Jobs Security

We’re looking for an Anti-Fraud Specialist to build and own the company’s risk and fraud prevention system from scratch. This role combines strategic thinking and hands-on execution you’ll design the full fraud-contour, implement risk rules, and protect product economics without damaging conversion and retention.

You’ll work closely with the CEO, PSP Manager, Product, and Marketing teams to ensure sustainable growth and PSP stability on the US Sweepstakes market.

💪 Key Responsibilities:
✅ Build and own the full risk lifecycle:
✅ Develop and implement a unified fraud detection system integrating:
PSP risk signals, chargebacks, BIN & velocity checks, device fingerprinting, IP/proxy/geo data, KYC signals, affiliate sources, and in-product behavioral data.
✅ Create and manage risk-scoring models and fraud profiles for all users.
✅ Design and optimize:
- Auto-block rules
- Withdrawal holds
- Manual review flows
- Bonus eligibility logic
- Geo & device restrictions
✅ Monitor and improve fraud economics.
✅ Collaborate with PSP to maintain healthy processing metrics and reduce AML/chargeback risks.
✅ Work with Product to close UX and bonus exploitation gaps.

🔥 Skills & Competencies:
✔️ iGaming and US Market Experience 
✔️Experience working with antifraud tools, device/IP/geo systems, and PSP logs.
✔️ Ability to work with SQL/BI tools at analytical level.
✔️ Experience building risk rules, thresholds, and scoring models.
✔️ Ability to make tough decisions and challenge marketing/product when necessary.
✔️ English B2 or higher.

⭐ Nice to Have

Experience in US Sweepstakes or Social Casino products.
Experience building antifraud systems from zero in startups.
Knowledge of AML processes and PSP health metrics.
Experience working with affiliate-heavy traffic.

✨What We Offer:

• Full remote work
• Flexible working hours (start between 10:00 and 12:00)
• 8 hour work day + break
• Time Off 28 calendar days of paid vacation (after successfully passing the probationary period)
• 4 days of days off

About us

Ruby Labs is a leading tech company that creates and operates innovative consumer products. We offer a diverse range of opportunities across the health, education, and entertainment industries. Our innovative teams are driving the future of consumer-led products, and we're always looking for passionate individuals to join us. Learn more about our story at: https://rubylabs.com/about-us/

About the role

We are looking for an IT Security Lead to design, implement, and manage our corporate IAM and operations security infrastructure from the ground up. Our goal is to implement a high level of automation in IAM and create a seamless yet secure operations environment using the latest technologies, ensuring that security does not slow down our workforce while maintaining robust safeguards.

Key Responsibilities 
 

Security Infrastructure & Engineering

• Design and build operations security infrastructure and IAM from scratch.
• Develop, implement, and maintain comprehensive security policies, strategies, and protocols to safeguard the intellectual property, and prevent unauthorized access.
• Deploy and manage security tools and solutions, with preference for open-source technologies where appropriate.
• Utilize MDM software with other products to ensure organization-wide device security compliance and enforce consistent protection standards across all endpoints.
• Establish and enforce remote work security standards and best practices for company owned and BOYD devices.

Identity & Access Management

• Design and implement access structure using identity provider.
• Manage user provisioning and deprovisioning workflows across all company tools and services.
• Automate access lifecycle management, including onboarding and offboarding processes.
• Control and audit access permissions to ensure principle of least privilege.
• Implement and maintain identity federation technologies across multiple platforms.

Google Workspace & Cloud Security

• Administer Google Workspace with focus on security configurations and compliance.
• Configure policies like Context Aware Access, LDAP, SCIM, and other controls within Google Workspace.

Security Operations & Governance

• Establish IT security operations (SecOps) best practices and standard operating procedures.
• Conduct regular security assessments and vulnerability management.
• Define security metrics and KPIs; provide regular security posture reports.
• Advise leadership on security risks, compliance requirements, and remediation strategies.

Process & Documentation

• Develop and maintain comprehensive security documentation, runbooks, and policies.
• Streamline security-related processes for efficiency and effectiveness.
• Create and maintain disaster recovery and business continuity plans.
• Drive security awareness and training initiatives across the organization.

Qualifications

• At least 5 years of experience in IT security engineering or infrastructure security roles.
• Proven track record of building corporate security infrastructure from the ground up.
• Strong automation (for example n8n, getcakewalk, Slack workflows, jumpcloud,, etc) and basic REST API knowledge.
• Deep understanding of IT security operations (SecOps) best practices and frameworks.
• Strong engineering background with experience in infrastructure design and implementation.
• Hands-on experience with Google Workspace administration and security configuration.
• Expert knowledge of identity and access management, including user provisioning and deprovisioning workflows.
• Experience with SSO, SAML, OIDC, and identity federation technologies.
• Knowledge of Docker.
• Experience with IAM automation and orchestration.
• Understanding of compliance frameworks (SOC 2, ISO 27001, etc.).

