infrastructure for fast-growing internet businesses worldwide. Our platform processes millions of payments daily and operates in a highly regulated fintech environment, where security is a fundamental business requirement.

As our company scales, we are strengthening and expanding our Information Security team and are looking for an Information Security Engineer to support and develop our corporate and operational security practices.
 

The mission of this role is to reduce the risk of compromise of corporate accounts, devices, and SaaS systems by:

• maintaining compliance with international security standards
• ensuring controlled and auditable access
• strengthening security awareness across the company
• and supporting effective incident response

This role focuses on corporate security, access management, vulnerability management, and compliance, working closely with engineering, IT, and business teams to ensure Solidgate remains secure, resilient, and audit-ready at all times.
 

What You Will Own

As an Information Security Engineer, you will be responsible for corporate and operational security controls, including:

• Supporting and maintaining ISMS, PIMS, and BCMS frameworks
• Participating in external certifications and audits (PCI DSS, ISO 27001, ISO 27701, ISO 22301, GDPR, DORA)
• Managing access control processes: IAM / SSO / MFA, Joiner—Mover—Leaver processes, regular access reviews and privilege control
• Operating and tuning information security tools, including: vulnerability scanners, IAM and access control systems, anti-phishing tools and security awareness platforms
• Analyzing alerts and findings, including false positives, and driving remediation
• Maintaining and updating asset and information security risk registers
• Supporting incident response activities and post-incident analysis
• Conducting and tracking Disaster Recovery (DRP) and Business Continuity (BCP) tests, ensuring identified gaps are addressed
   

You are a great fit if you have

• 3+ years of experience in Information Security
• Knowledge of at least one security standard: ISO/IEC 27001, SOC 2, or PCI DSS
• Hands-on experience with building and operating an information security management framework, including policies, risk management, and incident response.
• Strong experience with access management (IAM): least privilege principles, RBAC / ABAC, MFA / SSO, Joiner—Mover—Leaver processes and regular access reviews
• Experience configuring and administering security tools such as: IAM solutions, vulnerability scanners, XDR / endpoint protection, anti-phishing and phishing simulation platforms
• Ability to communicate effectively with engineers, IT teams, and external auditors
   

Nice to Have

• Experience participating in or leading external security audits
• Hands-on experience with ISO 22301, ISO 27701, GDPR, or DORA
• Experience automating information security or compliance processes
• Background in security operations or security engineering within a regulated environment
   

Why Join Solidgate?

Build security that protects the business. Own and evolve corporate security controls that safeguard our people, systems, and data at scale.

Your expertise counts. Enjoy real autonomy to improve access management, compliance processes, and operational security tooling.

Room to experiment. Apply modern approaches to security operations, automation, and awareness with strong leadership support.

Impact & visibility. See the results of your work directly in successful audits, reduced risk exposure, and stronger organizational security.

Collaborative environment. Work alongside experienced security professionals, engineers, and stakeholders who value clarity, ownership, and partnership.

The Extras: 30+ days off, unlimited sick leave, free office meals, health coverage, and Apple gear to keep you productive. Courses, conferences, sports and wellness benefits — all designed for ideas, focus, and fun.

Tomorrow’s fintech needs your mindset. Come build it with us.

Our Mission and Vision

At Solidgate, our mission is clear: to empower outstanding entrepreneurs to build exceptional internet companies. We exist to fuel the builders — the ones shaping the digital economy — with the financial infrastructure they deserve. To achieve that, we’re on a bold path: to become the #1 payments orchestration platform in the world.
 

About the Role

Solidgate builds financial infrastructure for fast-growing internet businesses worldwide. Our platform processes millions of payments daily and operates in a highly regulated fintech environment, where security is a core product requirement — not an afterthought.
 

Our engineering organization builds and scales a complex cloud-native platform with over 120 microservices. As the company continues to grow, we are strengthening our security organization and introducing a dedicated Application Security Engineer role.
 

The mission of this role is to keep our business and revenue safe by building security into the way we develop software — from early design decisions to CI/CD pipelines and live production systems.
 

This is a hands-on Application Security role focused on embedding security into the software development lifecycle and reducing real product risks.
 

You will work closely with engineering teams to:

• design secure application architectures
• improve secure coding practices
• detect vulnerabilities early in the development lifecycle

• continuously improve application security as part of everyday engineering work

   

You will have a direct impact on how secure software is built across a large microservices ecosystem, influencing standards, tooling, and engineering culture.
 

