Jobs Security

We are looking for a Senior Security Specialist to lead and support cybersecurity and compliance initiatives across our cloud environments. This role will be responsible for managing security compliance processes, assessing regulatory and customer-specific requirements in new countries and markets, and ensuring the organization maintains strong security posture aligned with standards such as SOC 2, ISO 27001, and GDPR.

Innovecs is a global digital transformation tech company with a presence in the US, the UK, the EU, Israel, Australia, and Ukraine. Specializing in software solutions, the Innovecs team has experience in Supply Chain, Healthtech, Software & Hightech, and Gaming.
For the fifth year in a row, Innovecs is included in the Inc. 5000 and recognized in IAOP’s ranking of the best global outsourcing service providers. Innovecs is featured in the Global Top 100 Inspiring Workplaces Ranking and won gold at the Employer Brand Management Awards.

Our value to you: 

• Flexible hours and remote-first mode
• Competitive compensation
• Complete Hardware/Software setup – anything you need for work
• Open-door culture, transparent communication, and top management at a handshake distance
• Health insurance, vacation, sick leaves, holidays, paid maternity/paternity leave
• Access to our learning & development center: workshops, webinars, training platform, and edutainment events
• Virtual team buildings and social activities 
          

If you feel like you’re the perfect match for this role, drop us your CV! 

There are no limitations, no barriers when the right people are on your way — apply for the vacancy and succeed with us!

Innovecs is an equal opportunity employer. All hiring decisions are based on professional qualifications, skills, and experience. We are committed to a transparent, merit-based recruitment process that prevents discrimination and ensures equal opportunities for all candidates. Reasonable accommodations are available upon request throughout the recruitment process to support accessibility and inclusion.

Requirements

• 5+ years of experience in information security, cybersecurity, security compliance, or governance/risk/compliance roles.
• Strong practical knowledge of cloud security principles in AWS, Azure, or GCP environments.
• Proven experience working with security compliance frameworks, especially SOC 2, ISO 27001, GDPR
• Hands-on experience with Vanta or a similar compliance automation / GRC platform.
• Experience assessing and implementing compliance requirements for clients in different countries or regulatory environments.
• Strong understanding of security controls, risk management, audit processes, evidence collection, policy and procedure development.
• Ability to interpret customer and regulatory requirements and translate them into practical security/compliance actions.
• Experience working cross-functionally with technical and non-technical stakeholders.
• Strong communication skills, including the ability to engage with clients, auditors, and internal teams.
• Analytical mindset with strong problem-solving and process design skills.

• Ability to work independently and take ownership of security/compliance initiatives.

   

Responsibilities

• Own and improve the organization’s security and compliance processes across the Azure cloud environment.
• Manage and coordinate compliance activities related to SOC 2, ISO 27001, GDPR, and other relevant regulatory or customer-driven frameworks.
• Assess regulatory, privacy, and security requirements when engaging clients from new countries/regions, and translate those requirements into internal controls, policies, and implementation steps.
• Partner with Engineering, DevOps, IT, Legal, HR, and leadership teams to implement and maintain scalable compliance and security processes.
• Support client security reviews, due diligence requests, and security questionnaires with accurate documentation and evidence.

Responsibilities:

• Conduct regular analysis of affiliate traffic to identify fraud across CPA, Hybrid, RevShare, and Fixed models using both internal and third-party analytics tools.
• Analyze user behavior (FTD, retention, unusual patterns) to detect suspicious or incentivized traffic schemes.
• Prepare and update affiliate offer terms and Insertion Orders (IO) with clear anti-fraud conditions.
• Perform pre-checks of new affiliates and deal terms before campaign activation.
• Approve or reject affiliate payouts based on traffic quality evaluation (final compliance check before payment execution).
• Collaborate with affiliate managers to explain payout rejections and clarify reasons for non-payment.
• Suggest improvements to anti-fraud processes and contribute to the development of internal fraud prevention policies.
  
   

Requirements:

• Minimum 1 year of experience in iGaming or Betting as an Affiliate Analyst, Traffic Analyst, or Anti-Fraud Specialist.
• Solid understanding of CPA, Hybrid, and RevShare models and the fraud risks associated with each.
• Proficiency in traffic analysis using tools like Google Sheets and Power BI (user-level).
• Knowledge of common fraudulent patterns such as multi-accounting, bonus abuse, incentivized traffic, and geolocation manipulation.
• Experience in drafting clear and contract-compliant IO (Insertion Order) terms for affiliates.
• Strong attention to detail, high level of accountability, and ability to work with large datasets effectively.
• English B1
  
   

Hard Skills:

• Experience working with affiliate tracking platforms
• Knowledge of CPA, Hybrid, and RevShare models, including payout logic and traffic evaluation
• Proficient in Excel / Google Sheets: formulas, pivot tables, data filtering
• Basic experience with BI tools such as Power BI, Tableau, Looker (a plus)
• Understanding of tracking mechanics: link structure, SubID, S2S postbacks, tracking pixels
• Familiarity with common types of affiliate fraud: incentivized traffic, multi-accounting, bonus abuse, cloaking, proxy/VPN usage
• Experience drafting and reviewing Insertion Order (IO) terms and affiliate agreements
• Ability to analyze traffic anomalies using key metrics such as CR, EPC, Retention, LTV, and ROI
  
   

Soft Skills:

• Strong attention to detail
• Analytical and critical thinking skills
• Ability to clearly argue decisions, including payout rejections
• Flexible and diplomatic communication style
• High sense of responsibility and reliability when handling data and deadlines
• Comfortable working in cross-functional teams (finance, affiliate, legal)
• High ethical standards and respect for confidentiality
• Proactive mindset with a drive to identify issues and suggest improvements
  
   

What do we offer?