Nice to have

• Experience with automated user provisioning from Google Workspace to other services.
• Knowledge of zero-trust architecture principles.
• Basic knowledge of Typescript.
• Previous experience in a startup or high-growth environment.

Location

Ruby Labs operates within the CET (Central European Time) zone. Applicants from any country are welcome to apply for the position as long as they are located within approximately ± 4 hours of CET. This ensures optimal collaboration and communication during working hours.

Benefits

Discover the perks of being part of our vibrant team! We offer:

• Remote Work Environment: Embrace the freedom to work from anywhere, anytime, promoting a healthy work-life balance.
• Unlimited PTO: Enjoy unlimited paid time off to recharge and prioritize your well-being, without counting days.
• Paid National Holidays: Celebrate and relax on national holidays with paid time off to unwind and recharge.
• Company-provided MacBook: Experience seamless productivity with top-notch Apple MacBooks provided to all employees who need them.
• Flexible Independent Contractor Agreement: Unlock the benefits of flexibility, autonomy, and entrepreneurial opportunities. Benefit from tax advantages, networking opportunities, reduced employment obligations, and the freedom to work from anywhere. Read more about it here: https://docs.google.com/document/d/1tzxGX4Uu7Ts_HCLFXESKLnKaaBfVCPf1f9AYZPrkjJM/preview?tab=t.0

Be part of our fast-growing team and seize this excellent opportunity for personal and professional growth!

Interview Process

After submitting your application, we conduct a thorough review which typically takes 3 to 5 days, but may occasionally take longer due to the volume of applications received. If we see a potential fit, we proceed with the following steps:

• Recruiter Screening (40 minutes)
• Technical Interview (40 minutes)
• Final Interview (40 minutes)

Life at Ruby Labs

At Ruby Labs, we move fast, aim high, and expect the same from our team. We’re not here to play small—we’re here to build, grow, and win. That means we look for people who are ambitious, driven, and ready to give their best every single day.

This is a place for individuals who thrive under pressure, embrace challenges, and see opportunity in every obstacle. If you’re hungry to achieve, motivated by impact, and want to grow at the speed of your own ambition, Ruby Labs offers the platform to make it happen.

Here, effort is matched with reward. We recognize those who go all in and deliver results, and we create space for people who want more—more responsibility, more growth, and more success.

 As an Application Security Team Lead at JFrog, you will… 

• Build and lead a team of security researchers and penetration testers. • Help to reshape JFrog Product Security  

• Plan and execute advanced penetration testing campaigns. 

• Develop tools and frameworks for scalable security testing and fuzzing. 

• Lead Security innovation by building and managing penetration testing tools \ AI Agents 

• Analyze vulnerabilities, perform root cause analysis, and develop proofs of concept. 

• Identify systemic product weaknesses and help define long-term mitigations. 

• Collaborate with engineering teams to reproduce, triage, and fix vulnerabilities. 

• Contribute to security research publications, CVE submissions, and industry knowledge sharing. 

• Continuously evolve internal testing capabilities using modern tooling and AI-assisted approaches. 

To be an Application Security Team Lead at JFrog, you need… 

• Proven 2+ years of experience in leading application security research Teams (SAAS or software company). 

• 7+ year experience in Research and penetration testing. 

• Strong coding skills and deep technical understanding of web, API, cloud-native, and backend technologies. 

• AI and LLM Penetration testing knowldge and Experience  

• Experience with penetration testing tools (Burp Suite, Metasploit, etc.) and Custom Security Tools development. 

• Familiarity with modern architectures (e.g., Cloud, microservices, containers, Kubernetes). 

• Familiarity with secure software architecture and typical attack vectors. 

• Demonstrated ability to lead security testing engagements and report technical findings effectively. 

• Experience building or integrating automated PT or fuzzing pipelines is a strong advantage. 

• Knowledge and hands-on experience with SSDLC tools and  CI/CD pipelines,  

• Publications or open-source contributions in the security domain are a plus.

Are you passionate about making the internet a safer place? We are looking for a Middle Security Operations Researcher to join our team and help protect enterprise clients from harmful bots and online threats. This is a remote, full-time role that offers the opportunity to work directly with global customers, analyzing traffic patterns and neutralizing malicious activity.

At Sigma Software, we value expertise, ownership, and proactive communication. You will collaborate with a diverse international team while enjoying the flexibility of working from anywhere.

Why join us? You will work on impactful cybersecurity projects, gain exposure to cutting-edge analytics tools, and contribute to safeguarding digital ecosystems worldwide.

CUSTOMER
Our customer is a global provider of comprehensive security solutions, protecting individuals, organizations, and communities from a wide range of risks, particularly in the digital space. Their enterprise-focused products specialize in bot defense and invalid traffic detection, helping clients safeguard critical systems and maintain operational integrity.

