Jobs

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a talented and motivated Junior Pentester who will join our security team to work on penetration testing and vulnerability/cloud security assessment projects.

We expect a short motivation letter where you can explain your skills, achievements and motivation.

Required skills

- Solid non-commercial cybersecurity experience, such as HTB/THM

- Junior-level cybersecurity certifications would be a plus.

- Comfortable with basic application security testing and common vulnerabilities (like OWASP Top 10, CWE Top 25) and cybersecurity fundamentals

- Strong basic IT skills: Linux, networking (TCP/IP, DNS, HTTP etc.)

- Some experience in scripting/coding languages, such as Java, JS, Python, Shell, etc.

- Strong drive to learn and develop cybersecurity skills

- Technical English (Intermediate)

We offer

- Good salary + bonus system

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Support in obtaining professional certifications, such as BSCP, OSCP, eWPTX, cloud certifications, etc.

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Execute penetration tests and security assessments as part of a team, including internal/external networks, web and mobile applications, Windows and Linux environments, cloud architectures, IoT devices, and more

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Conduct security research

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a Middle/Senior Security Consultant / Penetration tester to work on and lead penetration testing and vulnerability/cloud security assessment projects.

In this role, you will work on technically challenging projects and also spend some time leading/mentoring our junior pentesting colleagues.

Required skills

- 1.5+ years of intensive commercial experience

- OSCP, eWPTx2 or similar would be a plus

- Scripting/coding skills and being comfortable with advanced pentesting tooling

- Strong knowledge of mobile/web security

- Comfortable with cloud and container security

- Basic RE skills

- Ability to mentor/lead colleagues

- Strong ability and drive to learn and develop cybersecurity skills

- Technical English (Intermediate+)

We offer

- Good salary + bonus system

- Diverse project portfolio and technologies to work with

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Participate in various pentesting projects

- Lead junior colleagues

- Perform threat modeling in pentesting and security assessment projects

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Consult clients on efficient issues remediation

- Conduct security researches

- Develop tools and scripts to automate and improve current pentesting processes

About you:

We are looking for a proficient Vulnerability Researcher to work in the cybersecurity field. If you are interested in making a difference and being part of an exciting project, please apply with your CV.

About project:

Our new client develops a cyber security project for the US government. You will have the opportunity to contribute to the security of the United States.

Your area of responsibility:

- Detect and exploit vulnerabilities;

- Build scripts and software modules to verify the presence of vulnerabilities;

- Reverse-engineer vulnerability patches in order to better understand certain vulnerabilities;

- Assist in the development of tools to improve vulnerability or threat research.

Skills and requirements:

- Proven experience in vulnerability exploitation and fuzzing;
- Extensive experience (3+ years) in reverse engineering;
- Knowledge of OS internals (any OS);
- Recent knowledge of exploitation techniques (iOS/Android/Windows/Linux/embedded).

Will be a plus:

- Academic degree in Computer Sciences/Mathematics/Physics;

- Proven record (CVEs or verbal description) of found vulnerabilities in mobile/desktop OSes;

- Good interpersonal skills.

We offer:

- Висококласні робочі умови: спільнота першокласних інженерів, близько 90% нашої команди це Middle та Senior; цікаві та довгострокові проєкти у різних сферах; можливість змінити проєкт в разі необхідності;

- Конкурентна ринкова компенсація в валюті (не в гривневому еквіваленті), яка виплачується без затримок;

- Власний план розвитку та регулярні перегляди компенсації;

- Оплачувані відпустки (20 днів) та лікарняні дні (5 днів);

- Всі державні свята за Українським законодавством є вихідними;

- Можливість працювати з будь-якою точки світу — ми знайдемо юридичний варіант, допоможемо легалізуватися або проконсультуємо з цього питання.

- Бухгалтерський супровід;

- Юридична підтримка в межах України;

- Повноцінна HR-підтримка та турбота.

We are looking for an endpoint/workstation support engineer to support multiple mixed MacOS/Windows/Lin remote working environments. You should maintain a high level of user satisfaction, as well as properly document your work.