1. Remote work.
2. Flexible working hours.
3. Competitive salary paid on time.
4. Friendly and proactive team.
5. No bureaucracy, unnecessary reports, or calls.
6. 20 days of paid leave, 5 sick leave and holidays are days off.

Description
As a Middle Anti-Fraud Specialist at an Electronic Money Institution (EMI), you will be responsible for detecting, investigating, and preventing fraudulent activities across digital financial services. This role involves monitoring transactional data, analysing suspicious behaviour, and working cross-functionally with compliance, risk, and tech teams to enhance fraud detection and mitigation systems. You will contribute to ensuring the safety and integrity of the company’s financial ecosystem while maintaining a balance between customer experience and fraud risk.

Requirements

• 1 year of experience in fraud prevention or detection, preferably in fintech, EMI, or banking
• Strong knowledge of financial fraud typologies including identity theft, account takeover, social engineering, phishing, and synthetic identities
• Familiarity with AML (Anti-Money Laundering) practices and regulatory frameworks
• Proficiency in working with fraud detection systems, case management tools, and transaction monitoring platforms
• Good analytical and critical thinking skills with the ability to assess patterns, data anomalies, and fraud indicators
• Strong communication skills for preparing reports and communicating with internal teams or external partners

Responsibilities

• Monitor transactions and user behaviour for signs of fraud using internal tools and third-party systems
• Investigate suspicious cases thoroughly, gather evidence, and recommend appropriate actions such as blocking transactions, freezing accounts, or escalating to senior staff
• Maintain and update internal fraud rules, thresholds, and alert systems in collaboration with the Risk and IT teams
• Analyse fraud trends and propose process improvements or system enhancements to reduce future risk
• Support customer support teams in resolving fraud-related inquiries and disputes
• Prepare regular and ad-hoc reports on fraud incidents, and trends for internal stakeholders

Nice to have

• Experience working in an EMI or payment service provider regulated in the EU or UK
• Familiarity with fraud detection platforms like SEON, Actimize, Sift, or similar
• Certification in fraud examination
• Experience with SQL, Python, or data visualization tools (e.g., Power BI, Tableau) for fraud data analysis
• Knowledge of card fraud mechanisms (3DS, chargebacks, BIN attacks) and tools used in card transaction monitoring
• Ability to handle incident response and support in case of major fraud events or system breaches

We are looking for an IT Security Analyst with hands-on experience working with IT infrastructure and understanding cybersecurity compliance requirements.

The primary objective of the role is to conduct technical audits of security systems, infrastructure and processes, verify compliance with standards requirements and help departments implement secure practices. 
 

Main responsibilities:
 

• Conducting technical audits of IT infrastructure (servers, network, cloud services, access systems);
• Checking compliance with standards and regulatory requirements: ISO 27001,PCI DSS, NIST, internal security policies;
• Analysis of system configurations (Windows/Linux, network devices, IAM);
• Verification of: logging and monitoring, access management, network segmentation, backup, vulnerability management;
• Assessing the security architecture of IT systems;
• Preparing technical audit reports and recommendations;
• Interacting with IT teams to address identified risks;
• Participating in the implementation of security processes.
   

Main requirements:
 

• 4+ years in IT administration;
• 1–2 years in cybersecurity;
• Experience working in a company with formal security compliance requirements.
   

Technical knowledge:

• Windows Server / Linux, VMware;
• Networking (TCP/IP, VLAN, VPN, firewall);
• Active Directory / IAM;
• Logging and SIEM;
• Cloud infrastructure (AWS / Azure / GCP would be a plus);
• Basic knowledge of DevOps / containers would be a plus.
   

Security knowledge:

• System hardening;
• Access management;
• Vulnerability management;
• Security monitoring;
• Network security.
   

Standards:

• ISO 27001;
• PCI DSS;
• NIST.
   

Would be a big plus:
 

• Experience in technical audits;
• Work in a SOC;
• Experience in pentests or vulnerability scanning;
• Certifications: CISSP, CISA, CEH, ISO 27001.
   

What we offer:
 

• Having the capability to create something new and witness your own input;
• You can find confidence in the future here, but rest assured it won’t be dull;
• Join a dynamic and expanding community. Our company is experiencing growth and expanding into Europe. Currently, we have offices in Kyiv, and Warsaw and plan to open additional locations in other countries;
• Join our experienced team that values professional development and embraces new opportunities.
   

Cyber Harbor is a fast-growing Ukraine-based company founded by engineers and researchers who helped defend critical cyber infrastructure during the war. Our work is shaped by real-world experience, and we build AI-powered systems designed for complex, high-stakes environments.

We are currently looking for a Cybersecurity Engineer who will help us design, implement, and maintain the security foundations of our data processing platforms and the infrastructure around them. This role combines practical security engineering with hands-on research and testing. You will help define internal security standards, protect critical infrastructure, and proactively identify weaknesses in our systems before they can be exploited.

We build complex AI systems that operate on large datasets in sensitive environments. Because of that, security is not just a compliance requirement for us - it is a core engineering discipline.

