Jobs Security

We are looking for a practical security engineer who can improve detection quality, investigate real incidents, and help reduce manual SOC work.

This role is not about building an “AI security platform”. The focus is on better visibility, cleaner detections, faster investigations, and useful automation.

What You Will Work On

Threat Hunting

Run targeted hunts based on clear hypotheses, including:

• Suspicious cloud activity
• Abnormal IAM or API usage
• Unusual network or application behavior
• Weak or missing detection coverage
• Gaps in logging and telemetry

You will use internal data and external threat intelligence to validate risks and improve detection logic.

Security Incident Investigation

Investigate security alerts and incidents end-to-end:

• Understand what happened
• Validate whether the alert is real or noisy
• Identify affected users, systems, and data
• Collect evidence from logs and infrastructure
• Document findings clearly
• Recommend fixes or detection improvements

Expected experience: 2+ years of hands-on security incident investigation.

Detection Engineering

Improve existing detections and create new ones where needed:

• Reduce false positives
• Improve signal quality
• Tune alerts based on real data
• Validate whether detections catch meaningful activity
• Map useful detections to MITRE ATT&CK where appropriate

Automation and Internal Tooling

Build small but useful tools to reduce repetitive work:

• Scripts for log analysis
• Alert enrichment
• Investigation helpers
• Data normalization
• Tool integrations
• Basic SOAR-style automation

Practical AI / LLM Usage

Use LLMs only where they bring practical value:

• Alert enrichment
• Investigation summaries
• Internal tooling
• Analyst productivity

No hype. No AI-first positioning. AI is just one tool in the workflow.

Requirements

• Solid experience with SIEM tools, such as:   - Elastic   - Splunk   - Microsoft Sentinel   - Similar platforms
• 2+ years investigating real security incidents
• Strong understanding of:   - AWS logs and IAM activity   - Cloud security basics   - Network fundamentals   - APIs, authentication flows, and modern application behavior
• Comfortable working with:   - Large datasets   - Raw logs   - Noisy alerts   - Incomplete telemetry
• Python or similar language for data processing
• Experience with automation:   - SOAR   - Scripts   - Internal tools   - Custom workflows
• Basic DevOps knowledge:   - AWS   - Linux   - Docker   - Kubernetes basics   - CI/CD basics   - Cloud infrastructure concepts   - Logs, metrics, and monitoring

Nice to Have

• Experience applying simple ML or statistical methods to logs
• Familiarity with LLMs in internal tooling
• Experience with data pipelines:   - Kafka   - Spark   - Similar systems
• MITRE ATT&CK mapping
• Detection-as-code experience
• Understanding of infrastructure monitoring:   - Prometheus   - Grafana   - OpenTelemetry

What Will Make You Effective Here

You will be effective in this role if:

• You do not trust alerts blindly
• You care about signal quality, not the number of detections
• You can explain why a detection is noisy or useless
• You understand systems, not just security tools
• You are comfortable reading raw logs
• You prefer building automation once instead of repeating manual work
• You can work with engineers and explain security findings in practical terms

About the company

Our client is a leading autonomous vehicle technology company operating at the cutting edge of self-driving software development. 

Role overview

We are not looking for a traditional SOC analyst. This role is about building detection systems, not clicking through alerts. You will work with large volumes of logs (cloud, application, network), design detection logic, and improve it over time. That includes both rule-based detection (SIEM/XDR) and data-driven approaches (statistical models, anomaly detection, simple ML where it makes sense). You should be comfortable treating logs as a data problem, not just a monitoring stream.

Important! This is not a role where you:

• sit in SIEM all day clicking alerts
• blindly add rules
• overcomplicate things with ML

This is a role where you: build detection systems that work in practice.