Your primary tasks will include:

* Enduser remote support for agents installation

* AV alerts investigation

* Ensuring security compliance policies are in place (e.g. full disk encryption, firewall)

* Implementing updates on agent installation packages whenever new version arrives

* Testing of Windows/Win/Lin endpoint agent updates

The candidate should have a proof records of successful projects in the following areas:

* support of AV/EDR/VPN and other security agents on multiple platforms

* Intune MDM

* Apple Business Manager

* Windows, MacOS and Linux endpoint support

* Basic Unix shell and Powershell scripting

* MS Graph API and other REST API basic experience

* Windows and MacOS troubleshooting with the aid of Sysinternals tools and different set of MacOS tools (netstat, lsof, vmstat, top, dtruss, etc.)

* Fluent English

* Teamwork and problem solving mind

* Compliance framework basic awareness (ISO27001/PCI-DSS/HIPAA etc.)

* ITIL and IT service basic awareness and ability to write end-user documentation/procedures/instructions

A big plus if have all or any of the following:

* Microsoft Intune certification or other Microsoft Security/Endpoint certificationi

* Any AV vendor certification

* Any security related certification (e.g. ISO27001LA, CISSP, CISA)

Ajax Systems is an international technology company, the largest developer and manufacturer of security systems in Europe.

The startup, created in 2011 in Ukraine, scaled into an international product company. Ajax security systems protect more than 2.5 million users in 169 countries. The company works with 150,000 installers in key markets.

Ajax Systems has a central office, an R&D department, and two full-cycle productions in Ukraine; the representative offices in the UAE (Dubai), Great Britain, Italy, Spain, and teams in many other regions; and a logistics hub in Poland.

The company has more than 3,000 employees, including 500 development engineers and 1,200 production workers.

Ajax products are a whole ecosystem of 135 devices, mobile and desktop apps, and server infrastructure.

The product line includes control panels, motion detectors, opening detectors, flood prevention, fire detectors, street and home sirens, alarm buttons with the appliances control function, smart sockets, and relays.

Our infrastructure is a part of the product that is invisible to the end user, but critical to the life of the entire system. The safety of our users and their property depends on our uptime. We are constantly developing our cloud solutions and this requires automating our infrastructure, testing and improving its fault tolerance. For this purpose we are looking for Senior DevSecOps Engineer.
 

Requirements:

• 5+ years of experience with a strong interest in security or exposure to DevSecOps principles.
• 3+ years of experience with AWS common stack: VPC, EC2, S3, RDS, Elasticache, Route53, Lambda etc.
• 3+ years of experience with AWS security stack: CloudTrail, IAM, KMS, WAF, GuardDuty, Inspector, Macie etc.
• 3+ years of experience with managing Linux-based systems, TCP/IP networking.
• 3+ years of experience with IaC and config management tools such as Terraform, Terragrunt, Ansible.
• Experience with git, Docker, Github Actions, Jenkins etc.

• Interest in security best practices and a willingness to grow skills in securing DevOps processes.

   

Desirable:

• Experience in a DevSecOps role or a similar position.
• Understanding of regulatory requirements and industry standards(SOC2, ISO27001, PCI DSS etc).
• Certifications related to cloud security (e.g., AWS Security Specialty)
• Kubernetes (AWS EKS) + Helm.
• Message brokers: NATS, Kafka.
• Databases: MongoDB.
• Hashicorp tools: Vault, Packer.

• Monitoring/Alerting: Datadog, OpsGenie.

   

Responsibilities:

• Security-focused DevOps Practices: Apply secure configurations and best practices within the DevOps environment, aiming to make security a natural part of the development and deployment process.
• Vulnerability Awareness: Help identify and address vulnerabilities in software and infrastructure components, working collaboratively to mitigate risks.
• Security Incident Participation: Work with incident response teams on security issues, assisting as needed with investigations and documentation.
• Infrastructure Hardening: Support secure configurations of cloud infrastructure, with a focus on access management and basic data protection measures.
• Real-Time Monitoring Assistance: Assist with maintaining and improving security monitoring for quick detection and response to incidents.
• Tool Collaboration: Collaborate with the security team to evaluate and integrate tools that enhance DevOps security.
• Documentation and Process Integration: Help document security practices, policies, and procedures within DevOps workflows, integrating them smoothly with existing processes.

