Jobs

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a talented and motivated Junior Pentester who will join our security team to work on penetration testing and vulnerability/cloud security assessment projects.

We expect a short motivation letter where you can explain your skills, achievements and motivation.

Required skills

- Solid non-commercial cybersecurity experience, such as HTB/THM

- Junior-level cybersecurity certifications would be a plus.

- Comfortable with basic application security testing and common vulnerabilities (like OWASP Top 10, CWE Top 25) and cybersecurity fundamentals

- Strong basic IT skills: Linux, networking (TCP/IP, DNS, HTTP etc.)

- Some experience in scripting/coding languages, such as Java, JS, Python, Shell, etc.

- Strong drive to learn and develop cybersecurity skills

- Technical English (Intermediate)

We offer

- Good salary + bonus system

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Support in obtaining professional certifications, such as BSCP, OSCP, eWPTX, cloud certifications, etc.

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Execute penetration tests and security assessments as part of a team, including internal/external networks, web and mobile applications, Windows and Linux environments, cloud architectures, IoT devices, and more

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Conduct security research

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a Middle/Senior Security Consultant / Penetration tester to work on and lead penetration testing and vulnerability/cloud security assessment projects.

In this role, you will work on technically challenging projects and also spend some time leading/mentoring our junior pentesting colleagues.

Required skills

- 1.5+ years of intensive commercial experience

- OSCP, eWPTx2 or similar would be a plus

- Scripting/coding skills and being comfortable with advanced pentesting tooling

- Strong knowledge of mobile/web security

- Comfortable with cloud and container security

- Basic RE skills

- Ability to mentor/lead colleagues

- Strong ability and drive to learn and develop cybersecurity skills

- Technical English (Intermediate+)

We offer

- Good salary + bonus system

- Diverse project portfolio and technologies to work with

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Participate in various pentesting projects

- Lead junior colleagues

- Perform threat modeling in pentesting and security assessment projects

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Consult clients on efficient issues remediation

- Conduct security researches

- Develop tools and scripts to automate and improve current pentesting processes

SOFTPROM VAD distrtibutor is looking for IT security engineer in Warsaw office.

Requirements:

• Experience in installation, administration and technical supporting of security solutions on windows and Linux

• Experience on the position of security/network engineer more than 2 years

• Experience in installation, administration and technical supporting of security solutions on windows and linux

• Knowledge of security technology Network Monitoring, Privileged Account Management, Endpoint Detection and Response

• Working with widespread information systems based on virtualization technology

• Strong presentation, business communication and interpersonal skills

• Strong knowledge of network technology

• Knowledge of English to reading technical documentation and higher

• Polish language C2

Desired skills:

• Experience in Unix-like environments

• Experience in installation, administration and supporting of SIEM solutions, SOAR, Attack Surface Management

• Deep understanding of networking

• Understanding of regular expressions

Responsibilities:

• Preparing and delivering customer presentations, demonstrations and webinars of the software

• PoC providing

• Delivering of technical courses

• Technical consulting

• Writing the project documentation

• Supporting of demo environment

Working conditions:

• 3 month probationary period

• Fix + bonuses

• B2B Contract with the Austrian company

• work from home office

We are inviting you, a highly motivated and results-oriented Security Engineer to join our team for ensuring and developing solutions, as well as strengthening the product infrastructure.

Our team has unique expertise in research, analysis, and product development. By relying on technical insights and a data-driven approach, we create disruptive future-defining innovations of the fin-tech industry that remain our basis for success.