What You Will Do

• Design and implement cybersecurity policies and internal security standards.
• Help maintain visibility and control over company devices, servers, and infrastructure assets.
• Build and improve systems that help prevent data leaks and unauthorized access.
• Perform internal security assessments of our products, infrastructure, and services.
• Conduct regular internal penetration testing and security audits.
• Use tools such as Nmap, Nuclei, Metasploit, and other scanning frameworks to identify vulnerabilities.
• Investigate potential attack surfaces across APIs, web applications, internal services, and infrastructure.
• Work closely with engineering teams to identify and address security issues early in the development process.
• Help implement monitoring, logging, and detection mechanisms for suspicious activity.
• Document findings, propose mitigation strategies, and support teams in implementing fixes.

What You Need to Join Us

• Strong practical understanding of cybersecurity principles and modern attack vectors.
• Hands-on experience with security testing tools such as Nmap, Nuclei, Metasploit, or similar frameworks.
• Strong understanding of network security, web application security, and infrastructure security.
• Experience conducting penetration tests or security research.
• Familiarity with Linux systems and common server environments.
• Ability to analyze systems and identify weaknesses in architecture or implementation.
• Curiosity, persistence, and a strong desire to understand how systems fail.
• Ability to configure and maintain system-level firewalls (for example, iptables, nftables, or ufw) and enforce network-level access policies.
• Experience configuring and operating Web Application Firewalls (WAFs) such as Cloudflare WAF, ModSecurity, or similar solutions to protect APIs and web services.
• Strong practical understanding of how the Internet works, including DNS, TLS, HTTP, and common attack vectors affecting networked systems.
• Solid knowledge of networking fundamentals, including TCP/IP, routing, NAT, VLANs, and the OSI model.
• Ability to analyze traffic flows, understand how packets move through networks, and diagnose connectivity or security issues across different layers of the network stack.

Relevant certifications such as OSCP, CEH, Security+, or similar are welcome, but real-world experience and demonstrated skills matter more.

Who We Are Looking For

Not looking for someone whose experience is centered primarily on managing large security teams or producing compliance documentation.

Instead, we are looking for highly motivated engineers and curious security-minded builders who enjoy exploring systems, testing assumptions, finding weaknesses in creative ways, and building stronger defenses as a result. Unusual backgrounds, unconventional experience, and self-driven experimentation can be a better fit for this role than a traditional career path.

Why Join Us

• Work on real-world systems operating in high-stakes environments.
• Help secure AI platforms and data infrastructure used in complex operational scenarios.
• Military deferment is available for full-time employees.
• Flexible work format in a results-driven environment.

–––––––––––––––––––––––––––––––Рідною–––––––––––––––––––––––––––––––

Cyber Harbor - українська компанія, заснована інженерами та дослідниками, які брали участь у захисті критичної кіберінфраструктури під час війни. Ми спираємося на реальний практичний досвід і створюємо AI-powered системи для складних середовищ, де помилка може мати високу ціну.

Зараз ми шукаємо Cybersecurity Engineer, який допоможе нам будувати, впроваджувати та підтримувати базові елементи безпеки наших платформ для обробки даних і пов’язаної з ними інфраструктури. Ця роль поєднує практичну security engineering роботу з hands-on дослідженням і тестуванням. Ви допомагатимете формувати внутрішні стандарти безпеки, захищати критичну інфраструктуру та проактивно виявляти слабкі місця в наших системах до того, як ними зможуть скористатися.

Ми створюємо складні AI systems, що працюють із великими обсягами даних у чутливих середовищах. Саме тому для нас безпека - це не просто вимога комплаєнсу, а повноцінна інженерна дисципліна.

Що ви будете робити

• Проєктувати та впроваджувати політики кібербезпеки й внутрішні стандарти безпеки.
• Допомагати підтримувати контроль і прозорість щодо корпоративних пристроїв, серверів та інфраструктурних активів.
• Будувати та вдосконалювати рішення, що знижують ризик витоку даних і несанкціонованого доступу.
• Проводити внутрішні security assessments наших продуктів, інфраструктури та сервісів.
• Регулярно проводити внутрішні penetration tests і security audits.
• Використовувати такі інструменти, як Nmap, Nuclei, Metasploit та інші scanning frameworks, для виявлення вразливостей.
• Аналізувати потенційні attack surfaces на рівні APIs, web applications, внутрішніх сервісів та інфраструктури.
• Тісно взаємодіяти з engineering teams, щоб виявляти й закривати security issues ще на ранніх етапах розробки.
• Допомагати впроваджувати механізми моніторингу, логування та виявлення підозрілої активності.
• Документувати результати, пропонувати mitigation strategies і допомагати командам впроваджувати необхідні виправлення.

Що нам важливо

• Сильне практичне розуміння принципів кібербезпеки та сучасних attack vectors.
• Hands-on досвід роботи з інструментами security testing, такими як Nmap, Nuclei, Metasploit або подібними frameworks.
• Сильне розуміння network security, web application security та infrastructure security.
• Досвід проведення penetration tests або security research.
• Знайомство з Linux-системами та типовими серверними середовищами.
• Вміння аналізувати системи та виявляти слабкі місця в архітектурі або реалізації.
• Допитливість, наполегливість і сильна внутрішня мотивація розуміти, як саме системи дають збій.
• Вміння налаштовувати та підтримувати system-level firewalls (наприклад, iptables, nftables або ufw) і забезпечувати мережеві політики доступу.
• Досвід налаштування та експлуатації Web Application Firewalls (WAFs), таких як Cloudflare WAF, ModSecurity або подібних рішень, для захисту APIs і web services.
• Сильне практичне розуміння того, як у реальності працює Інтернет, зокрема DNS, TLS, HTTP та типові attack vectors, що впливають на мережеві системи.
• Ґрунтовні знання мережевих основ, зокрема TCP/IP, routing, NAT, VLANs і моделі OSI.
• Вміння аналізувати traffic flows, розуміти, як пакети проходять через мережу, та діагностувати проблеми зі з’єднанням або безпекою на різних рівнях network stack.