PROJECT
The project focuses on real-time threat detection and bot mitigation for enterprise-scale clients. Security Operations Researchers collaborate directly with customers, leveraging advanced analytics platforms to identify malicious traffic patterns and neutralize online threats. This dynamic environment requires both technical expertise and strong communication skills.

JOB DESCRIPTION:

• Provide Tier 2 technical support to customers in real time, delivering clear and professional responses
• Analyze logs, graphs, and dashboards, isolating and investigating data using tools like Kibana
• Manage and organize cases, tickets, and requests in Salesforce
• Perform back-office tasks, including writing and maintaining suspicious field expressions
• Write and optimize SQL queries for data retrieval, analysis, and manipulation in BigQuery
• Communicate with global customers, ensuring timely responses and effective issue resolution
• Work in a shift-based schedule, including weekend shifts

QUALIFICATION:

• 2+ years of experience with data analysis
• Strong understanding of log analysis, APIs, and client-server architecture
• Proficient in SQL, including BigQuery SQL
• Knowledge of HTML, JavaScript, and HTTP request methods
• Strong troubleshooting and problem-solving skills

• Experience in customer support, including direct communication with clients; professionalism and politeness are essential

   

WILL BE A PLUS:

• Experience in a Cybersecurity Analyst/Researcher role, ideally supporting external customers in threat detection and response
• Experience in web security and security research: web application security, bot management, fraud detection
• Basic Python skills
• Experience with Kibana

PERSONAL PROFILE:

• Good English (speaking/writing)
• High level of responsibility and ownership
• Ability to work independently with minimal supervision
• Planning and decision-making skills with considerations for multiple integrated systems
• Proactive communicator who keeps stakeholders informed without being prompted

Work schedule: 40 hours per week, 5 days per week. Workdays can be adjusted to start earlier or later, including weekends if necessary.

Additional info: There may be 1–2 business trips per year to Tel Aviv.

About Us

We’re a young startup, Lovat Compliance — a global tax & compliance technology provider specialising in EPR, VAT, sales tax and cross‑border compliance for e‑commerce businesses. We’re not yet a giant corporation, and much of what we will build is still ahead of us. We need someone who understands that things aren’t perfect yet, is comfortable being the one who owns the space, and who can help us build things from the ground up.

What You’ll Do

• Establish and maintain our data‑security and information‑security programme from scratch: policies, standards, procedures tailored to our platform and services.
• Perform regular risk assessments, vulnerability scans and data‑protection audits; identify gaps and lead remediation.
• Be the owner of incident response: detection, containment, investigation and reporting of security events.
• Collaborate closely with IT development and compliance teams so that data‑protection is embedded into product development and operations.
• Manage data‑handling and access controls across the organisation — ensuring our client and platform data are processed securely.
• Run training and awareness programmes for staff on data‑security, privacy regulation (e.g., GDPR) and secure behaviours.

• Keep an eye on emerging threats, security trends and regulatory developments relevant to e‑commerce, EPR/VAT/sales‑tax platforms, and advise on what changes we need to make.

   

What We Are Looking For

• Minimum 1.5 years of experience in a role related to data security, information security or risk management — ideally within SaaS, e‑commerce or cloud‑based platforms.
• Good knowledge of data‑protection laws (e.g., UK/EU GDPR), information‑security frameworks (e.g., ISO 27001, NIST) and data‑security best practices.
• Proven experience with risk assessments, incident response and security audits.
• Excellent communication skills — able to explain security concepts to both technical and non‑technical people.

• We’re looking for someone grounded and realistic — who understands that perfection isn’t necessary, who can work independently to build things, and who’ll sleep well at night knowing things are secure even if the system isn’t «perfect».

   

Will be an advantage:

• A bachelor’s degree (or equivalent experience) in Computer Science, Information Security, Cybersecurity or a related discipline.
• Certifications such as CISSP, CISM, ISO 27001 Lead Implementer/Auditor or similar.

• Familiarity with cloud platforms like Google Cloud (GCP) and/or Amazon Web Services (AWS).

   

What We Offer

• Competitive salary: €1,000 - €1,700 (remote contract)
• Opportunity to work in a fast‑growing startup with global ambitions.
• Fully remote working model — flexibility and autonomy.
• Professional development opportunities and support.

Who we are:
Selesa offers IT outsourcing, specialist out-staffing, and project management services to enhance business operations. We focus on providing skilled professionals for IT needs, including development, security consulting, and business development. Selesa also manages sales, account management, and human resources to support company growth. Our services are known for efficiency, quality, and strong communication, making us a trusted partner for businesses looking to streamline and secure their IT infrastructure. Originated in Vilnius, Lithuania, we cater to global clients.