Responsibilities

• Develop, implement, maintain, upgrade, and test cybersecurity products
• Provide cybersecurity-related support to users and customers
• Integrate cybersecurity solutions into systems and services, ensuring their stability and performance
• Securely configure systems, services, and products
• Maintain and upgrade the security of systems, services, and products
• Implement cybersecurity procedures and controls
• Monitor and ensure the performance of the implemented cybersecurity controls
• Document and report on the security of systems, services, and products
• Work closely with the Engineering teams on cybersecurity-related actions
• Implement, apply, and manage patches to products to address technical vulnerabilities

Requirements

• 3+ years of experience in information security and cybersecurity roles
• Background in development, DevOps, system administration, etc.
• Hands-on experience in developing, integrating, and testing security solutions
• Experience with vulnerability analysis and incident response
• Proficiency in scripting languages such as Python, Bash, PowerShell, etc
• Solid understanding of secure development lifecycle, operating system security, and computer network security
• Experience with both offensive and defensive security practices
• Knowledge of cybersecurity controls, solutions, and technologies
• Ability to collaborate with cross-functional teams and colleagues
• Effective communication and presentation skills to report to stakeholders
• Strong analytical and problem-solving skills
• Reliability, integrity, and responsibility in handling sensitive information and security tasks

• Upper-Intermediate English

   

Will be a plus

• Experience with Ruby, Go, or other programming languages

• Security certifications 

   

We offer

• Compensation for tax expenses of private entrepreneurs in Ukraine
• Qualified assistance and support for Ukrainian private entrepreneurs
• 10 paid sick leave days per year
• 20 paid vacation days per year
• Public holidays according to current Ukrainian legislation
• Medical insurance for employees
• Compensation for professional education and learning English
• Compensation for a sports subscription or sports equipment

LoopMe, the leading outcomes-based platform, closes the loop on digital advertising. By leveraging our patented AI technology to optimize media delivery in real-time, we drive measurable uplift for business outcomes across brand lift, purchase intent, consideration, foot traffic, and sales.

We are looking for a motivated Junior InfoSec Specialist to join our security team. The ideal candidate will have a basic understanding of information security principles and a strong desire to develop practical skills in a dynamic, cloud-driven environment. You will assist with securing LoopMe’s platforms, learning from experienced team members and gaining exposure to modern technologies like Kubernetes, GCP, PostgreSQL, ClickHouse, Envoy, and Kafka.

Responsibilities:

• Support the development and maintenance of information security policies and procedures.
• Assist in performing risk assessments, security audits, and threat monitoring.
• Help monitor and respond to security incidents under supervision.
• Participate in maintaining security tools such as SIEM, DLP, and WAF.
• Learn and assist with integrating security practices into development workflows (Secure SDLC, code reviews).
• Help ensure compliance with security standards (ISO/IEC 27001, NIST, OWASP, CIS Controls).
• Participate in security awareness training for employees.
• Support the secure architecture of platforms including GCP, Kubernetes, ClickHouse, Kafka, PostgreSQL, and Envoy.
• Stay updated with emerging threats and vulnerabilities.

Requirements:

Education & Experience:

• Foundational knowledge of IT, cybersecurity, or system administration, demonstrated through formal education, self-learning, online courses, or hands-on experience.
• Internship, project participation, or up to 1 year of relevant experience is a plus.

Technical Skills:

• Basic understanding of computer networks and common protocols (TCP/IP, DNS, HTTP/S, VPN).
• Familiarity with at least one scripting language (Bash, Python, or PowerShell) and willingness to learn automation.
• Interest in cloud platforms (preferably GCP, AWS, or Azure).
• Basic knowledge of Linux/Unix administration.
• Understanding of information security principles (encryption, authentication, access control) is a plus.
• Willingness to learn and work with tools like SIEM, IAM/SSO/MFA, and modern cloud/data technologies (Kubernetes, Kafka, PostgreSQL, ClickHouse, Envoy).

Nice-to-Have Qualifications:

• Participation in security courses, bootcamps, or open-source security projects.
• Relevant certifications (e.g., CompTIA Security+, AWS/GCP/Azure Fundamentals, or similar) are a plus.
• Good written and verbal communication skills, attention to detail, and strong motivation to grow in information security.