Профільні сертифікації, такі як OSCP, CEH, Security+ або подібні, будуть плюсом, але для нас важливішими є реальний практичний досвід і підтверджені навички.

Кого ми шукаємо

Не шукаємо людину, чий досвід зосереджений переважно на управлінні великими security teams або підготовці compliance documentation.

Натомість ми шукаємо сильних, мотивованих інженерів і допитливих security-minded фахівців, яким цікаво досліджувати системи, перевіряти припущення, нестандартно шукати слабкі місця й на цій основі будувати сильніший захист. Незвичний бекграунд, нетиповий досвід і self-driven експерименти можуть підійти для цієї ролі краще, ніж класичний кар’єрний шлях.

Чому варто приєднатися

• Працювати з реальними системами, що функціонують у середовищах із високою ціною помилки.
• Допомагати захищати AI platforms та data infrastructure, які використовуються в складних операційних сценаріях.
• Бронювання доступне для full-time працівників.
• Гнучкий формат роботи в середовищі з фокусом на результат.

Description

We are looking for a Senior DevSecOps who will help make our cloud infrastructure safe, stable, and automated. You will work together with the development, platform, and security teams to add security at every step of product creation.

This is a great chance to grow in security automation, improve processes, and bring modern DevSecOps practices into the company.

Requirements
Must-Have Skills

5+ years of hands-on experience in DevOps / DevSecOps / Cloud Engineering roles;

Deep expertise with AWS services (IAM, VPC, CloudTrail, GuardDuty, KMS, WAF);

Proven experience with Kubernetes security — RBAC, network segmentation, image scanning, Falco or similar runtime security tools;

Strong proficiency in Infrastructure-as-Code tools, particularly Terraform (modules, state management, policy as code);

Experience managing CI/CD pipelines on GitHub Actions with integrated vulnerability scanning and secret protection;

Solid knowledge of Cloudflare security suite (Zero Trust, WAF, DNS, Access, API Gateway rules);

Familiarity with SSO and MFA solutions (DUO SSO, OIDC flows, federation via SAML);

Scripting and automation using Python, Bash, or Go;

Strong understanding of network security, TLS management, logging, and monitoring pipelines;

Excellent collaboration and communication skills, with the ability to work effectively with cross-functional engineering and compliance teams.

Nice-to-Have

Experience with policy-as-code frameworks (OPA, Conftest, Terraform Cloud Policies);

Hands-on knowledge of container security scanners (Trivy, Aqua, Anchore, Grype);

Exposure to SIEM / SOC integrations;

Familiarity with compliance frameworks (ISO 27001, NIST CSF, CIS Benchmarks);

Relevant certifications (AWS Security Specialty, Terraform Associate, CISSP, or DevSecOps certifications).

Responsibilities
Integrate security practices (SAST, DAST, SCA, secret management, compliance checks, etc) directly into CI pipelines on GitHub;

Build and manage infrastructure using Terraform (IaC) with a strong focus on least privilege, encryption, and auditing;

Strengthen security across Kubernetes clusters (RBAC, network policies, Falco runtime threat detection);

Implement security automation and continuous monitoring for vulnerabilities, misconfigurations, and drift in AWS + Kubernetes environments;

Collaborate closely with Development, Platform, SRE, Cloud Delivery Engineers, and Security teams to embed “security-by-design” principles throughout SDLC;

Conduct threat modeling, risk assessments, and incident response for cloud and container workloads;

Drive adoption of DevSecOps best practices, mentor team members, and promote a proactive security culture;

Continuously research and implement new security tools, policies, and automation opportunities to improve visibility and resilience.

Benefits

Why Join Us?

🎰 Be part of the international iGaming industry – Work with a top European solution provider and shape the future of online gaming;

💕 A Collaborative Culture – Join a supportive and understanding team;

💰 Competitive salary and bonus system – Enjoy additional rewards on top of your base salary;

📆 Unlimited vacation & sick leave – Because we prioritize your well-being;

📈 Professional Development – Access a dedicated budget for self-development and learning;

🏥 Healthcare coverage – Available for employees in Ukraine and compensation across the EU;

🫂 Mental health support – Free consultations with a corporate psychologist;

🇬🇧 Language learning support – We cover the cost of foreign language courses;

🎁 Celebrating Your Milestones – Special gifts for life’s important moments;

⏳ Flexible working hours – Start your day anytime between 9:00-11:00 AM;

🏢 Flexible Work Arrangements – Choose between remote, office, or hybrid work;

🖥 Modern Tech Setup – Get the tools you need to perform at your best;

🚚 Relocation support – Assistance provided if you move to one of our hubs.

N-iX is looking for skilled Senior/Lead Active Directory Engineer to join our team! Our customer is the European online car market with over 30 million monthly users, with a market presence in 18 countries. As a Lead Active Directory Engineer, you will play a pivotal role in shaping the future of online car markets and enhancing the user experience for millions of car buyers and sellers. We require a Lead Engineer to assess, clean up, and harden multiple inherited single-forest, single-domain Active Directory environments. These environments require standardization, security hardening, and alignment with current best practices. The focus will be on improving AD structure, security posture, Group Policy hygiene, and operational consistency, while also evaluating long-term viability and integration with enterprise IAM platforms. This is a hands-on senior role requiring deep expertise in Active Directory architecture, security, identity integration, and remediation of legacy configurations, including alignment with industry audit and compliance standards (e.g., PCI DSS).