What you'll be doing

Detection & analytics

• Build and maintain detections across:
• application logs (auth, APIs, business logic abuse)
• cloud activity (CloudTrail, IAM, infrastructure changes)
• network telemetry (DNS, proxy, firewall, NetFlow)
• Work directly with data in platforms like Elasticsearch / Splunk / similar
• Write and tune detection logic (queries, correlation rules)
• Reduce noise — expect to spend time fixing false positives, not just adding new rules.

Working with data (this is a big part of the job)

• Build pipelines for:
• log ingestion
• normalization
• feature extraction
• Work with streaming or batch pipelines (Kafka / queues / scheduled jobs)
• Turn raw logs (e.g. CloudTrail) into structured data usable for detection.

Anomaly detection / ML (practical, not theoretical)

• Apply simple models where they add value (e.g. One-Class SVM or similar approaches)
• Focus on:
• behavior baselining
• anomaly scoring
• Tune models based on real output (false positives matter more than theory) 
• If ML does not improve signal — don't use it.

Automation & response

• Build response playbooks for common cases
• Automate where it actually saves time (not for the sake of it)
• Integrate with SOAR or write lightweight orchestration
• Improve:
• detection speed
• response consistency.

AI usage (realistic expectations)

• Use LLMs for:
• alert enrichment
• investigation summaries
• internal tooling
• Not building an "AI security platform"
• Focus on practical gains, not hype.

Threat hunting

• Run targeted hunts based on hypotheses
• Use internal data + external signals
• Identify gaps in logging and detection.

Requirements

• Solid experience with SIEM (Elastic, Splunk, Sentinel, etc.)
• Strong understanding of:
• cloud activity (especially AWS logs and IAM)
• network basics
• modern application behavior (APIs, auth flows)
• Comfortable working with large datasets (not afraid of raw logs)
• Python or similar for data processing
• Experience with automation (SOAR or custom scripts).

Nice-to-have (but not critical)

• Experience applying ML to logs (even simple models is enough)
• Familiarity with LLMs in tooling (not research)
• Experience with data pipelines (Kafka, Spark, etc.)
• MITRE ATT&CK mapping

What will make you effective here

• You don't trust alerts blindly
• You care about signal quality, not number of detections
• You can debug why a detection is noisy or useless
• You understand systems, not just tools
• You prefer building something once instead of repeating manual work.

How success looks like

• Fewer false positives
• Better visibility across systems
• Faster investigations
• Less manual work in SOC
• Detections that actually catch real issues

Who We Are 
 

At Digital Shelf by NIQ, we’re passionate about technological innovation and excellence in cybersecurity. Our cutting-edge solutions enable us to scrape data for 12 billion products and manage over 20 billion data points. In a market where anti‑bot technologies represent a $10B industry in constant evolution and consolidation, our dedicated teams tackle real‑world challenges with precision and creativity. 
 

What You’ll Do 
 

• Reverse Engineering & Decompilation: 
  Analyze web and mobile applications (APK/IPA) to uncover hidden mechanisms. Disassemble code to understand its inner workings, with a focus on cryptographic functions that secure our systems. 
• Overcoming Anti‑Bot Mechanisms: 
  Evaluate and bypass advanced security protocols such as TLS, HTTP/2, HTTP/3, WebSockets, DoH, and session management. Identify vulnerabilities to enhance our data extraction methods. 
• Developing Custom Tools: 
  Build robust Python scripts and frameworks that automate bypass procedures and dynamically adjust security measures, whether by modifying TLS stacks or patching JavaScript on the fly. 
• Implementing Stealthy Scraping Techniques: 
  Engineer sophisticated methods such as browser patching, headless browser evasion, proxy tunneling, and human‑behavior emulation to keep our operations discreet. 
• Continuous Innovation: 
  Regularly test, disrupt, and improve our tools to stay ahead of ever‑evolving defenses. 