Benefits:

• Competitive compensation package
• Flexible working schedule and the hybrid type of work
• Annual performance bonus
• One month of workation (you can work from any part of the world for one month)

We are looking for a hands-on, proactive IT Infrastructure & Security Manager to lead and scale our internal IT systems, security practices, and workflows across distributed teams. You will be responsible for ensuring the integrity, availability, and security of systems used across the organization.

You’ll work cross-functionally with various teams to design and enforce systems that protect our clients and our people.

Requirements

• 5+ years of experience as a IT help desk engineer/system admin or network engineer
• Experience with internal network management: LANs, WANs, WLANs, VPNs, Firewalls, Routers
• Excellent Linux/Windows system administration and troubleshooting skills
• Experience with configuring and extending monitoring tools
• Excellent problem solving, interpersonal communication and project management skills a must
• Ability to prioritize and execute tasks in a high-pressure environment and make sound decisions in emergency situations
• Strong customer service orientation. Experience working in a team-oriented, collaborative environment

Would be a strong plus:

• Experience managing distributed environments (across EU, LATAM, APAC, etc)

Responsibilities:

• Own and manage all IT infrastructure, access controls, and endpoint security practices across global teams.
• Develop/implement/support internal IT infrastructure;
• Develop/implement/support company IT security policy;
• Communicate with our internal stakeholders in a professional and service-oriented way;
• Create and maintain documentation of the IT environment;
• Test server performance and provide network presentation statistics
• Own budget management for the network infrastructure services
• Support business continuity planning, failover design, and vendor selection for critical IT services.
• Stay on top of cybersecurity and compliance trends, propose infrastructure improvements, and help assess third-party risk.

Benefits

• 35 paid absence days per year for work-life balance
• Up to 15 unused absence days can be add to income after 12 month of cooperation
• Health insurance
• Depreciation coverage for personal laptop usage for project needs
• Udemy courses of your choice
• English courses with native-speaker
• Regular soft-skills trainings
• Excellence Сenters meetups
• Online/offline team-buildings

Pine Software Technology Ltd is a software company specializing in trading technology solutions for regulated brokers and trading firms. The company provides Software-as-a-Service (SaaS) products designed to support electronic trading, brokerage operations, risk management, and financial data analysis.

We are seeking an experienced Senior Security Engineer with a strong background in application, infrastructure, and cloud security to help us protect and scale our trading technology platform.

Responsibilities:

• Ensure secure SDLC practices: threat modeling, SAST/DAST/IAST, code reviews, secret management;
• Integrate security into CI/CD pipelines and support DevSecOps implementation;
• Design API security and infrastructure controls, including VPN, WAF, DNS proxy, and DDoS protection;
• Harden cloud environments (GCP) and Kubernetes clusters with policies, scanning, and access control;
• Manage IAM/PAM lifecycles with SSO, MFA, RBAC, OIDC, and LDAP integrations;
• Conduct vulnerability assessments, misconfiguration monitoring, and patch coordination;
• Monitor security events, analyze logs/threat intel, and improve SIEM/EDR coverage;
• Define security policies and procedures, and support internal/external audits;
• Perform penetration testing and red teaming on applications and infrastructure;
• Implement data protection measures: encryption, DLP, secure key storage, and privacy compliance;

Job requirements

• 7+ years of professional experience in cybersecurity, with a strong focus on application, infrastructure, and/or cloud security;
• Strong knowledge of application security principles and secure development practices (e.g., threat modeling, code review, DevSecOps);
• Practical experience with cloud platforms, including identity, networking, and workload security;
• Familiarity with Kubernetes security concepts, tools (e.g., OPA, Falco, Kyverno), and best practices;
• Experience with authentication/authorization protocols and tools: SAML, OIDC, OAuth2, LDAP, MFA, SSO;
• Understanding of common vulnerabilities and experience in vulnerability management and remediation;
• Experience with penetration testing methodologies and tools;
• Solid understanding of network protocols, firewalls, VPN, WAF, and API security mechanisms;
• Hands-on experience with monitoring and detection tools;
• Knowledge of security frameworks and standards;
• Experience participating in or leading internal/external security audits and risk assessments;
• Ability to write clear policies, procedures, and documentation;
• Experience with privacy regulations.