Who we are looking for:

We’re looking for a Junior Security Operations Assistant, working alongside experienced professionals to protect our clients from cyber threats. In this role, you’ll be at the forefront of defending our clients’ networks, gaining hands-on experience, and contributing to a safer digital landscape. 

Responsibilities

• Assist with daily security monitoring and SOC activities
• Review security alerts and escalate issues when required
• Help with log collection and analysis
• Support incident documentation and reporting
• Assist with vulnerability tracking and follow-ups
• Help maintain security and ISO 27001 documentation
• Support internal audits, evidence collection, and basic security tests
• Follow security policies and procedures

Requirements

• Proficiency in English 
• Basic knowledge of Linux (command line, logs, permissions)
• Basic understanding of cybersecurity concepts (phishing, malware, attacks)
• Awareness of SOC operations and incident escalation
• Basic understanding of networking concepts (ports, protocols, firewalls)
• Willingness to learn security tools and processes
• Good attention to detail and documentation skills
• Junior / Entry-level
• 0–2 years of experience in IT, SOC, or cybersecurity-related roles
• Education, training, or internships in IT/security are acceptable
• Strong attention to detail and teamwork skills.

• Ability to meet deadlines in a fast-paced environment

   

Nice to Have 

• Basic scripting (Bash or Python)
• Exposure to SIEM or endpoint security tools
• Familiarity with security frameworks
• Entry-level security certifications (e.g., Security+)

What we offer:

• Fully remote position with a flexible schedule
• Long-term opportunity with potential for financial and career advancement

• Supportive and positive work culture, collaborating with like-minded teammates

   

When submitting your application, please make sure to include your responses to the following screening questions in your COVER LETTER:

1. Please explain to us your level of spoken/written English. Just rank it from 1 to 10, where 10 means a Native Speaker; 8-9 means a Near Native Speaker; 6-7 means Fluent Speaker; under 6 any further levels.
2. How would you approach assessing and mitigating the risks associated with a new software or system implementation?
3. What methods or tools do you use to stay updated with the latest cybersecurity threats and trends?
4. What are your Monthly salary expectations for a long-term, full-time position (if we consider 40 hours a week)?

Description

We are looking for a Senior DevSecOps who will help make our cloud infrastructure safe, stable, and automated. You will work together with the development, platform, and security teams to add security at every step of product creation.

This is a great chance to grow in security automation, improve processes, and bring modern DevSecOps practices into the company.

Requirements
Must-Have Skills

5+ years of hands-on experience in DevOps / DevSecOps / Cloud Engineering roles;

Deep expertise with AWS services (IAM, VPC, CloudTrail, GuardDuty, KMS, WAF);

Proven experience with Kubernetes security — RBAC, network segmentation, image scanning, Falco or similar runtime security tools;

Strong proficiency in Infrastructure-as-Code tools, particularly Terraform (modules, state management, policy as code);

Experience managing CI/CD pipelines on GitHub Actions with integrated vulnerability scanning and secret protection;

Solid knowledge of Cloudflare security suite (Zero Trust, WAF, DNS, Access, API Gateway rules);

Familiarity with SSO and MFA solutions (DUO SSO, OIDC flows, federation via SAML);

Scripting and automation using Python, Bash, or Go;

Strong understanding of network security, TLS management, logging, and monitoring pipelines;

Excellent collaboration and communication skills, with the ability to work effectively with cross-functional engineering and compliance teams.

Nice-to-Have

Experience with policy-as-code frameworks (OPA, Conftest, Terraform Cloud Policies);

Hands-on knowledge of container security scanners (Trivy, Aqua, Anchore, Grype);

Exposure to SIEM / SOC integrations;

Familiarity with compliance frameworks (ISO 27001, NIST CSF, CIS Benchmarks);

Relevant certifications (AWS Security Specialty, Terraform Associate, CISSP, or DevSecOps certifications).

Responsibilities
Integrate security practices (SAST, DAST, SCA, secret management, compliance checks, etc) directly into CI pipelines on GitHub;

Build and manage infrastructure using Terraform (IaC) with a strong focus on least privilege, encryption, and auditing;

Strengthen security across Kubernetes clusters (RBAC, network policies, Falco runtime threat detection);

Implement security automation and continuous monitoring for vulnerabilities, misconfigurations, and drift in AWS + Kubernetes environments;

Collaborate closely with Development, Platform, SRE, Cloud Delivery Engineers, and Security teams to embed “security-by-design” principles throughout SDLC;

Conduct threat modeling, risk assessments, and incident response for cloud and container workloads;

Drive adoption of DevSecOps best practices, mentor team members, and promote a proactive security culture;

Continuously research and implement new security tools, policies, and automation opportunities to improve visibility and resilience.

Benefits

Why Join Us?