Your Profile 
 

• P45510n4t3 C0d3 W4rr10r: 
  You thrive on pushing systems to their limits while upholding the highest ethical standards. R3v3rs3 3ng1n33r1ng isn’t just a skill it’s your creative playground. 
• R3v3rs3 3ng1n33r1ng Expertise: 
  Whether using tools like IDA Pro, Ghidra, or your own custom-built solutions, you excel at dissecting both binary and web code to uncover core functionalities. 
• W3b & N3tw0rk Pr0t0c0l Savant: 
  You possess deep expertise in pr0t0c0ls such as TLS, HTTP/2, WebSockets, DoH, and more, leveraging that knowledge to find innovative solutions. 
• Advanced Python Developer: 
  Your coding abilities go far beyond basic scripting. We're looking for a coder, someone who can design and implement robust, efficient solutions for complex challenges. 
• Collaborative Innovator: 
  While you excel as an independent problem-solver, you also thrive in a dynamic team environment that values open communication and continuous learning. 

How to Apply 
 

If you’re a dedicated code warrior with a passion for dissecting and rebuilding intricate systems and you consistently deliver high‑quality, efficient code, send us your resume.

What we offer

Direct contract with the USA
Flexible work hours and remote work

20 business days of paid vacation
Flexible days off

Maternity/Paternity leaves

Medical insurance 

Join Digital Shelf by NIQ and help us reshape the digital frontier. 

Cloudfresh ⛅️ is a Global Google Cloud Premier Partner, Zendesk Premier Partner, Asana Solutions Partner, GitLab Select Partner, Hubspot Platinum Partner, Okta Activate Partner, and Microsoft Partner.

Since 2017, we’ve been specializing in the implementation, migration, integration, audit, administration, support, and training for top-tier cloud solutions. Our products focus on cutting-edge cloud computing, advanced location and mapping, seamless collaboration from anywhere, unparalleled customer service, and innovative DevSecOps.

We’re looking for a Google Cloud Security Engineer to harden client environments across GCP. You’ll implement and help design security controls, automate guardrails, improve detection & response, and guide stakeholders through pragmatic, risk-based decisions across EMEA.

Requirements:

• 3+ years proven, hands-on experience in a Security Engineer, SecOps (or similar) role.
• Strong knowledge of building and operating Security Porture, Edge protection, WAF, Endpoint security.
• Technical certifications related to CyberSecurity Google Cloud Solutions, Cloudflare and JumpCloud are an advantage.
• Experience of presentation, documentation.
• Excellent communication and strategic planning abilities, able to explain trade-offs, influence remediation, and drive adoption of guardrails.
• Basic scripting experience (e.g., Python, Bash, or gcloud CLI).
• Fluency in English.

Responsibilities:

• Design, implement, and operate security controls for internal needs and clients across.
• Perform cybersecurity audits.
• Configure and monitor Security Command Center, audit logs, and threat protection.
• Establish logging, detection and incident response.
• Assist clients with implementation of Cybersecurity products (Google Cloud Security Center, Google Workspace Security, Cloudflare, JumpCloud) and compliance controls.
• Generate security assessment reports and provide actionable recommendations.
• Continuously assess the landscape: track new Vendors features and update baselines to improve posture, reliability, and cost efficiency.

Work conditions:

• Competitive Salary & Transparent Motivation: Receive a competitive base salary with performance-based bonuses, providing clear financial rewards for your success.
• Flexible Work Format: Work remotely with flexible hours, allowing you to balance your professional and personal life efficiently.
• Training with Leading Cloud Products: Access in-depth training on cutting-edge cloud solutions, enhancing your expertise and equipping you with the tools to succeed in an ever-evolving industry.
• International Collaboration: Work alongside A-players and seasoned professionals in the cloud industry. Expand your expertise by engaging with international markets across the EMEA and CEE regions.
• Vibrant Team Environment: Be part of an innovative, dynamic team that fosters both personal and professional growth, creating opportunities for you to advance in your career.