Requirements:

• EDT Timezone work hours
• Extensive hands-on experience (typically 7+ years) with Active Directory engineering and administration.
• Proven experience performing AD clean-up, consolidation, or post-transition integration work.
• Strong expertise in: Active Directory (single-domain environments at scale), Group Policy design, cleanup, and optimization, OU design and delegation models.
• Demonstrated experience with: AD security hardening (tiered admin model, least privilege, attack surface reduction), identifying and remediating, stale objects (users, computers, groups), legacy permissions and misconfigurations, GPO sprawl and conflicts.
• Experience integrating Active Directory with IAM/IdP platforms, including: Azure AD / Entra ID - must have, Okta - nice to have, etc, SSO, federation, and identity synchronization (e.g., AAD Connect or equivalent), role-based access control (RBAC) and identity lifecycle management.
• Experience working within regulated or audited environments, including: PCI DSS (or similar frameworks such as ISO 27001, NIST).
• Implementing controls related to identity, access management, and auditability.
• Strong knowledge of: Authentication protocols (Kerberos, NTLM, SAML/OIDC basics), DNS (AD-integrated), replication, and site topology.
• Experience with tools such as: ADUC, ADSIEdit, Group Policy Management Console, PowerShell (AD module - must have) for bulk changes and reporting.
• Experience in auditing and improving: privileged access (Domain Admins, Enterprise Admins), service accounts and delegation.
• At least upper-intermediate English level.

 Responsibilities:

• Perform a comprehensive assessment of current AD environments.
• Identify and remediate: inactive/stale objects, legacy groups and excessive permissions, GPO duplication, conflicts, and inefficiencies.
• Redesign and implement: OU structure and delegation model, Group Policy strategy aligned to best practices.
• Implement security hardening measures, including: privileged access model (e.g., tiering), reduction of attack surface and legacy protocols.
• Alignment with audit/compliance requirements (e.g., PCI DSS controls).
• Integrate AD environments with enterprise IAM platforms, including: identity synchronization and federation, access model alignment (RBAC / least privilege), SSO enablement and identity lifecycle processes.
• Review and optimize: AD Sites and Services (replication topology), DNS configuration and health.
• Develop and execute cleanup and remediation plans with minimal disruption.
• Automate tasks and reporting using PowerShell.
• Produce clear documentation and operational standards, including audit-ready configurations.

Nice-to-Have Certifications:

• Microsoft Certified: Windows Server Hybrid Administrator Associate
• Microsoft Certified: Identity and Access Administrator Associate (SC-300)
• Microsoft Certified: Azure Solutions Architect Expert
• MCSA / MCSE (legacy but relevant)
• Security certifications (e.g., CISSP, Security+, CISM)
• Okta Certified Professional / Administrator (or similar IAM certifications)

About the company

Our client is a leading autonomous vehicle technology company operating at the cutting edge of self-driving software development. 

Role overview

We are not looking for a traditional SOC analyst. This role is about building detection systems, not clicking through alerts. You will work with large volumes of logs (cloud, application, network), design detection logic, and improve it over time. That includes both rule-based detection (SIEM/XDR) and data-driven approaches (statistical models, anomaly detection, simple ML where it makes sense). You should be comfortable treating logs as a data problem, not just a monitoring stream.

Important! This is not a role where you:

• sit in SIEM all day clicking alerts
• blindly add rules
• overcomplicate things with ML

This is a role where you: build detection systems that work in practice.

What you'll be doing

Detection & analytics

• Build and maintain detections across:
• application logs (auth, APIs, business logic abuse)
• cloud activity (CloudTrail, IAM, infrastructure changes)
• network telemetry (DNS, proxy, firewall, NetFlow)
• Work directly with data in platforms like Elasticsearch / Splunk / similar
• Write and tune detection logic (queries, correlation rules)
• Reduce noise — expect to spend time fixing false positives, not just adding new rules.

Working with data (this is a big part of the job)

• Build pipelines for:
• log ingestion
• normalization
• feature extraction
• Work with streaming or batch pipelines (Kafka / queues / scheduled jobs)
• Turn raw logs (e.g. CloudTrail) into structured data usable for detection.

Anomaly detection / ML (practical, not theoretical)

• Apply simple models where they add value (e.g. One-Class SVM or similar approaches)
• Focus on:
• behavior baselining
• anomaly scoring
• Tune models based on real output (false positives matter more than theory) 
• If ML does not improve signal — don't use it.

Automation & response

• Build response playbooks for common cases
• Automate where it actually saves time (not for the sake of it)
• Integrate with SOAR or write lightweight orchestration
• Improve:
• detection speed
• response consistency.

AI usage (realistic expectations)

• Use LLMs for:
• alert enrichment
• investigation summaries
• internal tooling
• Not building an "AI security platform"
• Focus on practical gains, not hype.

Threat hunting

• Run targeted hunts based on hypotheses
• Use internal data + external signals
• Identify gaps in logging and detection.

Requirements

• Solid experience with SIEM (Elastic, Splunk, Sentinel, etc.)
• Strong understanding of:
• cloud activity (especially AWS logs and IAM)
• network basics
• modern application behavior (APIs, auth flows)
• Comfortable working with large datasets (not afraid of raw logs)
• Python or similar for data processing
• Experience with automation (SOAR or custom scripts).