With us you will enjoy:

• Working with a team of people to build the future of an industry.
• Non-trivial challenges and various specter of interesting tasks.
• A flexible, friendly and collaborative work environment.
• Corporate culture based on common sense.
• Opportunities to influence the creation of new products and their quality.

We are looking for a Security Architect (Cloud) to join our team!

As a Security Architect (Cloud), you will become an essential and vital part of our Cyber Risk team, providing expert advice in both local and international cloud security projects where a diverse skillset, relevant knowledge on both IT and business aspects set us apart from the competition. As part of our Cyber Practice, you will be part of a team of seasoned cyber security professionals where inclusive leadership, continuous learning and coaching culture is considered an essential part of who we are.

As part of your role, together with Senior Leadership, you will be in charge of developing and refining Deloitte's Cloud Security offering and go to market; as well as build the Cloud Security practice within Ukraine and central Europe.

Some of your tasks will include:
 

• Supporting clients during their cloud transformation initiatives, making sure that all technical security risks are correctly identified, mitigated and reported. In addition, integrating the new cloud infrastructure in the overarching security architecture and strategy
• Plan, research, and design security controls for IT systems and data to align with business objectives
• Developing technical security standards to serve as input for the creation of the cloud landing zones
• Defining, establishing and maintaining multi-cloud security architectures, strategies and methodologies
• Leading the implementation of technological cloud security capabilities by defining the technological security vision, defining the solutions and steering the implementation teams in realizing these architectures
• Review system security measures and implement necessary enhancements
• Defining and reviewing cloud security architectures and strategic roadmaps on an ongoing basis to ensure alignment with both business and IT strategies, taking into account technology evolutions
• Giving input to the ongoing improvement and streamlining of security architecture development and delivery
• Delivering an integrated security architecture model linking cloud, applications, information and infrastructure architectures

Let's talk about you

• Between 7 - 15 years of Cyber security experience, ideally most of it within consulting within the following areas:

Cloud and Container Security: 

• Minimum of 5 years experience with AWS, Azure, GCP or OCI and demonstrable affinity with Cloud technology
• Knowledge of information security principles and guidelines (including CIS, MITRE ATT&CK frameworks)
• Strong working knowledge of IT risks, cybersecurity, computer operating systems, and cloud computing environments
• Experience with containerization: Kubernetes, Docker. Practical experience with serverless and secure development environments, infrastructure-as-code is a plus

Governance and Risk Assessment :

• Good knowledge of security frameworks such as ISO, NIST CSF, CSA and CIS controls
• Experience with the implementation of cloud risk frameworks and optimization of controls in CI/CD pipelines

Architecture and Design:

• Well-versed in Secure Cloud Architecture Design and Implementation; Able to design solutions for improving Cloud Security by enforcement of cloud security guardrails and standards
• Experience with architecture and security reviews, threat modeling applications, and identifying areas of risk
• Experience with encryption in-flight and at-rest practices, as well as certificate and secrets is a nice to have
• High level knowledge of network architectures, topologies, and concepts (Firewalls, LB, WAF, CDN, VPC, ACL, TLS, SSH, and DNS)
• Experience implementing strategies to support secure and compliant architectures

Soft skills: 

• Adaptable, flexible and able to see the bigger picture
• Comfortable or eager to be involved in business development initiatives, should be at ease being on the market and engaging with potential new clients or increasing our offering with existing clients
• A thought-leader with a strong drive and motivation to build a team
• Ability to work within international environment

Certifications such as CISSP, CISA, or CISM are highly desired

Skills and Experience Requirements:

- 3+ years of experience as an Information Security Auditor/Internal Security Assessor.

- Experience managing controls or compliance with SOC2, ISO 27001, PCIDSS.

- Experience managing multiple projects in a fast paced, ambiguous environment, accountability/ownership for the audit project lifecycle.

- A high degree of personal integrity, attention to detail, and strong investigative skills.

- Associate or bachelor’s degree in  Information Security/IT/Cybersecurity related discipline is preferred.

Responsibilities:

- Schedule, coordinate, and lead company internal audits. Handle the full internal audit cycle.

- Develop and implement of audit program ( ISO/IEC 27001, PCIDSS, GDPR).

- Support preparation for external audits, liaise with external auditors and provide internal guidance in support of external audits.