🎰 Be part of the international iGaming industry – Work with a top European solution provider and shape the future of online gaming;

💕 A Collaborative Culture – Join a supportive and understanding team;

💰 Competitive salary and bonus system – Enjoy additional rewards on top of your base salary;

📆 Unlimited vacation & sick leave – Because we prioritize your well-being;

📈 Professional Development – Access a dedicated budget for self-development and learning;

🏥 Healthcare coverage – Available for employees in Ukraine and compensation across the EU;

🫂 Mental health support – Free consultations with a corporate psychologist;

🇬🇧 Language learning support – We cover the cost of foreign language courses;

🎁 Celebrating Your Milestones – Special gifts for life’s important moments;

⏳ Flexible working hours – Start your day anytime between 9:00-11:00 AM;

🏢 Flexible Work Arrangements – Choose between remote, office, or hybrid work;

🖥 Modern Tech Setup – Get the tools you need to perform at your best;

🚚 Relocation support – Assistance provided if you move to one of our hubs.

Role description:
We are looking for an Information Security Specialist responsible for administering and maintaining security solutions, monitoring security events, and ensuring compliance with security standards across the company.

Key Responsibilities:

• Administer all technical information security solutions used by the company.
• Monitor events in SIEM, DLP, and antivirus (AV) systems.
• Ensure compliance with information security policies in company offices.
• Participate in checking remote employees for compliance with security requirements.
• Respond to security incidents and participate in their handling.
• Manage access across various systems according to the access matrix.
• Maintain and update DLP, SIEM, and other security system rules.
• Analyze the effectiveness of technical solutions used by the company and suggest improvements.
• Participate in developing and implementing the company’s information security strategy.
•  

Requirements:

• Knowledge and experience with security technologies: SIEM, DLP, EDR/XDR, Firewall, etc.
• Experience with Microsoft 365 ecosystem: Active Directory, SharePoint, Exchange.
• Understanding of vulnerability management, IAM, PAM.
• English level B1 or higher (for reading/writing technical documentation and understanding standards).
•  

Preferred:

• Experience in penetration testing.
• Experience in system administration.
• Experience working in a SOC.
• Understanding of international security standards: ISO 27001, ISO 27701, NIST, HIPAA, CIS2.
•  

We Offer:

• Competitive salary
• Opportunities for professional development and certifications
• Work in an international team with a modern IT environment
• Full remote work options

PrivatBank is the largest bank in Ukraine and one of the most innovative banks around the world. It holds a leading position for all the financial indicators in the area and comprises about a quarter of the whole banking system of our country.

We are looking for an Application Security Engineer. We are searching for the person who seeks to work in a dynamic environment and shares the values of initiative, openness and mutual trust.

We are striving to find a goal-oriented and multitask professional who would be focused on making good results and high quality.

Requirements:

• At least 3 years of experience in application security or related fields such as penetration testing and security architecture
• Proficiency in using security scanners such as SAST, DAST, SCA, Secret Detection, and Container scanning
• Experience integrating security scanners in CI/CD pipelines using Jenkins for GitLab
• Certifications such as CEH, OSCP, CSSLP, AWS Certified Security Specialty, etc. is preferred
• Background in software development, including roles such as Developer, Business Analyst, Architect, DevOps, etc
• Knowledge of Secure Software Development Life Cycle (S-SDLC) and frameworks like OWASP SAMM, BSIM, and Microsoft SDL
• Familiarity with the software development process and stages
• Basic understanding of software code
• Knowledge of key infrastructure components like databases, queues, application servers, load balancers, NoSQL, etc
• Understanding of major types of vulnerabilities
• Understanding of software architecture
• Knowledge of network protocols such as DNS, HTTP/S, SMTP, SSH, and FTP
• Ability to independently research information and solve complex problems
• Critical thinking skills

Responsibilities:

• Conduct security audits using the OWASP SAMM framework to assess current practices, identify gaps, and evaluate compliance levels within the organization
• Develop and implement strategic plans aimed at enhancing security maturity levels throughout the organization, with gradual improvements
• Application security governance and metrics
• Collaborate with various team members, including developers and top management, to advocate and implement application security best practices
• Improve our application security management platform
• Manage security architecture, focusing on integrating security at every stage of the software development lifecycle
• Integrate and oversee security automation tools to enhance security processes and reduce manual error
• Oversee security testing across various stages of software development to identify and mitigate potential security vulnerabilities
• Engage in threat modeling activities to predict and neutralize potential security threats before they impact the system
• Ensure compliance with relevant industry standards and regulations by regularly updating security policies and standards
• Track and manage software defects to ensure timely resolution of security-related issues
• Develop and conduct training and awareness programs to enhance security knowledge and practices across the organization
• Spearhead the secure integration of CI/CD practices into software development processes to ensure continuous security
• Use cloud services for application security

We offer:

• Work in the largest and most innovative bank of Ukraine
• Official employment and 24+4 calendar days of vacation
• Sick leave compensation
• Medical Insurance
• Competitive salary
• Bonuses, premium according to company policy
• Corporate training
• Modern comfortable office
• Interesting projects, ambitious tasks and dynamic growth
• Corporate financial assistance in critical situations
• A friendly professional and strong team
• Possibility of remote work format

PrivatBank is open to support and employ veterans and people with disabilities.