When applying to this position, you consent to the processing of your personal data by CLOUDFRESH for the purposes necessary to conduct the recruitment process, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR).
Additionally, you agree that CLOUDFRESH may process your personal data for future recruitment processes. You can withdraw this consetn at any time.

About the Role

We are looking for a highly skilled and strategic Senior DevSecOps Engineer to lead our security operations and infrastructure automation initiatives. In this role, you will bridge the gap between development, security, and operations, ensuring our on-premise environment remains secure, resilient, and efficient.
You will act as a subject matter expert, leveraging cutting-edge tools like CrowdStrike to automate threat detection and response, while maintaining robust perimeter security via Cloudflare.

Key Responsibilities
Implementation and automation of security tools in the CI/CD process (SAST, DAST, SCA).
Analysis of vulnerabilities in code, infrastructure and containers.
Development and configuration of security monitoring systems, incident response.
Monitoring and improving the security level of on-prem infrastructures.
Interaction with developers, DevOps and security teams to implement secure practices.
Active participation in the processes of IAM configuration, management of certificates, secrets and access policies.
Conducting internal security audits, participation in external (e.g. penetration) tests.

Requirements

Must-have:
Experience: 5+ years of experience in DevSecOps, Security Engineering, or a related field, with at least 2 years in a Senior role.
Tooling Expertise: Deep hands-on experience with the following specific tools:
Baremetal/on-premise infrastructure
Docker (Docker Swarm is a strong plus)
Gitlab CI 
CrowdStrike
Cloudflare
ELK.
SIEM Proficiency: Proven experience deploying and tuning SIEM solutions (e.g., Splunk, Elastic Security, Datadog, or similar).
Infrastructure: Strong background in managing on-premise infrastructure (physical servers, data centers, virtualization, networking).
Scripting: Proficiency in Python, Go, or Bash for automation and tooling.

Nice-to-have:
Experience with Kubernetes and such tools as Wiz.io and Torq.
Previous involvement in high-load, regulated, or 24/7 production environments (e.g., iGaming, FinTech, telecom or similar).

We offer
Fully remote work opportunity
Enhanced leave benefits:
20 days of paid vacation
5 paid days off
14 paid sick leaves
Company clubs & communities
Celebration gifts for personal milestones
Corporate online events, raffles & challenges
Corporate English program
Corporate yoga classes
Team-building activities
Coworking compensation
Training and development programs (internal & external).

We are looking for a practical security engineer who can improve detection quality, investigate real incidents, and help reduce manual SOC work.

This role is not about building an “AI security platform”. The focus is on better visibility, cleaner detections, faster investigations, and useful automation.

What You Will Work On

Threat Hunting
• Run targeted hunts based on clear hypotheses, including:

• Suspicious cloud activity
• Abnormal IAM or API usage
• Unusual network or application behavior
• Weak or missing detection coverage
• Gaps in logging and telemetry

• Use internal data and external threat intelligence to validate risks and improve detection logic.

Security Incident Investigation
• Investigate security alerts and incidents end-to-end:

• Understand what happened
• Validate whether the alert is real or noisy
• Identify affected users, systems, and data
• Collect evidence from logs and infrastructure
• Document findings clearly
• Recommend fixes or detection improvements

• Expected experience: 2+ years of hands-on security incident investigation.

Detection Engineering
• Improve existing detections and create new ones where needed:

• Reduce false positives
• Improve signal quality
• Tune alerts based on real data
• Validate whether detections catch meaningful activity
• Map useful detections to MITRE ATT&CK where appropriate

Automation and Internal Tooling
• Build small but useful tools to reduce repetitive work:

• Scripts for log analysis
• Alert enrichment
• Investigation helpers
• Data normalization
• Tool integrations
• Basic SOAR-style automation

Practical AI / LLM Usage
• Use LLMs only where they bring practical value:

• Alert enrichment
• Investigation summaries
• Internal tooling
• Analyst productivity

No hype. No AI-first positioning. AI is just one tool in the workflow.