- Plan, implement, monitor, and upgrade security measures to protect the organization’s data, systems, and networks.

- Conduct audits regular audits and provide recommendations.

- Maintain, monitor, and improve the audit process. 

- Control of implementation of corrective actions addressing nonconformities with management systems standards and document requirements.

We offer:

- 20 working days of vacation;

- 12 sick days;

- Compensation for sick leave;

- Medical insurance;

- Flexible work schedule;

- Gifts and benefits for significant occasions;

- Mental health care;

- Support and development of volunteer culture.

Delasport — Implementing Technological Solutions Here and Now.

Delasport is an iGaming Software company providing Sports Betting & Online Casino software, and turnkey B2B solutions. Established in 2010, Delasport delivers a one-stop-shop solution of Sports Betting and Online Casino from a White-Label, with a full range of management services to a Plug&Play iFrame and a complete Turnkey. We are establishing an R&D center in Kyiv, and are looking for top talents to join our team.

RESPONSIBILITIES

• Monitor compliance with information security and privacy policies at a technology company.
• Completing vendor security assessments and reviews.
• Reviewing security clauses in customer and vendor contracts.
• Providing, reviewing, and enhancing security training and awareness programs.
• Management of the organization's technological risk assessments.
• Helping security leaders to identify and assess risks of the organization and developing strategies to manage and mitigate these risks.
• Develop and implement best practices for assessing and evaluating IT and security controls for the organization third-party businesses.
• Manage the penetration testing and technical risk assessments from end to end.
• Supporting the business with customer engagements, including attending customer calls and supporting our sales teams

REQUIREMENTS  

• Minimum of 5 years of experience in a similar role in a technology/software/cloud organization
• Experience implementing and enforcing information security, regulatory, and privacy policies across the business.
• Acquaintance working with cyber security tools and products.
• Solid knowledge of information security principles and practices.
• Knowledge of risk management frameworks and industry compliance standards such as ISO 27001/ SOC2/ PCI DSS
• Excellent interpersonal skills and ability to work in a team with multiple interfaces.
• Experience working at SaaS provider company - an advantage.
• Fluent English

WHAT WE CAN OFFER YOU

• Modern office in Podil with an uninterruptible power supply and the Internet
• Personal time off (21 business days of paid vacation, paid days on special occasions, sick leaves, emergency days off)
• Public holidays
• Health insurance with the broker which is available from the first month of cooperation
• Life insurance with the broker which is available from the first month of cooperation
• Modern technical equipment
• English courses with native speakers
• Ukraine-based educational programs
• Sports activities reimbursement
• Corporate entertainments
• Happy hours on Fridays
• Gig contract support

FAVBET Tech develops software that is used by millions of players around the world for the international company FAVBET Entertainment.
We develop innovations in the field of gambling and betting through a complex multi-component platform which is capable to withstand enormous loads and provide a unique experience for players.
FAVBET Tech does not organize and conduct gambling on its platform. Its main focus is software development.

Main areas of work:

• Betting/Gambling Platform Software Development — software development that is easy to use and personalized for each customer.
• Highload Development — development of highly loaded services and systems.
• CRM System Development — development of a number of services to ensure a high level of customer service, effective engagement of new customers and retention of existing ones.
• Big Data — development of complex systems for processing and analysis of big data.

• Cloud Services — we use cloud technologies for scaling and business efficiency.

   

About Us
We are a dynamically growing company specializing in developing high-load and fault-tolerant systems. Our team values professionalism, innovation, and a commitment to continuous growth.

Responsibilities:

• Lead the design, implementation, and integration of various cyber defense tools
• Conduct threat hunting over log sources connected to the SIEM and develop new coverage
• Monitor security alerts, perform triage and analysis, and respond to security incidents
• Identify security tools and implement solutions from POC to production (e.g., container security, cloud security, etc.)
• Develop SOAR to enhance monitoring, response, and observability for security alerts
• Managing infrastructure as code with Terraform
• Managing configuration as code with Ansible (AWX), Helm and Jsonnet
• Work closely with Engineering and DevOps teams to define a security strategy and execute it. 