We believe that discrimination due to health conditions, physical abilities, age, race and ethnicity, gender or marital status is unacceptable.

We are ready to train veterans and candidates with disabilities without banking experience.

Head of Cybersecurity Product Management 

Softprom

Europe / CEE | Hybrid or Remote
Full-time
IT Distributor / VAD (Cybersecurity & Enterprise IT)

About Softprom

Softprom is an international IT distributor and value-added partner operating across Central and Eastern Europe, CIS, and neighboring regions.
We work with leading global vendors in Cybersecurity, Cloud, Infrastructure, and Enterprise IT, helping partners and customers build secure, scalable solutions.

We are now looking for a Head of Cybersecurity Product Management to lead and develop our cybersecurity product portfolio and team.

About the role

This is a senior leadership role for an experienced B2B product professional who understands IT distribution and cybersecurity markets.

You will be responsible for product strategy, portfolio development, vendor management, and people leadership, acting as a key link between vendors, sales, marketing, pre-sales, and top management.

We are looking for a system-oriented leader who builds processes and teams — not someone who tries to do everything alone.

Key responsibilities

• Lead and develop a team of Product Managers (2–3+ people)
   
• Own and manage the cybersecurity product portfolio (multiple vendors and solutions)
   
• Build and optimize product management processes, including:
   
  • onboarding and launch of new vendors
     
  • product lifecycle management
     
  • cross-functional collaboration with Sales, Marketing, and Pre-Sales
     
• Act as the main point of contact for cybersecurity vendors (local and international)
   
• Define product strategy, positioning, and go-to-market approach
   
• Participate in:
   
  • pricing and margin strategy
     
  • sales forecasting and pipeline planning
     
  • product P&L ownership
     
• Set goals and KPIs for product managers, conduct performance reviews and mentoring
   
• Represent the product function in communication with top management
  
   

Requirements (Must-have)

Experience & Expertise

• 5+ years of experience in B2B IT product management
   
• 2+ years of experience managing product managers (team lead / head role)
   
• Hands-on experience working with:
   
  • IT vendors (local and/or international)
     
  • multi-product portfolios
     
• Strong understanding of the cybersecurity market, including:
   
  • solution categories (NGFW, EDR/XDR, IAM, SIEM, DLP, SASE, etc.)
     
  • competitive landscape
     
  • typical customer use cases
    
     

Management & Business Skills

• Ability to:
   
  • set goals and KPIs
     
  • prioritize products and initiatives
     
  • develop people through mentoring and performance management
     
• Proven experience building and improving product processes
   
• Solid business mindset with understanding of:
   
  • product P&L
     
  • go-to-market strategy
     
  • pricing and positioning
     
  • sales forecasting
     
• Confident working with numbers: pipeline, funnel, margins
  
   

Communication

• Strong negotiation and stakeholder management skills
   
• Ability to speak the same language with:
   
  • vendors
     
  • sales teams
     
  • technical experts
     
  • executive management
    
     
• English — Upper-Intermediate or higher (negotiations, presentations, documentation)
  
   

Nice to have

• Experience working in a distributor or VAD
   
• Exposure to regional markets (CEE, CIS, Baltics)
   
• Experience launching new vendors or products from scratch
   
• Understanding of partner ecosystem:
   
  • resellers
     
  • system integrators
     
  • MSPs
     
• Relevant certifications:
   
  • CISSP / CISM
     
  • vendor certifications
    
     

Personal qualities

• High level of ownership and accountability
• Ability to work effectively in ambiguous and changing environments
• Proactive, results-oriented mindset
• Natural authority without micromanagement
• Strong multitasking and prioritization skills
  
   

Why Softprom

• Strategic leadership role with real influence on business results
• Mature B2B environment and international vendor portfolio
• Opportunity to shape and scale cybersecurity business across regions
• Professional, experienced team
• Long-term growth and stability
   

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a talented and motivated Junior Pentester who will join our security team to work on penetration testing and vulnerability/cloud security assessment projects.

We expect a short motivation letter where you can explain your skills, achievements and motivation.

Required skills

- Solid non-commercial cybersecurity experience, such as HTB/THM

- Junior-level cybersecurity certifications would be a plus.

- Comfortable with basic application security testing and common vulnerabilities (like OWASP Top 10, CWE Top 25) and cybersecurity fundamentals

- Strong basic IT skills: Linux, networking (TCP/IP, DNS, HTTP etc.)

- Some experience in scripting/coding languages, such as Java, JS, Python, Shell, etc.