Nice-to-have (but not critical)

• Experience applying ML to logs (even simple models is enough)
• Familiarity with LLMs in tooling (not research)
• Experience with data pipelines (Kafka, Spark, etc.)
• MITRE ATT&CK mapping

What will make you effective here

• You don't trust alerts blindly
• You care about signal quality, not number of detections
• You can debug why a detection is noisy or useless
• You understand systems, not just tools
• You prefer building something once instead of repeating manual work.

How success looks like

• Fewer false positives
• Better visibility across systems
• Faster investigations
• Less manual work in SOC
• Detections that actually catch real issues

Playtech‘s Security unit is looking for Security Operations Engineer with excellent communication and problem-solving skills.

Your influential mission. You will...

• Support, maintain and operate security infrastructure and technologies used by SOC and make recommendations to enhance threat detection
• Build up and improve real-time security monitoring and incident response framework and playbooks
• Develop security detection use cases, tune signatures and refine analytical models in order to identify malicious activity
• Maintain, tune and troubleshoot SIEM Solution to deliver optimal performance and best detection and investigation capabilities
• Identify new data sources and integrate them into monitoring operations
• Evaluate and implement new information security tools and technologies in support of SOC needs
• Provide analysis and trending of security events, alarms, and information from a large number of heterogeneous security devices and critical environments
• Participate in knowledge sharing with other analysts and improve incident response documentation
• Provide Incident Response (IR) investigation, support and triage to security alerts

Components for success. You...

• Should have 2+ years of experience in a technical environment in the role of Security Operations Engineer/Security Engineer/SRE/DevOps
• Must have ability to identifies and develop workflow automation to lower response time and eliminate lengthy response times
• Display good knowledge of Information Security, IT and Networking principles
• Must have ability to demonstrate a deep understanding of cyber security monitoring platforms such as intrusion detection systems (IDS), Endpoint Protection, Web proxies, firewalls, EDR, UEBA, CASB
• Must have solid organizational skills including attention to detail and multitasking skills.
• Should have great written & spoken English.
• Have experience with Linux, Docker

You'll get extra points for...

• Basic knowledge of AWS, GIT, CI/CD

Thrive in a culture that values...

• Possibility to work with a product company
• Personalised professional growth
• Warm and friendly attitude to every specialist
• Educational possibilities
• Competitive salary and benefits
• Medical insurance
• Fully-equipped cosy office space located in the city centre (Gulliver, “Palats Sportu” metro station)
• Paid vacation days, sick leaves and national holidays
• Corporate events and team buildings

SECURITY TEAM

The Security Team is a dynamic and forward‑thinking unit responsible for building, improving, and safeguarding Playtech’s global infrastructure. We work across the organization to ensure secure, reliable, and resilient systems.

Joining the Security Unit means tackling complex challenges, working with modern technologies, and continuously strengthening your security expertise within one of the industry’s most trusted and respected companies.

Playtech is an equal opportunities employer. Our mission is to welcome everyone and create inclusive teams. We celebrate differences and encourage everyone to join us and be themselves at work.

About the company

Our client is a leading autonomous vehicle technology company operating at the cutting edge of self-driving software development. 

Role overview

We are not looking for a traditional SOC analyst. This role is about building detection systems, not clicking through alerts. You will work with large volumes of logs (cloud, application, network), design detection logic, and improve it over time. That includes both rule-based detection (SIEM/XDR) and data-driven approaches (statistical models, anomaly detection, simple ML where it makes sense). You should be comfortable treating logs as a data problem, not just a monitoring stream.

Important! This is not a role where you:

• sit in SIEM all day clicking alerts
• blindly add rules
• overcomplicate things with ML

This is a role where you: build detection systems that work in practice.

What you'll be doing

Detection & analytics

• Build and maintain detections across:
• application logs (auth, APIs, business logic abuse)
• cloud activity (CloudTrail, IAM, infrastructure changes)
• network telemetry (DNS, proxy, firewall, NetFlow)
• Work directly with data in platforms like Elasticsearch / Splunk / similar
• Write and tune detection logic (queries, correlation rules)
• Reduce noise — expect to spend time fixing false positives, not just adding new rules.

Working with data (this is a big part of the job)

• Build pipelines for:
• log ingestion
• normalization
• feature extraction
• Work with streaming or batch pipelines (Kafka / queues / scheduled jobs)
• Turn raw logs (e.g. CloudTrail) into structured data usable for detection.

Anomaly detection / ML (practical, not theoretical)

• Apply simple models where they add value (e.g. One-Class SVM or similar approaches)
• Focus on:
• behavior baselining
• anomaly scoring
• Tune models based on real output (false positives matter more than theory) 
• If ML does not improve signal — don't use it.

Automation & response

• Build response playbooks for common cases
• Automate where it actually saves time (not for the sake of it)
• Integrate with SOAR or write lightweight orchestration
• Improve:
• detection speed
• response consistency.

AI usage (realistic expectations)

• Use LLMs for:
• alert enrichment
• investigation summaries
• internal tooling
• Not building an "AI security platform"
• Focus on practical gains, not hype.

Threat hunting

• Run targeted hunts based on hypotheses
• Use internal data + external signals
• Identify gaps in logging and detection.