‍

Would be a plus

• High-Frequency Trading or other low-latency systems background;
• Experience in FinTech is a plus;
• Familiarity with Cloudflare services and configuration is a plus.

Company offers

• Care from Day One — medical insurance immediately upon starting work, including dental care, massage and professional psychological support because your well-being matters
• Work-Life Balance — 25 days of paid vacation + 30 days of sick leave, so you can recover without unnecessary stress
• Investment in your energy — partial reimbursement for any sports activities that empowers you.
• Growth — partial coverage for English or Ukrainian language courses + a fixed budget for professional development. Choose what suits you best!
• Knowledge Library — books in the office and access to the Kuka online library to learn, grow, and find inspiration.
• Island Relaxation 14 days a year — enjoy a getaway at the corporate villa in Cyprus.

• Modern Office in Larnaca — a stylish space for inspiration: open areas, cozy lounges, and functional meeting rooms — all for your comfort.

   

Join the Pine Software team, where your talents and aspirations will be recognized! We offer a dynamic work environment, opportunities for professional growth, and support at every step of your career path. Start your journey to success with us—apply today and take the first step towards your bright future!

Pine Software is an equal opportunity employer. We encourage applications from candidates of all backgrounds and experiences. Please note, that only shortlisted candidates will be contacted. Thank you for considering Pine as your next career move!

Looking for a security-focused DevOps Engineer to join our CEX.IO team.
We are seeking a DevSecOps professional with a strong security focus to implement security best practices across the SDLC, collaborate with DevOps and IT teams, support audit preparation, and help maintain a balance between security and usability in internal policies.

Requirements

• 2+ years of practical experience in information security as DevSecOps, SecOps, DevOps, or SRE.
• Proven experience in implementing security best practices at every stage of the SDLC.
• Hands-on experience with vulnerability scanning and prevention.
• Strong knowledge of cloud providers: AWS, GCP, Azure.
• Experience with CI/CD tools: GitLab CI, GitHub Actions, Jenkins.
• Knowledge of containerization and orchestration tools: Docker, Kubernetes.
• Knowledge of Infrastructure as Code (IaC) and configuration management Tools, including Terraform and Ansible.
• Participation in projects to prepare infrastructure for compliance with international and industry standards (PCI DSS, ISO 27001, NIST, CIS, SOC2, OWASP, MICA, DORA)

Responsibilities

• Investigate and implement security best practices at every stage of the SDLC (SAST/DAST, image scanning, infrastructure hardening, WAF, secrets management, IAM, data protection, etc.).
• Perform tasks and controls required by compliance standards (PCI DSS, MICA, DORA, etc.).
• Manage vulnerabilities by identifying, assessing, prioritizing, and remediating risks.
• Collaborate with the IT Security department to prepare for and pass audits.
• Monitor CVE reports and security events.
• Work closely with internal teams to achieve a balance between security, flexibility, and cost.
• Participate in information security incident investigations.

Would be a plus

• Higher education in Computer Science
• Experience in fintech or crypto domains
• Hands-on penetration testing experience
• Practical experience administering network infrastructure, databases, and on-prem systems
• Security and relevant certifications

Sii Ukraine is a subsidiary of Sii Poland — the leader in IT, engineering, and consultancy services with over 7500 IT experts and more than 250 prestigious customers. We are looking for ambitious and top-quality professionals to join our project teams.

We are seeking an experienced SailPoint Developer to support the development and deployment of enterprise-level identity governance solutions. The ideal candidate will have a strong background in implementing SailPoint technologies, ensuring secure and compliant identity management processes in line with industry best practices and regulatory standards.