Requirements
• Solid experience with SIEM tools, such as:

• Elastic
• Splunk
• Microsoft Sentinel
• Similar platforms

• 2+ years investigating real security incidents

• Strong understanding of:

• AWS logs and IAM activity
• Cloud security basics
• Network fundamentals
• APIs, authentication flows, and modern application behavior

• Comfortable working with:

• Large datasets
• Raw logs
• Noisy alerts
• Incomplete telemetry

• Python or similar language for data processing

• Experience with automation:

• SOAR
• Scripts
• Internal tools
• Custom workflows

• Basic DevOps knowledge:

• AWS
• Linux
• Docker
• Kubernetes basics
• CI/CD basics
• Cloud infrastructure concepts
• Logs, metrics, and monitoring

Nice to Have
• Experience applying simple ML or statistical methods to logs
• Familiarity with LLMs in internal tooling
• Experience with data pipelines:

• Kafka
• Spark
• Similar systems

• MITRE ATT&CK mapping
• Detection-as-code experience

• Understanding of infrastructure monitoring:

• Prometheus
• Grafana
• OpenTelemetry

What Will Make You Effective Here
You will be effective in this role if:
• You do not trust alerts blindly
• You care about signal quality, not the number of detections
• You can explain why a detection is noisy or useless
• You understand systems, not just security tools
• You are comfortable reading raw logs
• You prefer building automation once instead of repeating manual work
• You can work with engineers and explain security findings in practical terms

RedCore is an international business group that creates technological solutions for digital markets. Our products and services cover fintech, marketing, e-commerce, customer service, communications, and regulatory technologies. 

We are looking for a SecOps Engineer!

Requirements:

- Strong background in network security (3+ years of hands-on experience)
- Solid practical experience with cloud networking (AWS/Azure/GCP) — VPC, Security Groups, Route Tables, Firewalls, Network Policies
- Confident proficiency with Terraform (or similar IaC tools) in production environments
- Experience with Linux server hardening and auditing
Good understanding of Zero Trust principles and modern cloud networking approaches
- Knowledge of core cloud security services (GuardDuty, Inspector, Security Hub, IAM, etc.)

Will be plus:

- Relevant certifications: AWS Certified Security - Specialty, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, CCNP Security
- Experience with Kubernetes network security (NetworkPolicy, Cilium, Calico, Istio)
- eBPF-based tools (Falco, Tetragon)
- Policy as Code experience (OPA/Gatekeeper, Sentinel, Kyverno)
- Experience working with large-scale Terraform projects (modules, Terragrunt, best practices)
- Experience performing cloud security assessments and audits

Responsibilities:

- Design, implementation, and maintenance of secure cloud network architecture in a multi-account environment
- Cloud network segmentation, traffic control between accounts, Transit Gateway / Hub-Spoke models, PrivateLink, VPC Peering
- Implementation of Zero Trust Network Access principles at the cloud infrastructure level
- Development and maintenance of secure Infrastructure as Code (primarily Terraform + security policies)
- Auditing, hardening, and security monitoring of Linux hosts (CIS Benchmarks, auditd, osquery, etc.)
 - Automation of security controls and compliance (SCP, IAM policies, GuardDuty, Security Hub, etc.)
- Participation in threat modeling for cloud infrastructure
- Continuous improvement of Cloud Security Posture (CSPM) and Network Security Posture
- Close collaboration with Infrastructure, Platform, and DevOps teams on network security and IaC matters

Our benefits to you:
🍀 An exciting and challenging job in a fast-growing business group, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance, and more
🤝🏻 Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed
🧑🏻‍💻 Modern corporate equipment based on macOS or Windows, and additional equipment is provided
🏖️ Paid vacations, sick leave, personal events days, days off
💵 Referral program — enjoy cooperation with your colleagues and get a bonus
📚 Educational programs: regular internal training sessions, compensation for external education, attendance of specialized global conferences
🎯 Rewards program for mentoring and coaching colleagues
🗣️ Free internal English courses
✈️ In-house Travel Service
🦄 Multiple internal activities: online platform for employees with quests, gamification, presents and news, clubs for movie/book/pets lovers, and more
🎳 Other benefits could be added based on your location

Come build something true with us.