Explore our technology stack ➡️ here (https://solidgate-tech.github.io/)

 

What You Will Own

As an Application Security Engineer, you will be responsible for application-level security across our fintech platform, including:
 

• Building and maintaining secure coding standards and supporting their adoptionl across development teams
• Conducting threat modeling during architecture and design stages
• Implementing and improving application security testing, including: SAST, DAST, Dependency and secrets scanning, CI/CD security checks
• Performing regular application security assessments and maturity evaluations (OWASP ASVS, OWASP SAMM)
• Managing the full vulnerability lifecycle: triage, prioritization, remediation support, and validation
• Supporting external penetration testing and Bug Bounty programs
• Identifying and mitigating security risks in cloud environments and CI/CD pipelines
   

You are a great fit if you have

• At least 2 years of experience in Application Security or Product Security
• Hands-on experience with OWASP Top 10 vulnerabilities
• Practical experience with: secure code reviews, threat modeling, SAST and DAST tools and their integration into CI/CD pipelines
• Strong understanding of web application and API security
• Ability to communicate clearly with engineers and work as a partner rather than a blocker
   

Nice to Have

• Experience with container security and cloud security tooling
• Familiarity with DevSecOps and shift-left security practices
• Experience automating application security processes
• Background as a software engineer or close collaboration with development teams
  
   

Why Join Solidgate?
 

Build security that matters. Lead initiatives that define how security is embedded into our software development lifecycle across multiple teams and products.

Your expertise counts. Enjoy real autonomy — propose, test, and implement security practices and tooling that directly improve product resilience and reduce risk.

Room to experiment. Apply modern AppSec, automation, and shift-left approaches with full support from engineering and security leadership.

Impact & visibility. See the results of your work directly in more secure products, fewer vulnerabilities, and stronger engineering practices.

Collaborative environment. Work side by side with experienced, curious engineers who treat security as a shared responsibility and value partnership over gatekeeping.

The Extras: 30+ days off, unlimited sick leave, free office meals, health coverage, and Apple gear to keep you productive. Courses, conferences, sports and wellness benefits — all designed for ideas, focus, and fun.
 

Tomorrow’s fintech needs your mindset. Come build it with us.
 

🫂 Know top talent? We’re always on the lookout. Recommend someone for our role, and if they get hired, there’s a bonus waiting for you — simple as that.

Azure Cloud & Security Engineer Remote - work from anywhere in Europe | Full-time contractor 

If your idea of a good day involves tightening conditional access policies, investigating Sentinel alerts, and automating Azure deployments before lunch - this role is for you. 

A global professional services company needs a senior engineer to own their Azure security and infrastructure. You’ll protect cloud workloads, harden identities, manage the Microsoft security stack end-to-end, and build the automation that keeps everything running. This is a security-first infrastructure role with real scope and autonomy. 

What you’ll do 

• Implement and monitor cloud security: Defender for Cloud, Sentinel SIEM, DLP, threat protection 
• Manage identity security: Entra ID, conditional access, RBAC, hybrid AD, B2C 
• Design and maintain Azure infrastructure: networking, compute, storage, microservices 
• Secure and administer M365 (Exchange, SharePoint, Teams) including migrations 
• Automate infrastructure with PowerShell, Terraform, and CI/CD pipelines 
• Manage endpoint security via Intune, Autopilot, and CrowdStrike 
• Respond to L3 security and infrastructure escalations 

Tech stack 

Azure (VMs, AKS, AVD, NSGs, Express Route, VPN) · Defender for Cloud & Endpoints · Sentinel SIEM · CrowdStrike · Entra ID & Hybrid AD · Intune & Autopilot · Microsoft 365 · PowerShell · Terraform · Azure DevOps · SQL/Cosmos DB · Windows Server · Linux 

Must have 

• 4+ years in Azure with strong security focus 
• Hands-on with Microsoft security stack (Defender, Sentinel, conditional access, DLP) 
• PowerShell automation and IaC experience 
• Hybrid identity management 
• Upper-Intermediate+ English 

Nice to have 

• Security certs (AZ-500, MS-500, SC-200) 
• Azure infrastructure certs (AZ-104) 
• DevOps tooling (Azure DevOps, GitHub Actions, Terraform modules) 
• AI-assisted security operations (Copilot for Security) 

• SIEM tuning and incident response experience

   

What we offer 

• Fully remote across Europe 
• Long-term, stable engagement - not project-based churn 
• Autonomy in a small senior team 
• Compensated on-call 

About the Role

We are looking for a highly skilled and strategic Senior DevSecOps Engineer to lead our security operations and infrastructure automation initiatives. In this role, you will bridge the gap between development, security, and operations, ensuring our on-premise environment remains secure, resilient, and efficient.
You will act as a subject matter expert, leveraging cutting-edge tools like CrowdStrike to automate threat detection and response, while maintaining robust perimeter security via Cloudflare.

Key Responsibilities
Implementation and automation of security tools in the CI/CD process (SAST, DAST, SCA).
Analysis of vulnerabilities in code, infrastructure and containers.
Development and configuration of security monitoring systems, incident response.
Monitoring and improving the security level of on-prem infrastructures.
Interaction with developers, DevOps and security teams to implement secure practices.
Active participation in the processes of IAM configuration, management of certificates, secrets and access policies.
Conducting internal security audits, participation in external (e.g. penetration) tests.