Requirements:

• Strong knowledge of AWS, Kubernetes, containerized, and microservice architectures
• Strong knowledge of Linux and using languages such as Shell/Bash, Python, or Go
• Strong knowledge of Terraform, Ansible and Helm
• Experience with security solutions in cloud environments (e.g., DDoS, WAF, IDS/IPS, DB-FW, Kubernetes security, etc.)
• Knowledge of build/release systems and CI/CD pipelines

Nice to Have:

• Experience with Elastic XDR, including fine-tuning ILMs

We offer:

• 30 day off — we value rest and recreation;
• Medical insurance for employees and the possibility of training employees at the expense of the company and gym membership;
• Remote work or the opportunity — our own modern lofty office with spacious workplace, and brand-new work equipment (near Pochaina metro station);
• Flexible work schedule — we expect a full-time commitment but do not track your working hours;

• Flat hierarchy without micromanagement — our doors are open, and all teammates are approachable.

   

During the war, the company actively supports the Ministry of Digital Transformation of Ukraine in the initiative to deploy an IT army and has already organized its own cyber warfare unit, which makes a crushing blow to the enemy’s IT infrastructure 24/7, coordinates with other cyber volunteers and plans offensive actions on its IT front line.

RISK inc: An International iGaming Company Pushing the Boundaries of Entertainment

Who We Are:

An international iGaming company specializing in identifying and fostering the growth of high-potential entertainment markets. With 700+ professionals in 20+ locations, we operate in 10 countries, serving over 300,000 customers.

Always Pushing the Boundaries? You Already Belong at RISK!

Our global-scale operations are based on strong internal expertise, analytics, and data research. We have expertise in iGaming operations (sports betting, online casino), digital and affiliate marketing, tech solutions, and data analytics.

We are seeking a SOC Specialist to become a part of our team.

Responsibilities:

• Event Collection and Analysis: Gather and analyze events from infrastructure components (websites, servers, databases).
• Security Rule Development and Implementation: Create and implement security rules for scenarios like fake registrations, mass registrations, and DDoS attacks.
• Monitoring and Incident Response: Monitor and respond to rule triggers/incidents, refine response rules, and handle blocking actions.
• Security Incident Investigation: Investigate security incidents.
• Resource and Service Registry: Maintain a registry of resources and services.
• Security Compliance Control: Ensure resource compliance with international security standards and apply the latest security patches.
• Collaboration with Subcontractors and Security Partners: Work closely with subcontractors and partner companies on security matters.
• Administration of Security Systems: Manage security systems such as MDM (Mobile Device Management), BYOD (Bring Your Own Device), SIEM (Security Information and Event Management), and CloudFlare.
• Risk Analysis and Mitigation: Assess existing risks and develop compensatory actions to minimize them. Risk Analysis for New Systems and Projects: Evaluate potential risks related to implementing new systems, services, or applications to enhance business processes.

Qualifications

• Minimum 3 years of experience in IT and/or information security.
• Solid understanding of IT Infrastructure and Network Security principles.
• Familiarity with IT infrastructure protection systems and network security.
• Experience with IAM (Identity and Access Management) systems.
• Proficient in vulnerability management systems.
• Experience in configuring SIEM tools (Open Search, Splunk, or others).
• Desired experience in configuring security policies for Google Workspace/Office 365.
• Familiarity with tools like Terraform, GitLab, Prometheus, Grafana, Loki, Docker, Docker Compose, PowerBI, HaProxy, Nginx, and LEMP.
• Familiarity with cloud solutions such as AWS, DigitalOcean, CloudFlare, GCP, and Kubernetes.
• Experience with external audits (either undergoing or conducting them).
• Strong understanding of risk and incident management methodologies.
• Excellent documentation skills (creating instructions, policies, guidelines).
• Familiarity with scripting languages like Python, Bash/Shell scripts, SQL, and PowerShell for automation, parsing, API work, and database tasks.
• Knowledge of security standards like ISO/IEC 27001 and NIST.
• Familiarity with antivirus systems; experience with CrowdStrike is a plus.
• Desired experience in deploying and administering databases.
• Desired experience with Windows, Linux, and MacOS operating systems.
• Intermediate or higher proficiency in English (both written and spoken).