Requirements

• Solid experience with SIEM (Elastic, Splunk, Sentinel, etc.)
• Strong understanding of:
• cloud activity (especially AWS logs and IAM)
• network basics
• modern application behavior (APIs, auth flows)
• Comfortable working with large datasets (not afraid of raw logs)
• Python or similar for data processing
• Experience with automation (SOAR or custom scripts).

Nice-to-have (but not critical)

• Experience applying ML to logs (even simple models is enough)
• Familiarity with LLMs in tooling (not research)
• Experience with data pipelines (Kafka, Spark, etc.)
• MITRE ATT&CK mapping

What will make you effective here

• You don't trust alerts blindly
• You care about signal quality, not number of detections
• You can debug why a detection is noisy or useless
• You understand systems, not just tools
• You prefer building something once instead of repeating manual work.

How success looks like

• Fewer false positives
• Better visibility across systems
• Faster investigations
• Less manual work in SOC
• Detections that actually catch real issues

We’re looking for a DevOps Engineer (Security Focus) who treats security as a first-class engineering concern, not a compliance checkbox. You’ll work closely with development to embed security into every stage of the delivery lifecycle — from the first commit to production monitoring.

Responsibilities:

• Design and maintain secure CI/CD pipelines from commit to production
• Integrate SAST, DAST, SCA, and secret scanning into GitLab / GitHub Actions
• Harden Kubernetes clusters — RBAC, network policies, admission controllers, pod security standards
• Manage cloud infrastructure (AWS / GCP) using IaC — Terraform, Helm, GitOps workflows
• Implement Zero Trust architecture, mTLS, and service mesh (Istio / Linkerd)
• Own the observability and alerting stack — Prometheus, Grafana, Loki, ELK
• Lead threat modeling sessions and security-focused code reviews
• Drive compliance work (SOC 2, ISO 27001, GDPR) on the technical side
• Mentor engineers and promote a shift-left security culture across the team

Requirements:

• 4+ years in DevOps, DevSecOps, or a closely related role
• Proven experience building secure pipelines in real production environments
• Solid hands-on knowledge of Kubernetes and cloud providers (AWS preferred)
• Strong grasp of network security — firewalls, VPC, WAF, TLS/mTLS
• Practical experience with secret management and key rotation
• Actively uses AI tools in daily work — Copilot, Cursor, Claude, or similar
• Understanding of OWASP Top 10, CVE processes, and vulnerability disclosure
• At least B2 English — comfortable reading docs, writing in async, and joining calls

Nice to have:

• Experience preparing for or passing SOC 2 / ISO 27001 audits
• Certifications: CKS, AWS Security Specialty, OSCP, or equivalent
• Familiarity with eBPF-based security tools — Cilium, Tetragon
• Background in FinTech, HealthTech, or another regulated domain
• Scripting or automation skills in Python

We Offer:

• Innovation Culture: Work in a team that actively experiments with AI and modern development approaches
• Flexible Work: Remote work or a modern office in Kyiv
• Generous Time Off: 20 paid vacation days + 15 sick leave days annually
• Professional Growth: Compensation for courses, certifications, and learning resources
• Cutting-Edge Tools: Access to premium AI tools (Cursor Pro, GitHub Copilot, etc.)
• Supportive Environment: Collaboration, trust, and focus on outcomes rather than micromanagement

Recruitment Process:

1. HR Interview
2. Tech&Final Interview
3. Job Offer

If you have any questions or need clarifications, feel free to reach out to our Talent Hunter Team by email.

We are looking for an Affiliate Operations & Anti-Fraud Analyst to support our Affiliate team by ensuring traffic quality, accurate partner reconciliations, and correct payout calculations.

This role combines affiliate operations and fraud analysis, helping us maintain transparent relationships with partners and protect the business from low-quality or fraudulent traffic.

HOW YOU WILL MAKE AN IMPACT:

• Analyze affiliate traffic across CPA / RevShare / Hybrid models;
• Detect fraud patterns (bot traffic, duplicates, incentive traffic, low-quality traffic);
• Cross-check traffic and player data across multiple platforms;
• Perform monthly reconciliations with affiliate partners;
• Calculate and verify final payout amounts;
• Ensure invoice accuracy before submitting to the finance team;
• Communicate with partners regarding discrepancies and fraud cases;
• Align and approve final reconciliation results with affiliates;
• Clearly explain discrepancies and defend calculations;
• Support Affiliate Managers with operational tasks and data validation.

WHAT WILL HELP YOU SUCCEED IN THE ROLE:

• 1+ years of experience in affiliate operations, traffic analysis, fraud, risk, or similar roles;
• Strong understanding of affiliate models (CPA, RevShare, Hybrid);
• Experience with reconciliation processes and payout calculations;
• Understanding of tracking systems, postbacks, and attribution logic;
• Knowledge of fraud detection principles (bot traffic, duplicates, incentive traffic, chargebacks);
• Strong Excel / Google Sheets skills;
• Ability to work with large datasets and meet deadlines;
• Intermediate English for partner communication. 

WILL BE A PLUS:

• Basic understanding of AML/KYC principles;
• Experience in iGaming / betting / high-risk verticals;
• Experience working with large volumes of traffic and payouts. 
   