Requirements

Must-have:
Experience: 5+ years of experience in DevSecOps, Security Engineering, or a related field, with at least 2 years in a Senior role.
Tooling Expertise: Deep hands-on experience with the following specific tools:
Baremetal/on-premise infrastructure
Docker (Docker Swarm is a strong plus)
Gitlab CI 
CrowdStrike
Cloudflare
ELK.
SIEM Proficiency: Proven experience deploying and tuning SIEM solutions (e.g., Splunk, Elastic Security, Datadog, or similar).
Infrastructure: Strong background in managing on-premise infrastructure (physical servers, data centers, virtualization, networking).
Scripting: Proficiency in Python, Go, or Bash for automation and tooling.

Nice-to-have:
Experience with Kubernetes and such tools as Wiz.io and Torq.
Previous involvement in high-load, regulated, or 24/7 production environments (e.g., iGaming, FinTech, telecom or similar).

We offer
Fully remote work opportunity
Enhanced leave benefits:
20 days of paid vacation
5 paid days off
14 paid sick leaves
Company clubs & communities
Celebration gifts for personal milestones
Corporate online events, raffles & challenges
Corporate English program
Corporate yoga classes
Team-building activities
Coworking compensation
Training and development programs (internal & external).

Summary

• Senior Security Engineer - penetration testing, threat modelling, 7+ years commercial experience.
• Python. Hands-on offensive and defensive security for web applications.
• Remote/Hybrid, UK, Chechia, Spain - employment contract, Poland, Romania, Slovakia, Bulgaria, Ukraine - B2B contract.

The role

This is a senior security engineering position with a strong emphasis on penetration testing and threat modeling. You'll work across the full security lifecycle: designing secure architectures, modeling threats, researching emerging attack vectors, and validating defenses through hands-on testing.

The focus is on long-term security improvements — identifying and addressing risks before they become incidents. You'll need both the attacker's mindset to find vulnerabilities and the engineering skills to help fix them properly.

What you'll work on

• Penetration testing and security assessments against web applications and internal systems
• Leading security design reviews and threat modeling for new products and infrastructure changes
• Researching emerging threats and attack techniques, then translating findings into practical defense strategies
• Building security automations and tools, and prototypes to support testing and detection
• Collaborating with engineering teams to remediate vulnerabilities and improve secure development practices
• Contributing to security architecture decisions and standards

What we're looking for

• 7+ years in security engineering with substantial experience in both offensive and defensive work
• Proven, hands-on web applications penetration testing experience
• Strong programming skills, preferably Python, with experience building security tools or automation
• Deep expertise in at least one core security domain: cryptography, authentication/authorisation, secure architecture, or network security
• Clear understanding of attack vectors and methods, and how to anticipate them
• Good communication skills in English

Useful additions

• Experience securing serverless architectures or AI/ML platforms
• Background in cloud-native security (AWS, GCP, Kubernetes)
• DevSecOps experience- integrating security into CI/CD pipelines
• Relevant certifications (OSCP, OSCE, CISSP, or similar)

Domain: SaaS
Project: AI strategy product
Client: Germany
Location: Remote (attending events once a quarter across the EU)
Time Zone: CET
Contract: B2B
 

About US
DevKit is more than just an IT company - we are a team of passionate professionals dedicated to creating cutting-edge solutions. Our employees work on exciting international startups, collaborating with highly skilled teams from around the world. With expertise in software development, design, and engineering, we help bring innovative ideas to life and drive success on a global scale!
Our mission is to connect exciting projects with top-tier professionals. We are committed to creating a dynamic space where innovation thrives, top talent excels, and global teams unite to develop cutting-edge solutions.

About PROJECT
The company is a trailblazing AI-powered SaaS platform, reshaping the landscape of procurement from a tactical function to a strategic business ally that orchestrates seamless value chains. The state-of-the-art solution empowers organizations to independently develop procurement strategies with a flexible framework adaptable to their specific needs and contexts.

Redefining traditional category management, the company’s all-encompassing solution takes it to new heights by harnessing the capabilities of AI, fostering extensive collaboration, and integrating data from diverse sources beyond conventional category taxonomy. At the product, they are driven by a purpose-centered ethos, dedicated to tackling ESG-related challenges, positioning procurement as a catalyst for positive change rather than merely a cost-cutting entity.

The multitude of prestigious awards and recognitions speaks to their leadership in the AI-driven procurement technology landscape, showcasing our unwavering commitment to innovation and excellence.