Our Benefit Cafeteria is Packed with Goodies:

• Children Allowance
• Mental Health Support
• Sport Activities
• Language Courses
• Automotive Services
• Veterinary Services
• Home Office Setup Assistance
• Dental Services
• Books and Stationery
• Training Compensation
• And yes, even Massage

PIN-UP Global is an international holding specializing in the development and implementation of advanced technologies, B2B solutions and innovative products for the iGaming industry. We provide certification and licensing of our products, providing customers and partners of the holding with high-quality and reliable solutions.
 

We are looking for an Application Security Engineer to join our team.

Requirements:
 

- 2+ years in cybersecurity or software development.

- Experience with SAST/DAST/IAST tools (e.g., Semgrep, Snyk, Burp, OwaspZap).

- Knowledge of secure development practices (OWASP Top 10, CWE/SANS Top 25).

- Experience implementing Quality Gate in CI/CD.

- Understanding of web applications and API architecture (web-GRPC, REST, Ajax).

- Knowledge of security standards: ISO 27001, SOC 2, NIST, PCI-DSS.

- Basic understanding of containers (Docker, Kubernetes).

- Programming Languages:

- Python, Go, JavaScript, Bash for code review and scripting.

- Fluently on Russian or Ukrainian;
 

Will be plus:

- Certifications (optional): eWPT, OSWE, CEH, GWEB.

Responsibilities:

Application Security Analysis:
 

- Implement and maintain SAST/DAST tools.
- Conduct threat modeling for new features.
- Perform source code analysis for vulnerabilities.
- Ensure secure API implementations.

DevSecOps Processes:
 

- Set up security gates in GitLab CI/CD.
- Scan dependencies (Grype, Trivy).
- Validate Helm charts for security issues.

Vulnerability Management:
 

- Track vulnerabilities using DefectDojo.
- Prioritize and assign remediation tasks.
- Monitor vulnerability resolution.

Training and Documentation:
 

- Conduct secure coding workshops.
- Develop guidelines and checklists.

Our benefits to you:

☘️An exciting and challenging job in a fast-growing product holding, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and other
🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed
🧑🏻‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided
🏖Paid vacations, sick leave, personal events days, days off
💵Referral program — enjoy cooperation with your colleagues and get the bonus
📚Educational programs: regular internal training, compensation for external education, attendance of specialized global conferences
🎯Rewards program for mentoring and coaching colleagues
🗣Free internal English courses
🦄Multiple internal activities: online platform for employees with quests, gamification and presents for collecting bonuses, PIN-UP team clubs for movie / book / pets lovers, etc
🎳Other benefits could be added based on your location

This app is an internal GenAl platform designed to support building and deploying Al-powered tools and agents. It provides infrastructure and components for working with large language models (LLMs), integrating various data sources, and orchestrating intelligent workflows. The platform includes tools for managing prompt templates, configuring model pipelines, handling input/output processing, and deploying modular Al services. It supports both open-source and commercial LLMs (e.g., OpenAl, Anthropic), and can run across multiple cloud environments. App AI is used across the organization to create custom Al assistants, automations, and decision support systems - typically combining structured business data with LLMs to generate insights, recommendations, and actions. It also includes role-based access controls, audit logging, and API integrations to ensure enterprise compliance and scalability. App AI is applied across industries such as: Healthcare: Accelerates insights from medical data. Aviation: Analyzes customer feedback to improve services. Retail: Generates personalized marketing content. Finance: Automates contract workflows and compliance processes

Typical Tasks for Python Developers 

* Build modular Python services for parsing, analyzing, and routing incoming medical and insurance documents. 

* Design and maintain custom pipelines for PDF processing, layout extraction, and field mapping using tools like pdfplumber, PyMuPDF, and heuristic matching. 

* Develop integrations with third-party APIs for document retrieval, submission, and status tracking (e.g., eFax, Athenahealth). 

* Implement and benchmark different approaches for matching patient and provider identities across unstructured data sources. 

* Create and maintain internal tools for debugging document flows and visualizing extracted metadata. 

* Automate QA checks for document classification and extraction results, reducing manual validation by >30%. 

* Prototype and deploy semantic search features using vector databases and hybrid retrieval methods. 

* Build health-check dashboards and job monitors to track performance and reliability of ingestion services. 

* Collaborate with ML and product teams to define input/output specs for document annotation and pre-processing steps. 