We’re True Sea Moss, a fast-growing wellness brand built on the healing powers of one of nature’s oldest superfoods, sea moss.

No powdered promises. No pretty lies. Our products move through a complex global supply chain — and behind that flow sits structure, discipline, and crystal-clear organization.

As we scale across marketplaces, systems, marketing platforms, data warehouses, and internal tools, security is no longer optional — it’s foundational.

We’re looking for a Cybersecurity Specialist — someone exceptionally structured, risk-aware, and confident owning company-wide security, access control, and infrastructure protection end-to-end.

Now — who are we looking for?

You’re the person who sees vulnerabilities before others even notice them.

You think in permissions, identity management, audit logs, and prevention frameworks. You don’t just react to incidents — you design systems that minimize the chance of them happening.

You’re calm under pressure, precise in execution, and serious about protecting company data, systems, and people.

What You’ll Be Doing

• Own company-wide access management (Google Workspace, Slack, AWS, Shopify, BI tools, internal systems, etc.)
• Create, modify, and revoke user access based on role and security policies
• Implement role-based access control (RBAC) and least-privilege principles
• Maintain secure credential and password management systems
• Implement and enforce multi-factor authentication (MFA) across all platforms
• Secure cloud environments and monitor infrastructure permissions
• Monitor logs, detect suspicious activity, and define response protocols
• Build and maintain internal security policies and documentation
• Conduct periodic security audits and vulnerability assessments
• Develop backup and disaster recovery strategies
• Lead incident response processes when needed
• Educate the team on security awareness and best practices

What You Bring

• Proven experience in cybersecurity or information security
• Strong understanding of identity & access management (IAM) principles
• Experience securing cloud environments (AWS preferred)
• Knowledge of endpoint protection and monitoring tools
• Understanding of encryption, authentication, and network security fundamentals
• Experience implementing MFA and access governance frameworks
• Ability to create clear security policies and enforce standards
• Strong sense of ownership and discretion when handling sensitive data
• English level B2+
• Comfortable working remotely

Nice-to-Haves

• Experience working with fast-growing e-commerce or digital-first companies
• Experience preparing companies for compliance audits
• Background in cloud infrastructure security automation

Why Work With Us

• A role with real responsibility and ownership from day one
• Direct impact on how safely and confidently we scale
• High trust and autonomy
• Opportunity to build security systems from the ground up
• A team that values structure, clarity, and calm execution

Here’s How We Back Our Words with Care

• Welcome Pack and custom TrueSeaMoss merch to make sure you arrive like you were always meant to be here
• Sports reimbursement to support your physical and mental health
• Additional vacation days beyond standard holidays
• Coaching & career consultations to support your personal and professional growth
• Access to corporate English lessons to sharpen your communication skills
• WHOOP membership to help you track your health, sleep, and recovery
• Coworking membership if you prefer a hybrid work lifestyle
• Sabbatical options after long-term contributions
• Travel grants to support work-related or wanderlust trips — we believe in leaving to come back better
• Project grants for side ideas, personal initiatives, or creative experiments

So — does this sound like you?

If you’re serious about protecting systems, building secure foundations, and owning cybersecurity end-to-end — we’d love to meet you.

🧙‍♂️ About the Role

The work happens directly inside client cloud environments: identifying security and compliance gaps, then remediating them through code — Terraform, OpenTofu, Bicep, YAML. Not manual configurations. Not PowerPoint recommendations. Real implementation work in production systems.

This role is part of a client delivery team supporting fast-growing US companies across multiple concurrent engagements in a consulting-driven environment. It combines cloud engineering, security, compliance, and advisory work.