Main Tech Stack
IT Security, SecOps, CI/CD, cyber-security, etc

Requirements

• 2+ years of experience in information security, cybersecurity, IT security, DevSecOps, cloud security, or a related field
• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field
• Good understanding of core security principles such as Ethical hacking, secure configuration, vulnerability management, and compliance
• Solid knowledge of one or more of the following: Application/cloud security; Infrastructure or platform security; Security operations
• At least good theoretical knowledge in emerging areas such as AI security, API security, etc
• Familiarity with modern development environments and engineering workflows
• Ability to understand technical issues, investigate problems, and communicate clearly with both technical and non-technical stakeholders
• Willingness to learn quickly, take ownership, and work in a collaborative environment
• A practical mindset: able to balance security, usability, and business needs

• Good English skills

   

Responsibilities

• Support the implementation and improvement of security controls across our cloud and SaaS environment
• Help identify, assess, and track security risks, vulnerabilities, and remediation actions
• Contribute to application, infrastructure, and cloud security reviews
• Assist with security testing activities such as vulnerability validation, configuration reviews, and basic threat analysis
• Help maintain security documentation, standards, and internal procedures
• Support compliance and audit-related activities by gathering evidence and helping track security requirements
• Partner with cross-functional teams to raise security awareness and encourage security-by-design thinking

• Continuously learn, improve, and contribute ideas to strengthen the overall security program

   

Would be a plus

• Exposure to AI SaaS, cloud-native, or modern web application environments
• Familiarity with security tooling such as penetration testing tools, cloud security tools, or CI/CD security checks
• Understanding of secure software development lifecycle concepts
• Exposure to compliance or security frameworks
• Scripting or automation skills in Python, Bash, or similar

• Relevant certifications such as CompTIA Security+, CEH, ISC2 CC/SSCP, Cloud security certifications, or ISO 27001-related certifications are an advantage.

   

Work conditions

• A long-term role in a stable, fast-growing company
• Flexible working hours with a results-oriented approach
• Competitive salary and benefits package (vacation, sick leave, national holidays)
• Comfortable workspace, corporate events, and team-building

• Continuous learning, professional growth, and skill development

   

If you're looking for a place to grow, innovate, and make an impact, we'd love to have you on board!

Come build something true with us.

We’re True Sea Moss, a fast-growing wellness brand built on the healing powers of one of nature’s oldest superfoods, sea moss.

No powdered promises. No pretty lies. Our products move through a complex global supply chain — and behind that flow sits structure, discipline, and crystal-clear organization.

As we scale across marketplaces, systems, marketing platforms, data warehouses, and internal tools, security is no longer optional — it’s foundational.

We’re looking for a Cybersecurity Specialist — someone exceptionally structured, risk-aware, and confident owning company-wide security, access control, and infrastructure protection end-to-end.

Now — who are we looking for?

You’re the person who sees vulnerabilities before others even notice them.

You think in permissions, identity management, audit logs, and prevention frameworks. You don’t just react to incidents — you design systems that minimize the chance of them happening.

You’re calm under pressure, precise in execution, and serious about protecting company data, systems, and people.

What You’ll Be Doing

• Own company-wide access management (Google Workspace, Slack, AWS, Shopify, BI tools, internal systems, etc.)
• Create, modify, and revoke user access based on role and security policies
• Implement role-based access control (RBAC) and least-privilege principles
• Maintain secure credential and password management systems
• Implement and enforce multi-factor authentication (MFA) across all platforms
• Secure cloud environments and monitor infrastructure permissions
• Monitor logs, detect suspicious activity, and define response protocols
• Build and maintain internal security policies and documentation
• Conduct periodic security audits and vulnerability assessments
• Develop backup and disaster recovery strategies
• Lead incident response processes when needed
• Educate the team on security awareness and best practices

What You Bring

• Proven experience in cybersecurity or information security
• Strong understanding of identity & access management (IAM) principles
• Experience securing cloud environments (AWS preferred)
• Knowledge of endpoint protection and monitoring tools
• Understanding of encryption, authentication, and network security fundamentals
• Experience implementing MFA and access governance frameworks
• Ability to create clear security policies and enforce standards
• Strong sense of ownership and discretion when handling sensitive data
• English level B2+
• Comfortable working remotely

Nice-to-Haves

• Experience working with fast-growing e-commerce or digital-first companies
• Experience preparing companies for compliance audits
• Background in cloud infrastructure security automation

Why Work With Us

• A role with real responsibility and ownership from day one
• Direct impact on how safely and confidently we scale
• High trust and autonomy
• Opportunity to build security systems from the ground up
• A team that values structure, clarity, and calm execution

Here’s How We Back Our Words with Care

• Welcome Pack and custom TrueSeaMoss merch to make sure you arrive like you were always meant to be here
• Sports reimbursement to support your physical and mental health
• Additional vacation days beyond standard holidays
• Coaching & career consultations to support your personal and professional growth
• Access to corporate English lessons to sharpen your communication skills
• WHOOP membership to help you track your health, sleep, and recovery
• Coworking membership if you prefer a hybrid work lifestyle
• Sabbatical options after long-term contributions
• Travel grants to support work-related or wanderlust trips — we believe in leaving to come back better
• Project grants for side ideas, personal initiatives, or creative experiments

So — does this sound like you?

If you’re serious about protecting systems, building secure foundations, and owning cybersecurity end-to-end — we’d love to meet you.

Description
As a Middle Anti-Fraud Specialist at an Electronic Money Institution (EMI), you will be responsible for detecting, investigating, and preventing fraudulent activities across digital financial services. This role involves monitoring transactional data, analysing suspicious behaviour, and working cross-functionally with compliance, risk, and tech teams to enhance fraud detection and mitigation systems. You will contribute to ensuring the safety and integrity of the company’s financial ecosystem while maintaining a balance between customer experience and fraud risk.