* Contribute to CI/CD setup, containerization, and environment management for Python services (Docker, GitHub Actions).

We offer:

• Attractive financial package

• Challenging projects

• Professional & career growth

• Great atmosphere in a friendly small team

Have you always dreamed of building a career in information security? Do you have an analytical mindset and a keen eye for detail?

We are looking for an IT Compliance & Audit Specialist who is eager to expand their knowledge in information technology and cybersecurity, as well as gain experience working in an international IT company.

You will work on a wide range of tasks related to information security to support the company's operations together with our Security Department.

Sounds interesting? There's more to come 💛

What you will do:

• Manage certification preparation processes (ISO, PCI DSS, SOC 2, etc.) and conduct them in accordance with relevant requirements (HIPAA, GDPR, CCPA, etc.)
• Monitor compliance of IT infrastructure with security standards;
• Collaborate with auditors and certification bodies;
• Monitor changes in legislation and security standards;
• Create documentation on policies and processes;
• Handle security requests from clients (external and internal);
• Develop and conduct internal audits;
• Assess risks and monitor compliance with security requirements;
• Prepare and conduct training on information security and compliance requirements.

What you need to succeed in this role:

• 3+ years of proven experience in information security, audit or compliance sphere(s);
• Degree in information technology, cybersecurity, law or risk management;
• Certifications (one or more) are desirable:
  - ISO 27001 Lead Implementer / Lead Auditor;
  - CISM (Certified Information Security Manager);
  - CISA (Certified Information Systems Auditor);
  - CISSP (Certified Information Systems Security Professional);
  - CIPP/E or CIPM (for GDPR);
  - PCIP, ISA or QSA (for PCI DSS).
• Experience in external audits and certification preparation;
• Knowledge of risk management principles;
• Skills in conducting GAP analysis and internal audits;
• Outstanding analytical skills and attention to detail; 
• Excellent English skills (for interacting with auditors, writing policies and reports, communicating with clients).

Would be a plus:

• Experience working in the financial and/or tech industry that handles sensitive data;
• Experience in automating compliance processes (GRC platforms, ISMS systems);
• Knowledge of DevSecOps approaches for integrating security into the development lifecycle.

Benefits and Perks:

• Business hours;
• Opportunity to work fully remotely;
• Creative and unique art offices;
• Inclusive international environment;
• Compensation in USD;
• Good bonuses for referring friends;
• Paid intensive training and probation;
• Mind-blowing corporate events and social activities;
• Work-life balance;
• Responsive management interested in your growth and long-lasting cooperation;
• Greenhouse conditions for self-development.

Description

In Grid Integration Services we are at the forefront of the digital revolution: through digital services, we enable our customers to increase the reliability of their assets and systems while optimizing costs. For our growing R&D team, we are looking for a hands-on product security engineer who ensures that our SW solutions fulfill the highest standards of cybersecurity, integrate with the software ecosystem of our company, and can be taken over by the software operations team. Are you a result-oriented team player who fosters a positive work culture? Are you ready to drive digitalization and innovation for rapidly changing power grids? Are you willing to continuously drive improvement and occasionally get your hands dirty? Then do not hesitate and submit your application today!

Requirements

• Bachelor’s degree in computer science, information technology, or similar
• At least 2 years of experience in software development
• Experience in agile software development processes and security development lifecycle processes
• Knowledge of system administration, networks, infrastructure (switches, routers, firewalls), configuration, troubleshooting, and root cause analysis
• Strong understanding of cybersecurity standards, guidelines, and best practices for building highly resilient hardened software systems (e.g., NIST, CIS, and OWASP)
• Experience in system security, product / application security architecture, network security, and web services
• Experience in implementation, configuration, operation, maintenance, and troubleshooting of security controls such as L3 and L7 firewalls
• Experience with static code analysis, dynamic code analysis, open-source software scanning, software composition analysis
• Experience with industrial data transfer protocols such as OPC, IEC 61850, OCPP, MQTT, and similar is an advantage
• Preferably experience in
   Linux, Windows, and mobile environments
   Docker and Kubernetes
   C#, .Net Framework, .Net (Core)
   Microservices and containerized applications
   Azure cloud environment
• Need to be ready for a business trip
• Fluency in written and spoken as well as technical writing English
• Ability to work independently with a sense of ownership and responsibility
• Communication and interpersonal skills and intercultural sensitivity
   