Your tasks:

• Develop and customize solutions based on SailPoint IdentityIQ / IdentityAI
• Configure and maintain SailPoint components to meet organizational requirements
• Integrate SailPoint with external systems (e.g., Active Directory, ServiceNow, PAM, Vault)
• Implement lifecycle management, provisioning workflows, policies, and access reviews
• Automate SailPoint deployment and configuration in cloud environments using CI/CD
• Create and maintain automation scripts (Java, PowerShell, Bash)
• Collaborate with security teams, solution architects, and business stakeholders
• Support migration projects from legacy IGA systems (e.g., One Identity Manager)
• Maintain and update technical documentation, procedures, and user guides
• Provide technical support and translate complex IAM concepts for non-technical users
• Participate in audits, compliance checks, and security assessments

• Monitor, analyze, and resolve identity- and access-related incidents

   

Requirements:

• SailPoint certifications (e.g., IdentityIQ Developer, IdentityNow, CAM)
• Previous work with legacy IGA migration, especially from One Identity Manager
• Familiarity with Privileged Access Management (PAM) tools such as CyberArk, BeyondTrust, or Delinea
• Integration experience with ServiceNow, HashiCorp Vault, or other ITSM / DevOps tools
• Experience with cloud platforms such as AWS or Google Cloud Platform (GCP)
• Exposure to containerization technologies (Docker, Kubernetes) and infrastructure automation
• Knowledge of security and compliance standards, including ISO 27001, GxP, HIPAA, GDPR, or NIST
• Background in regulated industries (e.g., pharmaceutical, finance, telecom)
• Experience working in international and distributed teams

We are seeking a Senior Information Security Consultant / IT Audit Manager to join our TechMagic team. You will work on a diverse portfolio of clients, providing expert guidance on their security and compliance journeys. This is a full-time, remote position, and we are looking for a highly skilled professional with a strong background in GRC and IT audit.

Must have

• Experience: 4–7+ years in GRC, IT audit, or compliance, with a proven track record of successfully completing at least two end-to-end ISO 27001 and/or SOC 2 programs.
• Primary Stack: Deep expertise in ISO/IEC 27001:2022, SOC 2, NIST CSF 2.0, and OWASP ASVS/SAMM/DSOMM.
• Cloud & Compliance: Strong knowledge of cloud security best practices on AWS/Azure/GCP and a solid understanding of HITRUST, GDPR, and HIPAA.
• Tools: Hands-on experience with GRC platforms like Drata, Vanta, or Secureframe.
• English: Upper-Intermediate or Advanced level proficiency.

Will be a plus

• Certifications: ISO 27001 Lead Implementer/Lead Auditor, CISSP, CISM, or CISA.
• Regulatory Knowledge: Familiarity with Microsoft SSPA/DPR and NIS2/DORA.
• Security Operations: Exposure to SIEM/SOC (e.g., Microsoft Sentinel).
• Domain Experience: Prior experience in the fintech or healthcare industries.

Responsibilities

• Lead GRC Engagements: You will manage end-to-end ISO 27001, SOC 2, and HITRUST readiness projects. This includes everything from gap assessments and risk analysis to coaching clients on implementation and providing support during external audits.
• Act as a vCISO: Serve as a fractional vCISO for our clients, taking ownership of their security roadmaps, risk registers, security awareness programs, and reporting to executive leadership and boards.
• Implement and Manage ISMS: Build and maintain Information Security Management Systems (ISMS), handling all aspects from policy lifecycle management and internal audits to continual improvement.
• Drive Risk Management: Conduct enterprise risk assessments and facilitate threat modeling to proactively identify and mitigate security risks.
• Consult on Core Security Practices: Advise clients on key security practices, including secure SDLC, change management, incident response, and business continuity planning, with a focus on cloud security in AWS, Azure, and GCP.

Work Schedule

Full-time working day in our Lviv or Kyiv office, (flexible hours) or full-time remote

Interview Stages

• 1st stage - call with Recruiter
• 2nd stage - Technical interview

Our Benefits

• Opportunity to improve your skills in stong technical team
• Work from anywhere (fully remotely or in our office) 
• Paid vacations and sick leaves, additional days off, relocation bonus;
• Wellness: Medical insurance/sports compensation/ health check-up+flu vaccination at your choice
• Education: regular tech talks, educational courses, paid certifications, English classes;
• Fun: own football team, budget for team lunches, branded gifts
• One of the best IT employers in Lviv based on DOU rating.