Requirements

• 1 year of experience in fraud prevention or detection, preferably in fintech, EMI, or banking
• Strong knowledge of financial fraud typologies including identity theft, account takeover, social engineering, phishing, and synthetic identities
• Familiarity with AML (Anti-Money Laundering) practices and regulatory frameworks
• Proficiency in working with fraud detection systems, case management tools, and transaction monitoring platforms
• Good analytical and critical thinking skills with the ability to assess patterns, data anomalies, and fraud indicators
• Strong communication skills for preparing reports and communicating with internal teams or external partners

Responsibilities

• Monitor transactions and user behaviour for signs of fraud using internal tools and third-party systems
• Investigate suspicious cases thoroughly, gather evidence, and recommend appropriate actions such as blocking transactions, freezing accounts, or escalating to senior staff
• Maintain and update internal fraud rules, thresholds, and alert systems in collaboration with the Risk and IT teams
• Analyse fraud trends and propose process improvements or system enhancements to reduce future risk
• Support customer support teams in resolving fraud-related inquiries and disputes
• Prepare regular and ad-hoc reports on fraud incidents, and trends for internal stakeholders

Nice to have

• Experience working in an EMI or payment service provider regulated in the EU or UK
• Familiarity with fraud detection platforms like SEON, Actimize, Sift, or similar
• Certification in fraud examination
• Experience with SQL, Python, or data visualization tools (e.g., Power BI, Tableau) for fraud data analysis
• Knowledge of card fraud mechanisms (3DS, chargebacks, BIN attacks) and tools used in card transaction monitoring
• Ability to handle incident response and support in case of major fraud events or system breaches

Security isn’t a state — it’s a process. And we’re looking for someone who knows how to drive it.

Softsich is a young and ambitious international product tech company that develops scalable B2B digital platforms. We combine strategic vision with deep tech expertise to build and scale high-performance products. Right now, we’re looking for a Security Engineer to strengthen our internal infrastructure and help automate key security workflows.

Your key responsibilities will include:
 – Monitor and analyze security alerts across multiple security platforms (SIEM, EDR, SOAR)
 – Lead Incident Response -  serve as primary responder to security alerts, perform initial triage, conduct investigations, and coordinate remediation
 – Enhance Detection Capabilities - design, implement, and fine-tune detection rules and alerts across cloud environments
 – Conduct endpoint, network, and application log analysis to identify suspicious activity
 – Collaborate with IT, DevOps, and Compliance teams to enforce security standards and best practices
 – Assist in improving incident response processes, playbooks, and operational practices
 – Stay informed about emerging cybersecurity threats, trends, and industry developments
 – Deploy and manage MDM/UEM solutions (Jamf, Jumpcloud) across all endpoints
 – Advocate for best practices in IT and change management to strengthen security posture
 – Define and enforce security policies for workstations (passwords, encryption, restrictions, app controls)
 – Perform regular audits and compliance checks aligned with corporate standards
 – Monitor device health and security compliance, respond to related alerts
 – Coordinate patching and updates on endpoints through MDM
 – Conduct inventory and asset tracking, including remote wipe and lock management
 – Provide endpoint security reporting and metrics to IT leadership and compliance
 – Collaborate with incident response teams on mobile endpoint incidents

It’s a match if you have:
 – 3+ years in IT Operations, System Administration, or related roles
 – Experience in security threat analysis or incident response, ideally within a SOC
 – Proven experience responding to and managing incidents in cloud environments (AWS, Azure, GCP) and SaaS services (Google Workspace, Atlassian)
 – Proficiency with SIEM platforms, including rule creation, tuning, and maintenance
 – Strong knowledge of cloud security monitoring tools and techniques
 – Understanding of network infrastructure
 – Experience analyzing endpoint, network, and application logs for anomalies
 – Practical understanding of common attack vectors and how to detect them
 – Experience with security automation and scripting for incident response workflows
 – Understanding of IT system architecture, network design, and IT/change management processes
 – Experience with virtualization technologies
 – Familiarity with identity management
 – Proficiency in platforms used for information security investigations and triage

Nice to have:
 – Experience with cloud-native security tools and services
 – Familiarity with scripting or automation (PowerShell, Bash, Python)
 – Experience with endpoint detection solutions and email security technologies
 – Knowledge of IT security audit techniques

What we offer:
 – A competitive salary
 – Remote work format or a modern office in Warsaw and/or Kyiv
 – Flexible working hours
 – An incredibly friendly team where everyone is ready to share knowledge, help, and support
 – 24 working days of paid annual vacation
 – Paid sick leave
 – Health insurance (available for specialists based in Ukraine; other countries — in progress)
 – Zero joules of energy to the aggressor state, its affiliated businesses, or partners
 – Conference and business travel expenses covered (where applicable)
 – Birthday greetings (because you matter!)
 – Online and offline teambuilding events
 – Corporate celebrations

Send over your CV now — we’d love to get to know you better!