The goal is not only to close gaps, but to help clients build security programs that survive real operational scale — not just audit

 

🧙‍♂️ In This Role You Will

• Harden cloud environments across AWS, Azure, GCP, and Oracle Cloud — IAM, network segmentation, secrets management, logging, monitoring, and CSPM.
• Remediate compliance and security gaps through Infrastructure as Code using Terraform, OpenTofu, Bicep, and YAML-based configurations.
• Use automated scanning and compliance tooling to assess posture across cloud environments, code repositories, HRIS, and ERP systems.
• Support clients through security and compliance initiatives including ISO 27001, ISO 27017, ISO 27018, ISO 27701, ISO 42001, SOC 2, and NIST 800-171.
• Automate security and operational workflows using Python, Bash, CI/CD pipelines, and vendor APIs.
• Participate directly in client calls, remediation planning sessions, technical workshops, and security roadmap discussions with engineering and security stakeholders.
• Build reusable IaC modules, automation scripts, and internal accelerators that improve delivery efficiency across future engagements.
• Collaborate with client engineering and security teams to deliver scalable, production-ready security solutions.
  
   

🎯 You May Be Interested If

• You enjoy solving real-world cloud infrastructure and security problems across different environments and industries.
• You prefer practical engineering and implementation work over checkbox security.
• You're comfortable managing multiple projects and adapting quickly to different client stacks and operational contexts.
• You take ownership of your work and can independently manage technical delivery workstreams.
• You're comfortable communicating directly with engineering leaders and explaining technical decisions clearly.
• You want to grow beyond pure execution into a more strategic, advisory-oriented security role.
• You come from a strong cloud engineering or DevSecOps background and want to move deeper into security and compliance engineering.
  
   

🍰 Must-Have

• Strong Infrastructure as Code experience — Terraform, OpenTofu, Bicep, or YAML in real production environments.
• Hands-on experience with at least one major cloud platform (AWS, Azure, or GCP); multi-cloud exposure is a strong plus.
• Understanding of security and compliance frameworks such as ISO 27001, SOC 2, or NIST, including how technical controls are implemented in practice.
• Experience with Python and/or Bash scripting for automation and operational workflows.
• Experience with CI/CD pipelines, GitHub Actions, infrastructure automation, and cloud-native tooling.
• Ability to communicate directly with client-side engineering and security stakeholders.
• Strong ownership mindset and ability to independently manage delivery workstreams.
• English proficiency at B2 level or higher.
• Availability for collaboration with US-based clients and scheduled calls starting from 16:00 Kyiv time.
  
   

🍒 Nice to Have

• Experience with Oracle Cloud Infrastructure (OCI).
• Experience with CSPM and automated compliance tooling such as Wiz, Lacework, Vanta, Drata, or similar platforms.
• Exposure to AppSec, vulnerability management, detection engineering, SIEM, or incident response workflows.
• Previous consulting, MSP, or client delivery experience.
• Relevant certifications such as AWS Security Specialty, CISSP, CCSP, or Security+.
  
   

💻 Working Conditions

• Employment Type: Full-Time
• Fully remote position with distributed teams across Ukraine and the US.
• Flexible remote setup with required overlap for US-based client communication and delivery coordination.
• 20 working days of paid vacation per year.
• Results-oriented environment with high autonomy and ownership expectations.
• Access to continuous learning opportunities, certifications, and professional development support.

About Teramind

Teramind is the leading platform for user behavior analytics, serving multiple use cases from insider risk mitigation to business process optimization. With our comprehensive suite of solutions, organizations gain unprecedented visibility into user activities while enhancing security, optimizing productivity, and ensuring compliance. Trusted by Fortune 500 companies and businesses of all sizes across industries, our innovative platform helps organizations protect sensitive data, maximize workforce performance, and create safer, more efficient digital workplaces. Through real-time monitoring and advanced analytics, we enable businesses to safeguard their most sensitive information while optimizing employee productivity in both in-office and remote work environments.