Who We’re Looking For You’re an accomplished IT Audit leader with a passion for cybersecurity, a sharp strategic mind, and the ability to inspire and guide a high-performing team. You're proactive, detail-oriented, and thrive in environments that challenge you to lead, build, and innovate. Your Strengths: • Deep understanding of assurance and cybersecurity frameworks (PCI DSS, SOC, HITRUST, ISO 27001, etc.) • Proven leadership and mentoring ability • Strategic thinker with hands-on problem-solving skills • Strong client engagement and relationship-building experience • A self-starter who thrives in a collaborative, remote-first environment Key Responsibilities Strategic Leadership • Drive the vision and delivery of assurance services across diverse projects • Inspire and mentor a team of cybersecurity and IT audit professionals • Foster a culture of quality, collaboration, and innovation Client Engagement • Develop deep knowledge of client industries and needs • Build long-term client relationships and deliver tailored, high-impact solutions • Lead high-profile engagements and serve as a trusted advisor Service Delivery Excellence • Oversee high-quality delivery of assessments and consulting services • Lead assurance engagements across standards like PCI DSS, SOC 2, ISO 27001, NIST, GDPR, and CCPA • Ensure alignment with client goals, timelines, and compliance obligations Training & Compliance • Stay current on evolving regulations and industry trends • Design and lead internal training initiatives to enhance team capabilities What You Bring • Education: Bachelor’s or Master’s degree in Computer Science, Business, Accounting, or related field • Certifications (preferred): CISSP, CISA, CISM, PCI QSA, ISO 27001 Lead Auditor • Experience: Minimum 10 years in IT audit, cybersecurity, or assurance, including leadership in professional services • Skills: o Outstanding written and verbal communication o Strong technical acumen in cybersecurity and IT audit o Ability to manage multiple projects in a fast-paced, high-growth environment o Confidentiality, professionalism, and common sense in all matters

As a Security Engineer, you will own end-to-end security across multiple enterprise and mid-market cloud projects. Your initial mission is to embed automated controls and best practices into every AWS- and Azure-based delivery, shifting the organisation from reactive fixes to a proactive security posture. Reporting directly to the Director of Engineering, Cloud, you will partner daily with Technology, Cloud, Engineering and Account-Management teams and act as a client-facing security authority - able to brief both technical staff and C-level executives.

Your Responsibilities

• Design, implement and enforce comprehensive Secure SDLC processes, integrating automated security controls, threat modeling, secure coding standards, and continuous security testing throughout the entire development lifecycle.
• Develop, document and enforce security policies in our Confluence-based knowledge base and project DMS.
• Harden multi-account AWS and Azure estates (EC2, S3, IAM, VPC, CloudTrail, CloudFront; Virtual Machines, Storage Accounts, Key Vault, NSG, Policy, Monitor).
• Deploy and tune SIEM/log-management platforms (Splunk, ELK, Microsoft Sentinel); craft queries and dashboards that surface actionable threats.
• Run scheduled and continuous vulnerability scans (Qualys, Rapid7, Defender), interpret results and drive remediation with Engineering.
• Configure and manage security edge controls—firewalls, WAFs (Akamai, AWS/Azure WAF) and IDS/IPS—tailored to each client’s risk profile.
• Integrate SCA (Trivy, Grype, Snyk) and DAST (OWASP ZAP) tooling into build pipelines; champion secure-by-design coding practices.
• Lead security architecture reviews and threat-model sessions with cross-functional, multi-country delivery teams.
• Present findings, roadmaps and risk mitigation strategies directly to enterprise clients, translating technical issues into clear business impact.
• Continuously evaluate emerging threats, Zero-Trust patterns and supply-chain risks; recommend tooling and process improvements that keep us ahead of third-party scans.
• Application Security Reviews: Conduct security assessments of applications, APIs, and services to identify misconfigurations, design flaws, and vulnerabilities.
• Secure API Integrations: Validate that connections to external and internal APIs are implemented securely (authentication, authorization, rate limiting, data validation, etc.).
• Code & Dependency Security: Review application code, libraries, and dependencies to ensure secure coding practices, remediation of vulnerabilities, and alignment with security standards.