We are looking for a senior Security & Risk Manager to take ownership of our company’s security, risk, and compliance domains.

This role goes beyond traditional security — you will be responsible for protecting financial operations, preventing fraud, managing partner risk, and building a strong security culture across the company.

What You’ll Do

• Build and drive a company-wide security and risk culture through training and awareness
• Develop and maintain security, risk, and compliance policies (IT security, data protection, internal controls)
• Strengthen and monitor access control, logging, and overall security practices
• Conduct financial and operational audits to detect fraud, conflicts of interest, and misuse
• Lead fraud prevention and transaction monitoring initiatives
• Manage partner due diligence processes, including KYC/AML and source-of-funds verification
• Identify and mitigate risks related to employees, partners, and internal tools
• Ensure access management follows the Least Privilege principle
• Prepare clear risk and security reports for leadership

What We’re Looking For

• Proven experience in security, risk management, compliance, anti-fraud, or fintech environments
• Strong understanding of internal controls, fraud detection, and transaction monitoring
• Hands-on experience with KYC/AML and partner due diligence
• Solid knowledge of security fundamentals (access control, logging, data protection)
• High level of ownership, integrity, and attention to detail
• Ability to work cross-functionally with technical and business teams
• Upper-intermediate+ English

Nice to Have

• Experience in fintech, payments, or crypto projects
• Experience building risk/security processes from scratch

What We Offer

• Fully remote work with flexible hours
• Unlimited paid vacation & sick leave
• Competitive compensation based on your experience
• Learning budget (50% reimbursement)
• Wellness support (sports, fitness, etc.)
• Referral bonuses & recognition perks
• Transparent and respectful culture
• Co-working compensation

RubyPlay is a place where passion meets competence. Since 2017, we’ve made more than 200 innovative games and built more than 100 strong partnerships globally!

Proud to be:

• The Winner at BFTH Arena Awards — Best Online Casino Game
• Shortlisted for SBC Awards 2024 — Casino/Slots Developer of the Year
• A strong player on 10+ markets globally
• Beloved workplace for hundreds of specialists from 34 countries

We are now growing our team and looking for driven professionals ready to build their careers in a strong, international studio with a product that’s making waves worldwide.

We are seeking a talented and experienced Security Engineer to join our growing team. 
As a Security Engineer, you will play a critical role in ensuring the security and integrity of our platform, as well as implementing and maintaining robust security measures to safeguard our systems and data.

Here’s How You’ll Make an Impact:

• Design, implement, and maintain security systems and solutions to protect our platform from different types of threats, exploits and attacks
• Conduct regular security assessments and penetration tests to identify vulnerabilities and weaknesses in our systems, and develop and implement remediation plans
• Monitor and analyze security logs and alerts to identify suspicious activities and security incidents
• Collaborate with various teams, including development, devops, operations and product management to integrate security best practices into the software development lifecycle and ensure that security is considered at every stage of the development process
• Stay up-to-date with the latest security threats, vulnerabilities, and industry best practices, and proactively recommend and implement security improvements and enhancements
• Provide security guidance and support to internal teams and external partners, and assist with security-related inquiries and incidents
• Build up policies and procedures in line with industry standards (including ISO27001, ISMS) and support our compliance team in the various audit processes required for the company’s compliance with a multitude of  regulated markets we operate in

What Makes You A Strong Candidate:

• Bachelor's degree in Computer Science, Information Technology, or a related field
• Solid understanding of information security principles and concepts with a focus on cloud security and DevSecOps practices
• Proven experience in building and executing security testing including penetration testing, vulnerability scanning, ethical hacking on systems running on GCP/AWS/Azure and VMWare
• ISO27001- Lead Implementer Certification
• Hands-on experience with security tools and technologies, including SIEM systems, endpoint security solutions, and encryption technologies
• Very good English level, with the ability to write official security documentation, processes and procedures
• Strong analytical and problem-solving skills, with the ability to analyze complex systems and identify security vulnerabilities and weaknesses
• Excellent communication and interpersonal skills, with the ability to effectively communicate technical concepts to both technical and non-technical audiences
• Relevant industry certifications, such as CISSP (Certified Information Systems Security Professional), CCSP (Certified Cloud Security Professional) and CEH (Certified Ethical Hacker) are a plus

Why You’ll Love It Here:

• Remote-first flexibility — Work from anywhere with a setup for deep focus and work-life balance
• Learning & growth — Development budgets and dedicated days to upskill and explore new areas
• Health & wellness — Medical coverage and well-being budgets to help you feel balanced, strong, and supported
• Yearly bonus — Rewards based on company success and your impact
• Career growth — Vertical and horizontal opportunities to grow and advance
• Global team — Talented, diverse colleagues you’ll enjoy working with

Interested in becoming a RubyPlayer and making a mark in the iGaming world? Join us!

We are looking for an endpoint/workstation support engineer to support multiple mixed MacOS/Windows/Lin remote working environments. You should maintain a high level of user satisfaction, as well as properly document your work.