Job responsibilities

• Act as an individual contributor in RD team and lead the product security efforts
• Own, enforce, and continuously improve the security development lifecycle process according to IEC 62443-4-1 standard
• Prepare security requirements documents as part of product requirements engineering and customer solution development phases
• Prepare security architecture and design documents in response to requirements specifications, develop associated user stories, and drive them through the product development lifecycle
• Conduct and document threat modeling and attack surface analysis for product releases
• Conduct code reviews to ensure compliance to the security development lifecycle as well as security architecture and design
• Ensure products are meeting Hitachi Energy’s minimum cybersecurity requirements or if customer-specific or respective standards such as IEC 62443-3-3 or IEC 62443-4-2
• Develop, implement, and configure security controls and solutions (e.g., L3 and L7 firewalls) concluded with respective quality assurance and user acceptance testing activities
• Conduct security risk assessments and drive the product releases through Hitachi Energy cyber security clearance process and respective tests in close collaboration with Hitachi Energy product security officers and security assurance teams
• Analyze the developed code, prepare bug reports, conduct root cause analysis, suggest fixes, implement and / or ensure implementation of the identified solution, subsequent verification and validation steps
• Deploy and operate security solutions for internal / external customer projects in on-premise and/or off-
  premise models
• Act as L3/L4 support team member for security incident (e.g. vulnerabilities) management process
  Engage with internal / external software development vendors

PIN-UP Global is an international holding specializing in the development and implementation of advanced technologies, B2B solutions and innovative products for the iGaming industry. We provide certification and licensing of our products, providing customers and partners of the holding with high-quality and reliable solutions.
 

We are looking for a Application Security Engineer to join our team.

Requirements:
 

- In-depth understanding of WAF and Firewall operations (Application level L7).

- Experience with WAF solutions such as CloudFlare, AWS WAF, AWS CloudFront, DataDome, or similar.

- Ability to develop security policies for protecting web applications and network infrastructure

- Knowledge of network protocols (TCP/IP, HTTP/HTTPS, DNS etc.)

- Experience in mitigating DDoS attacks (analysis, response, and protection)

- Proficiency with automation tools

- Languages: Python, Bash etc.

- Skills in log analysis and incident diagnostics within security systems.

- Experience with SIEM systems (e.g., Splunk, ELK, etc.).

- Fluent Russian or Ukrainian;

Will be plus:

- Infrastructure as Code: Terraform, Ansible.

- Experience with CI/CD pipelines (preferred).

- Knowledge of cloud technologies and services (AWS, Azure, GCP).

- Understanding of Zero Trust and DevSecOps concepts.

- Experience in configuring and managing CDNs (e.g., CloudFlare).

- Knowledge of security best practices (NIST, ISO 27001).

Responsibilities:

- Configure and manage L7 WAFs (e.g., CloudFlare, AWS CloudFront, DataDome, or similar solutions).

- DDoS Mitigation

- Automate WAF management and configuration processes using modern tools and approaches.

- Develop and implement security policies to protect the network infrastructure and web applications.

- Audit and review WAF and Firewall configurations to ensure compliance with security standards.

- Design and implement measures to mitigate and prevent DDoS attacks targeting web applications and infrastructure.

- Handle operational tasks related to WAF management, as assigned in the ticket system (e.g., Jira).

- Participate in integrating and configuring monitoring and alerting systems for proactive threat detection.

- Use automation tools (Python, Terraform, Ansible, etc.) to simplify WAF setup and management.

Our benefits to you:

☘️An exciting and challenging job in a fast-growing product holding, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and other
🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed
🧑🏻‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided
🏖Paid vacations, sick leave, personal events days, days off
💵Referral program — enjoy cooperation with your colleagues and get the bonus
📚Educational programs: regular internal training, compensation for external education, attendance of specialized global conferences
🎯Rewards program for mentoring and coaching colleagues
🗣Free internal English courses
🦄Multiple internal activities: online platform for employees with quests, gamification and presents for collecting bonuses, PIN-UP team clubs for movie / book / pets lovers, etc
🎳Other benefits could be added based on your location