- Strong drive to learn and develop cybersecurity skills

- Technical English (Intermediate)

We offer

- Good salary + bonus system

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Support in obtaining professional certifications, such as BSCP, OSCP, eWPTX, cloud certifications, etc.

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Execute penetration tests and security assessments as part of a team, including internal/external networks, web and mobile applications, Windows and Linux environments, cloud architectures, IoT devices, and more

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Conduct security research

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a Middle/Senior Security Consultant / Penetration tester to work on and lead penetration testing and vulnerability/cloud security assessment projects.

In this role, you will work on technically challenging projects and also spend some time leading/mentoring our junior pentesting colleagues.

Required skills

- 1.5+ years of intensive commercial experience

- OSCP, eWPTx2 or similar would be a plus

- Scripting/coding skills and being comfortable with advanced pentesting tooling

- Strong knowledge of mobile/web security

- Comfortable with cloud and container security

- Basic RE skills

- Ability to mentor/lead colleagues

- Strong ability and drive to learn and develop cybersecurity skills

- Technical English (Intermediate+)

We offer

- Good salary + bonus system

- Diverse project portfolio and technologies to work with

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Participate in various pentesting projects

- Lead junior colleagues

- Perform threat modeling in pentesting and security assessment projects

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Consult clients on efficient issues remediation

- Conduct security researches

- Develop tools and scripts to automate and improve current pentesting processes

We are looking for a Cybersecurity Testing Team Lead to join our team!  

Requirements: 
- 5+ years in offensive security/penetration testing
- 2+ years in a technical leadership role (team lead/principal/tech lead)
Hands-on experience with:
- Web, API, Mobile (iOS/Android) pentesting
- Secure code review (at least one backend language)
- Cloud & infrastructure security testing
- Proven experience working with product teams, not only 'report delivery' 

Will be plus: 
- Advanced Offense
- Red Team/Purple Team experience
- Adversary emulation (MITRE ATT&CK)
- Threat modeling from an attacker’s perspective
- Experience with exploit development or advanced bypass techniques

- Cloud & Platform Security
- AWS (Preferred)
- Kubernetes security testing
- CI/CD attack vectors
- Secrets, identity, and supply chain attacks

Responsibilities:  
Leadership and Team Management:
- Lead and grow the Offensive Security team (pentest/red team)
- Define roles, expectations, and competency levels
- Mentor team members and conduct technical reviews
- Own capacity planning and prioritization 

Offensive Security Operations:
- Own the pentest intake process (Jira-based)
- Ensure consistent coverage:
- Web/API/Mobile
- Cloud/Infra
- Enforce quality standards for test depth, reports, risk assessment, and retesting
- Findings & Risk Management 

Ensure:
- Findings are exploitable, reproducible, and actionable
- False positives are minimized
- Risk is clearly communicated

Our benefits to you:
☘️An exciting and challenging job in a fast-growing holding, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and more
🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed
🧑🏻‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided
🏖Paid vacations, sick leave, personal events days, days off
💵Referral program — enjoy cooperation with your colleagues and get the bonus
📚Educational programs: regular internal training sessions, compensation for external education, attendance of specialized global conferences
🎯Rewards program for mentoring and coaching colleagues
🗣Free internal English courses
✈️In-house Travel Service 
🦄Multiple internal activities: online platform for employees with quests, gamification, presents and news, clubs for movie / book / pets lovers and more
🎳Other benefits could be added based on your location 

Required hard skills
• Strong understanding of network security (LAN, WAN, VPN, firewalls, IDS/IPS, proxies)
• Experience securing infrastructure (on-prem, cloud, hybrid environments)
• Knowledge of Zero Trust and least-privilege access models
• Experience with endpoint security (EDR, antivirus, disk encryption)
• OS security knowledge: Windows, macOS, Linux
• Experience with monitoring and logging systems (endpoints, servers, network traffic)
• Understanding of authentication, authorization, IAM
• Experience with security hardening and patch management
• Familiarity with security awareness and training platforms
• Basic scripting skills (Bash, PowerShell, Python)
• Understanding of networking protocols (TCP/IP, DNS, HTTP/S)
Required soft skills
• Ability to explain security concepts to non-technical users
• Strong communication and presentation skills
• Proactive and security-first mindset
• High attention to detail
• Ability to influence user behavior and promote security culture

Responsibilities:

• Design and maintain secure network and infrastructure architecture
• Configure and manage firewalls, VPNs, access controls, and network segmentation
• Secure servers, cloud resources, containers, and virtual machines
• Secure employee workstations and enforce security baselines
• Monitor endpoints and infrastructure for suspicious activity
• Collect, analyze, and correlate security logs
• Detect, investigate, and respond to security incidents
• Perform vulnerability analysis, risk assessment, and remediation
• Conduct system and network hardening
• Develop and deliver internal security trainings and awareness sessions
• Manage and maintain security training platforms and learning content
• Organize phishing simulations and awareness campaigns
• Collaborate with IT, DevOps, Infrastructure, and HR teams
• Complete and review clients security questionnaires and security assessment forms to demonstrate the company’s security posture
• Participate in security and compliance calls with client information security specialists and stakeholders