Requirements

• 7 + years of hands-on security engineering in cloud-native, agile environments.
• Expert knowledge of core AWS and Azure services and how to secure them at scale.
• Proven SIEM experience—log ingestion, correlation rule creation and dashboarding.
• Deep understanding of vulnerability management tools and remediation cycles.
• Practical experience with WAF/IDS/IPS configuration, network protocols (TCP/IP, DNS, HTTP) and Zero-Trust/IAM best practices (AD, Azure AD, Okta).
• Comfort operating as a solo security function: you set the standards, choose the tools (budget approved) and drive adoption company-wide.
• Consultative mindset with excellent written and verbal English; able to brief board-level stakeholders and guide client teams through complex security topics.

Will be a plus

• Container and Kubernetes hardening, DevSecOps pipeline design, CNAPP familiarity, compliance frameworks (SOC 2, ISO 27001, PCI DSS) and industry certifications (CISSP, AWS Security Specialty, Azure Security Engineer Associate, CKS).

Benefits

• Experience working with US clients
• Competitive compensation depending on experience and skills
• Unlimited, paid time off and vacation
• Budget for certifications and IT conferences
• Friendly team to work with around the world
• Be a team player in an agile software development environment focused on collaboration and continuous integration

We are seeking a highly skilled DevSecOps Engineer with expertise in integrating security practices into DevOps pipelines and cloud-native environments. You will be responsible for building secure, automated CI/CD processes, implementing security controls, and ensuring compliance across infrastructure and applications. The ideal candidate has a strong background in DevOps, cloud platforms, and security engineering, with hands-on experience in securing large-scale, distributed systems.

Details:
Location: Remote in EU
Employment Type: Full-Time, B2B Contract
Start Date: ASAP
Language Requirements: Fluent English

Key Responsibilities

• Design and implement security automation in CI/CD pipelines for applications and infrastructure.
• Integrate static (SAST), dynamic (DAST), and dependency (SCA) security scanning tools.
• Collaborate with DevOps and engineering teams to ensure security best practices are embedded from design to deployment.
• Manage secrets, IAM, and encryption policies across cloud environments (AWS, Azure, GCP).
• Define and enforce compliance standards (ISO, SOC2, GDPR, HIPAA).
• Build monitoring and alerting systems for threat detection and vulnerability management.
• Implement container and Kubernetes security (runtime protection, image scanning, RBAC).
• Support penetration testing and incident response processes.
• Conduct security training and awareness for developers and operations teams.

Requirements

• 5+ years of experience in DevOps or Security Engineering, with at least 2+ years in DevSecOps.
• Strong knowledge of CI/CD tools (Jenkins, GitLab CI/CD, GitHub Actions, Azure DevOps).
• Hands-on expertise with security tools (SonarQube, Snyk, Checkmarx, Aqua, Prisma, Twistlock).
• Solid understanding of cloud platforms (AWS, Azure, GCP) and their security services.
• Experience with infrastructure-as-code (Terraform, CloudFormation, Ansible) and policy-as-code (OPA, Sentinel).
• Knowledge of containerization and orchestration security (Docker, Kubernetes).
• Familiarity with monitoring and logging tools (ELK, Prometheus, Grafana).
• Strong scripting/programming skills (Python, Bash, Go).
• Excellent problem-solving and communication skills.