Your primary tasks will include:

* Enduser remote support for agents installation

* AV alerts investigation

* Ensuring security compliance policies are in place (e.g. full disk encryption, firewall)

* Implementing updates on agent installation packages whenever new version arrives

* Testing of Windows/Win/Lin endpoint agent updates

The candidate should have a proof records of successful projects in the following areas:

* support of AV/EDR/VPN and other security agents on multiple platforms

* Intune MDM

* Apple Business Manager

* Windows, MacOS and Linux endpoint support

* Basic Unix shell and Powershell scripting

* MS Graph API and other REST API basic experience

* Windows and MacOS troubleshooting with the aid of Sysinternals tools and different set of MacOS tools (netstat, lsof, vmstat, top, dtruss, etc.)

* Fluent English

* Teamwork and problem solving mind

* Compliance framework basic awareness (ISO27001/PCI-DSS/HIPAA etc.)

* ITIL and IT service basic awareness and ability to write end-user documentation/procedures/instructions

A big plus if have all or any of the following:

* Microsoft Intune certification or other Microsoft Security/Endpoint certificationi

* Any AV vendor certification

* Any security related certification (e.g. ISO27001LA, CISSP, CISA)

N-iX is looking for skilled Senior/Lead Active Directory Engineer to join our team! Our customer is the European online car market with over 30 million monthly users, with a market presence in 18 countries. As a Lead Active Directory Engineer, you will play a pivotal role in shaping the future of online car markets and enhancing the user experience for millions of car buyers and sellers. We require a Lead Engineer to assess, clean up, and harden multiple inherited single-forest, single-domain Active Directory environments. These environments require standardization, security hardening, and alignment with current best practices. The focus will be on improving AD structure, security posture, Group Policy hygiene, and operational consistency, while also evaluating long-term viability and integration with enterprise IAM platforms. This is a hands-on senior role requiring deep expertise in Active Directory architecture, security, identity integration, and remediation of legacy configurations, including alignment with industry audit and compliance standards (e.g., PCI DSS).

Requirements:

• EDT Timezone work hours
• Extensive hands-on experience (typically 7+ years) with Active Directory engineering and administration.
• Proven experience performing AD clean-up, consolidation, or post-transition integration work.
• Strong expertise in: Active Directory (single-domain environments at scale), Group Policy design, cleanup, and optimization, OU design and delegation models.
• Demonstrated experience with: AD security hardening (tiered admin model, least privilege, attack surface reduction), identifying and remediating, stale objects (users, computers, groups), legacy permissions and misconfigurations, GPO sprawl and conflicts.
• Experience integrating Active Directory with IAM/IdP platforms, including: Azure AD / Entra ID - must have, Okta - nice to have, etc, SSO, federation, and identity synchronization (e.g., AAD Connect or equivalent), role-based access control (RBAC) and identity lifecycle management.
• Experience working within regulated or audited environments, including: PCI DSS (or similar frameworks such as ISO 27001, NIST).
• Implementing controls related to identity, access management, and auditability.
• Strong knowledge of: Authentication protocols (Kerberos, NTLM, SAML/OIDC basics), DNS (AD-integrated), replication, and site topology.
• Experience with tools such as: ADUC, ADSIEdit, Group Policy Management Console, PowerShell (AD module - must have) for bulk changes and reporting.
• Experience in auditing and improving: privileged access (Domain Admins, Enterprise Admins), service accounts and delegation.
• At least upper-intermediate English level.

 Responsibilities:

• Perform a comprehensive assessment of current AD environments.
• Identify and remediate: inactive/stale objects, legacy groups and excessive permissions, GPO duplication, conflicts, and inefficiencies.
• Redesign and implement: OU structure and delegation model, Group Policy strategy aligned to best practices.
• Implement security hardening measures, including: privileged access model (e.g., tiering), reduction of attack surface and legacy protocols.
• Alignment with audit/compliance requirements (e.g., PCI DSS controls).
• Integrate AD environments with enterprise IAM platforms, including: identity synchronization and federation, access model alignment (RBAC / least privilege), SSO enablement and identity lifecycle processes.
• Review and optimize: AD Sites and Services (replication topology), DNS configuration and health.
• Develop and execute cleanup and remediation plans with minimal disruption.
• Automate tasks and reporting using PowerShell.
• Produce clear documentation and operational standards, including audit-ready configurations.

Nice-to-Have Certifications:

• Microsoft Certified: Windows Server Hybrid Administrator Associate
• Microsoft Certified: Identity and Access Administrator Associate (SC-300)
• Microsoft Certified: Azure Solutions Architect Expert
• MCSA / MCSE (legacy but relevant)
• Security certifications (e.g., CISSP, Security+, CISM)
• Okta Certified Professional / Administrator (or similar IAM certifications)

QIT Software is looking for a scrappy, security-focused Infrastructure Engineer to join a fast-growing AI video platform. You'll be responsible for "Security by Design" across the core platform - ensuring AWS-based infrastructure, Kubernetes clusters, and data stores are resilient against evolving threats while maintaining the high performance required for real-time AI video generation at scale.