WHY YOU’LL LOVE IT HERE:

• Flexible working hours and a remote work setup, so you can plan work around your life and not your life around work!
• Unlimited vacation days and paid sick leave—because your rest matters.
• A competitive compensation that truly reflects your skills and expertise.
• Employee referral bonus and gifts to celebrate your special occasions.
• 50% financial support for learning expenses to supercharge your professional growth!
• A positive atmosphere where you always feel respected and truly belong.
• Inspirational team-building activities that turn colleagues into best friends.
• Wellness benefits: We’ll support your sports passions, from yoga classes to gym memberships.
• Co-working space reimbursement to save your nerves from always working from home :)

RedCore is an international business group that creates technological solutions for digital markets. Our products and services cover fintech, marketing, e-commerce, customer service, communications and regulatory technologies. 

We are looking for a Security Officer to join our team!

Requirements:

- Higher education in Law or Economics;

- At least 3 years of experience in HR/internal and economic security within private enterprises;

- Proven experience in background checks of individuals and legal entities;

- Previous experience in law enforcement is a strong advantage;

- Knowledge of security systems and protocols;

- Experience collaborating with polygraph specialists;

- Strong experience working with databases;

- Proficient PC user;

- Ukrainian or Russian language C1 and above;

- Fluent English, including spoken communication;

- Willingness to travel abroad to ensure security at exhibitions and conferences.

Responsibilities:

- Conduct regular risk assessments to identify vulnerabilities and threats affecting the holding’s assets;

- Respond promptly to security-related incidents, including investigation and corrective measures;

- Prepare security status reports, analyze incidents, and develop recommendations for improvement;

- Collaborate with other departments to integrate security considerations into business processes;

- Ensure protection of personal data (GDPR compliance) and trade secrets;

- Conduct background checks during recruitment and support exit processes;

- Organize security measures during corporate events, exhibitions, and conferences.

Benefits:
☘️An exciting and challenging job in a fast-growing product company, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and other;

🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed;

📍Beautiful offices in Warsaw, Limassol work remotely or on-site with comfort and enjoy the opportunity to build a network of connections with professionals day by day;

🧑🏻‍💻Laptop & all necessary equipment for work according to the ecosystem standards;

🏖Paid vacations, personal events days, days off;

🫖Paid sick leave;

👨🏻‍⚕️Medical insurance;

💵Referral program enjoy cooperation with your colleagues and get the bonus;

📚Educational support by our L&D team: internal and external trainings and conferences, courses on Udemy;

🗣Free internal English courses;

🧘Sport benefit;

🦄Multiple internal activities: online platform for employees with quests, gamification and presents for collecting bonuses, RedCore talks club for movie and book lovers, board games cozy evenings, special office days dedicated to holidays;

🎳Company events, team buildings.

We are looking for a  DevSecOps Engineer to join our team and help maintain and improve a secure cloud infrastructure on AWS. Our applications run on Kubernetes (EKS), Cloudflare is used for edge protection, and Wazuh serves as our SIEM / HIDS platform.
 

This role is suited for an engineer with hands-on experience who will work within an existing architecture and established best practices, rather than owning the full system design.

Requirements:
AWS / Cloud

• 2+ years of commercial experience with AWS;
• Hands-on experience with EKS or other managed Kubernetes platforms;
• Basic understanding of IAM, VPC, Security Groups, and CloudWatch.

Kubernetes / Containers

• Experience with Kubernetes (deployments, services, ingress);
• Understanding of Kubernetes RBAC (ability to apply and maintain existing policies);
• Experience with Docker (building and running containers).

Security / Monitoring

• Experience with Wazuh or other SIEM / security monitoring solutions;
• Understanding of logging, alerting, and basic HIDS principles;
• Hands-on experience with Cloudflare (DNS, basic WAF configuration).

DevOps / Automation

• Experience with CI/CD tools (GitLab CI, GitHub Actions);
• Infrastructure as Code: Terraform;
• Bash or Python for basic automation tasks.

Networking

• Understanding of HTTP/S, DNS, and TLS;
• Basic knowledge of cloud networking concepts.

Responsibilities:

• Maintain and enhance CI/CD pipelines with integrated security checks;
• Support and operate Kubernetes clusters (AWS EKS);
• Configure and maintain Wazuh (agents, basic rules, alerts, dashboards);
• Support and optimize Cloudflare services (DNS, basic WAF rules, rate limiting);
• Deploy and update infrastructure using IaC (Terraform / CloudFormation);
• Manage access controls (AWS IAM, Kubernetes RBAC);
• Monitor logs and security alerts and participate in incident response;
• Apply basic hardening practices for containers and EKS nodes;
• Collaborate with development teams to ensure secure application deployments;
• Configure infrastructure according to CIS benchmarks.

Nice to Have:

• Experience with security scanning tools (Burp, Snyk, kube-bench);
• Familiarity with AWS Security Hub or GuardDuty;
• Basic understanding of Zero Trust principles;
• Experience with multi-account AWS environments;
• Exposure to security policies or compliance controls;
• Experience with ELK Stack.
   

What We Offer:

• Work in a team with established processes and mentoring;
• Clear growth path toward a Senior DevSecOps Engineer role;
• Modern cloud-native technology stack (AWS, Kubernetes, Terraform);
• Flexible work format (remote / hybrid);
• Competitive compensation based on experience

We are looking for a Senior DevSecOps with strong Azure background to join a product team working on a high-load AI-powered application.

Key areas of focus:
Azure infrastructure and security (Entra ID, Managed Identity, networking)
Async task processing and scalable queue-based architectures
CI/CD security practices - vulnerability scanning, dependency management
Observability - logging, tracing, monitoring at scale
Experience with Python-based backends in high-load environments
The role requires hands-on problem-solving ability, not just configuration experience. The candidate will be expected to advise on architecture decisions.