Nice to Have

• Security certifications (CISSP, CISM, OSCP, CCSP, AWS/Azure/GCP Security).
• Experience with zero-trust architectures and microsegmentation.
• Familiarity with service mesh security (Istio, Linkerd).
• Knowledge of SIEM/SOAR platforms (Splunk, QRadar, Sentinel).
• Background in regulated industries (finance, healthcare, telecom).
• Contributions to security open-source projects or DevSecOps communities.

We are seeking a highly skilled SCADA / OT Security Engineer with strong expertise in securing industrial control systems (ICS), supervisory control and data acquisition (SCADA) environments, and operational technology (OT) networks. You will be responsible for assessing, designing, and implementing security solutions that protect critical infrastructure from cyber threats, ensuring compliance, resilience, and operational continuity. The ideal candidate has hands-on experience with ICS protocols, OT environments, and modern cybersecurity practices.

Details:
Location: Remote in EU (occasional onsite at client facilities)
Employment Type: Full-Time, B2B Contract
Start Date: ASAP
Language Requirements: Fluent English

Key Responsibilities

Assess and secure SCADA/ICS/OT systems, networks, and protocols.

Design and implement security controls tailored for industrial environments.

Conduct risk assessments, vulnerability management, and incident response in OT contexts.

Collaborate with engineering and operations teams to integrate security without impacting system availability.

Develop and enforce OT cybersecurity policies, standards, and procedures.

Monitor OT systems for anomalies, threats, and unauthorized access attempts.

Support compliance with NERC CIP, IEC 62443, ISO 27001, and industry-specific standards.

Integrate OT security with IT security monitoring (SOC, SIEM, SOAR).

Conduct security awareness and training for OT/ICS operators.

Requirements

5+ years of experience in cybersecurity with at least 3+ years in OT/SCADA/ICS environments.

Strong knowledge of ICS/OT protocols (Modbus, DNP3, OPC, Profibus, etc.).

Hands-on experience with firewalls, IDS/IPS, and network segmentation in OT environments.

Familiarity with SCADA platforms (Siemens, Schneider Electric, ABB, Honeywell, Rockwell).

Strong understanding of OT threat landscapes, attack vectors, and defense strategies.

Knowledge of risk assessment frameworks and regulatory standards (IEC 62443, NIST CSF, NERC CIP).

Experience with SIEM/SOC tools for OT environments.

Strong problem-solving skills with the ability to work in mission-critical industrial setups.

Excellent communication skills to interface with both IT security and OT operations teams.

Nice to Have

Security certifications (GICSP, GRID, CISSP, CISM, ISA/IEC 62443).

Experience with penetration testing and red teaming in OT environments.

Familiarity with cloud-based monitoring for OT/ICS.

Knowledge of IIoT (Industrial Internet of Things) security.

Industry background in energy, utilities, oil & gas, manufacturing, or transportation.

Contributions to OT cybersecurity communities or research.

💼 MISSION STATEMENT

We’re not just posting—we’re shaping narrative. As our Social & Reputation Commander, you’ll own the brand battlefield: crafting content, controlling perception, and driving reach across Twitter, LinkedIn, Telegram, and beyond.

🎯 CRITICAL OBJECTIVE

Make our voice unavoidable. Build presence, grow audience, and keep reputation bulletproof—even when competitors aim to kill it.

🧠 THE UNORTHODOX ATHLETE WE NEED

You’re not a “social media manager.” You’re a content sniper and reputation fighter who thrives on virality, speed, and narrative control.

🏆 WHAT YOU’LL ACCOMPLISH

• Build social presence from zero to industry dominance.
• Handle ORM with precision: bury threats, amplify wins.
• Create viral loops and content ecosystems.

❌ THE ANTI-RESUME

We don’t care about marketing degrees. We care about content that bends the conversation in our favor.

🚀 OUR STANDARD

This isn’t scheduled posts—it’s narrative warfare.

🔥 THE KEEPER TEST

We’ll fight to keep you if you dominate channels and shape perception.

⚠️ IMPORTANT NOTE

If you’re scared of pressure, don’t apply. If you want to weaponize voice and reputation, step up.