Details:
- Schedule: Full-time, remote
- Client: USA
- Duration: long-term
- Tech stack: Python, AWS, Kubernetes, Terraform or equivalent IaC tooling, etc.
- Timezone: 8 hours through PST

Requirements

- 3+ years of professional experience in infrastructure security, SRE, or DevOps
- Hands-on experience securing AWS services and managing containerized workloads in Kubernetes (EKS)
- Proficiency in Python for automation and tool development
- Strong experience with Terraform or equivalent IaC tooling
- Working knowledge of CI/CD pipeline security, container image scanning, and supply chain integrity
- Experience with monitoring and alerting tools (Prometheus, ELK Stack, Datadog, Grafana, or AWS CloudWatch)
- Strong written communication -- you'll need to document runbooks, findings, and remediation plans clearly
- Ability to thrive in a fast-paced, high-autonomy environment where priorities shift rapidly
- Business-level English (written and spoken)

Responsibilities

- Design and implement security controls across AWS cloud infrastructure (VPCs, IAM, Security Groups) and Kubernetes (EKS) environments. Enforce least-privilege access, network segmentation, and runtime security policies
- Own the end-to-end vulnerability management lifecycle -- scanning, prioritization, remediation, and verification. Upgrade dependencies across services and build automation to keep them current
- Embed security into the development lifecycle -- container image scanning, software composition analysis (SCA), and automated security gates in CI/CD pipelines. Ensure third-party dependencies and base images meet security standards before reaching production
- Use Terraform or equivalent IaC tooling to provision and manage infrastructure with security checks automated directly in the deployment pipeline. Reduce manual toil through scripting and tooling in Python
- Build and maintain detection rules, alerting pipelines, and monitoring dashboards for real-time visibility across infrastructure. Lead technical response to security incidents with root cause analysis, remediation, and documented runbooks
- Secure data pipelines handling user-uploaded media, AI model assets, and generated content -- access controls, encryption at rest/in transit, backup integrity, and audit logging
- Support and advance SOC 2, ISO 27001, and GDPR commitments by automating evidence collection, maintaining security policies, and preparing for audits
- Define and test backup and recovery procedures ensuring the platform meets defined RTO/RPO targets. Contribute to business continuity planning with a focus on security implications during failure and restoration scenarios--

Work conditions

- The ability to work remotely from anywhere in the world;
- Flexible work schedule, no micromanagement, no strict deadlines and free overtime work;
- Work in European and American products with a modern technology stack in different industries (Finance, Technology, Health, Construction, Media, etc.);
- Revision of wages every year or on an individual basis;
- Accounting support and full payment of taxes by the company;
- 100% compensation for remote English lessons;
- 15 paid leaves (PTO) and public holidays.

RedCore is an international business group that creates technological solutions for digital markets. Our products and services cover fintech, marketing, e-commerce, customer service, communications and regulatory technologies. 

We are looking for a Security Officer to join our team!

Requirements:

- Higher education in Law or Economics;

- At least 3 years of experience in HR/internal and economic security within private enterprises;

- Proven experience in background checks of individuals and legal entities;

- Previous experience in law enforcement is a strong advantage;

- Knowledge of security systems and protocols;

- Experience collaborating with polygraph specialists;

- Strong experience working with databases;

- Proficient PC user;

- Ukrainian or Russian language C1 and above;

- Fluent English, including spoken communication;

- Willingness to travel abroad to ensure security at exhibitions and conferences.

Responsibilities:

- Conduct regular risk assessments to identify vulnerabilities and threats affecting the holding’s assets;

- Respond promptly to security-related incidents, including investigation and corrective measures;

- Prepare security status reports, analyze incidents, and develop recommendations for improvement;

- Collaborate with other departments to integrate security considerations into business processes;

- Ensure protection of personal data (GDPR compliance) and trade secrets;

- Conduct background checks during recruitment and support exit processes;

- Organize security measures during corporate events, exhibitions, and conferences.

Benefits:
☘️An exciting and challenging job in a fast-growing product company, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and other;

🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed;

📍Beautiful offices in Warsaw, Limassol work remotely or on-site with comfort and enjoy the opportunity to build a network of connections with professionals day by day;

🧑🏻‍💻Laptop & all necessary equipment for work according to the ecosystem standards;

🏖Paid vacations, personal events days, days off;

🫖Paid sick leave;

👨🏻‍⚕️Medical insurance;

💵Referral program enjoy cooperation with your colleagues and get the bonus;

📚Educational support by our L&D team: internal and external trainings and conferences, courses on Udemy;

🗣Free internal English courses;

🧘Sport benefit;

🦄Multiple internal activities: online platform for employees with quests, gamification and presents for collecting bonuses, RedCore talks club for movie and book lovers, board games cozy evenings, special office days dedicated to holidays;

🎳Company events, team buildings.