Monitoring & Incident Response
• Set up and maintain security monitoring and alerting
• Investigate anomalies and security incidents
• Perform root-cause analysis and post-incident reviews
• Improve detection, response, and prevention processes

Security Awareness & Training
• Plan and deliver security awareness programs
• Manage training platforms and user enrollment
• Track training completion and effectiveness
• Continuously improve training materials based on incidents and risks

Nice to have
• Experience with SIEM and SOAR tools
• Experience with MDM solutions
• Knowledge of cloud security (AWS / GCP / Azure)
• Experience running phishing simulations
• Familiarity with security frameworks and compliance standards
• Security certifications (optional)

Required Skills & Experience

Technical Skills
Strong understanding of:
Network security principles
TCP/IP, DNS, HTTP/S, VPNs
Experience with:
Firewalls (hardware or software)
Endpoint security / EDR solutions
Monitoring & logging tools
OS security knowledge:
Windows, macOS, Linux

Experience securing:
On-prem infrastructure
Cloud environments (AWS / GCP / Azure — at least one)

Security Knowledge
Authentication & authorization mechanisms
Identity and access management (IAM)
Security best practices and frameworks
Threat detection and response fundamentals

Knowledge of:
Zero Trust
MDM solutions
Cloud security posture management
Security certifications (e.g., Security+, CEH, CISSP — optional)

About us: 
Devoted Studios is a US-based game development company specializing in Co-development, Porting, and End-to-End Art Production for the global gaming industry. With a distributed team of over 1,900+ skilled professionals, we collaborate across time zones to support projects on all major platforms, engines and styles - from AAA titles to emerging technologies.

Our team includes world-class talents who bring deep expertise in external development, pipeline optimization, and creative problem-solving. Whether it’s porting games to new systems, enhancing gameplay features, or crafting stunning visuals, Devoted Studios operates as a trusted, flexible extension of our partners’ internal teams.

We are proud to be the development partner of choice for industry leaders such as: 2K, Xbox, Meta, Obsidian Entertainment, Turtle Rock Studios, Gearbox Software

At Devoted Studios, we’re committed to making outsourcing more efficient, collaborative, and impactful. If you're passionate about co-development, game art, or solving technical challenges on a global scale. 

PwC is a global network of more than 370,000 professionals in 149 countries that turns challenges into opportunities. We create innovative solutions in audit, consulting, tax and technology, combining knowledge from all over the world.

PwC SDC Lviv, opened in 2018, is part of this global space. It is a place where technology is combined with team spirit, and ambitious ideas find their embodiment in real projects for Central and Eastern Europe.

What do we guarantee?

• Work format: Remote or in a comfortable office in Lviv - you choose.
• Development: Personal development plan, mentoring, English and Polish language courses.
• Stability: Official employment from day one, annual review of salary and career prospects.
• Corporate culture: Events that unite the team and a space where everyone can be themselves.

We are seeking a Security Engineer to provide deep technical expertise, tooling evaluations, and hands‑on engineering support across our security program. This role acts as a builder‑defender, driving practical security control implementation, assessing emerging technologies, and ensuring secure integration patterns for modern applications—including but not limited to AI systems. You will bridge high‑level security strategy with real engineering execution.

Key Responsibilities:
 

• Implement and operationalize security controls, translating policies and theoretical requirements into real, functioning technical solutions.
• Evaluate and integrate modern security tools, performing hands‑on testing and delivering data‑driven recommendations.
• Design and review secure architecture patterns for application and platform integrations (APIs, cloud services, third‑party tools, internal services).
• Conduct threat modeling for complex use cases, identifying risks such as data exposure, API abuse, system compromise, and emerging AI‑related attack vectors.
• Provide technical security guidance to engineering and product teams proposing new solutions or integrations.
• Partner closely with DevSecOps teams to embed security practices into CI/CD pipelines, container workflows, and cloud environments.

Requirements:
 

• 4+ years in Application Security, Cloud Security, Security Engineering, or DevSecOps.
• Strong knowledge of API security, OAuth/OIDC, containers, and cloud‑native services.
• Hands‑on experience with security tools (posture management, vulnerability scanners, SIEM/SOAR).
• Ability to assess third‑party vendors and modern security technologies.
• Proficiency in Python or another scripting language.
• Understanding of generative AI risks (prompt injection, data leakage) is a plus.
• Strong analytical thinking and clear communication skills.
• Self‑driven, adaptable, and proactive in a fast‑changing tech landscape.

Policy statements:
https://www.pwc.com/ua/uk/about/privacy.html