Our Core Values

At Teramind, our values drive everything we do. We embrace innovation as a fundamental principle, constantly pushing boundaries to improve our products, streamline processes, and enhance customer experiences. We foster resourcefulness by empowering our team members with the autonomy and confidence to solve problems independently while providing collaborative support when needed. As a globally inclusive organization, we celebrate diversity and create an adaptable work culture where respect and collaboration thrive across our international teams. Above all, we are committed to excellence, delivering the highest quality in every aspect of our work and consistently exceeding expectations in service to our clients and each other.

Key Responsibilities 

Security in the SDLC

• Own and enforce DevSecOps practices across CI/CD pipelines (SAST, DAST, SCA, and other practices)
• Integrate automated security tooling into development workflows; reduce manual security gates
• Partner with development teams to perform secure code reviews and threat modeling

Vulnerability & Risk Management

• Drive vulnerability identification, triage, and remediation across infrastructure and applications
• Manage security tooling stack
• Produce and maintain a risk register; track remediation SLAs

Penetration Testing, crowd testing & Incident Response

• Lead or coordinate internal/external penetration testing cycles
• Manage crowd testing campaigns
• Develop and maintain an incident response playbook; support incident investigations

Compliance & Governance

• Support compliance with SOC 2, ISO 27001, GDPR, and relevant data protection frameworks
• Define and enforce security policies, standards, and developer security training

Leadership & Collaboration

• Act as the primary security SME for the engineering organization
• Mentor developers on secure coding practices; build a security-first engineering culture
• Interface with external auditors, clients, and the executive team on security posture

Requirements

• 5+ years of experience in DevSecOps, application security, or security engineering
• Demonstrated experience managing security in software development environments (not just ops/infrastructure)
• Strong development background, proficiency in at least 1 language (eg: Python, Go, Java, C#)
• Hands on experience with CI/CD security tooling (SAST/DAST/SCA integration, secrets management)
• Experience with cloud security (AWS, Azure, or GCP) and container security (Docker, Kubernetes)
• Familiarity with SOC 2 or ISO 27001 compliance frameworks
• Excellent English communication skills (written and verbal)

Preferred/Nice to Have

• Penetration testing experience or relevant certification (OSCP, CEH, GPEN)
• Security certifications (CISSP, CSSLP, AWS Security Specialty, or similar)
• Experience at a B2B SaaS or cybersecurity product company
• Familiarity with insider threat, DLP, or endpoint security product domains

Why join us?

• Opportunity to shape the technical vision of a fast-growing company.

• Work alongside talented engineers solving challenging problems.

• Influence not just the codebase, but also the culture and processes of the engineering organization.

Benefits

This is a remote job. Work from anywhere! We’ve been thriving as a fully-remote team since 2014. To us, remote work means flexibility and having truly diverse, global teams.

Additionally:

• Collaboration with a forward-thinking team where new ideas come to life, experience is valued, and talent is incubated.

• Competitive salary

• Career growth opportunities

• Flexible paid time off

• Laptop reimbursement

• Ongoing training and development opportunities

About our recruitment process

We don’t expect a perfect fit for every requirement we’ve outlined. If you can see yourself contributing to the team, we want to hear your story. You can expect up to 3 interviews. In some scenarios, we’re able to streamline the process to have minimal rounds. Director-level roles and above should expect a more thorough process, with multiple rounds of interviews.

All roles require reference and background checks

Teramind is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration without regard to race, age, religion, color, marital status, national origin, gender, gender identity or expression, sexual orientation, disability, or veteran status.

We are looking for an Affiliate Operations & Anti-Fraud Analyst to support our Affiliate team by ensuring traffic quality, accurate partner reconciliations, and correct payout calculations.

This role combines affiliate operations and fraud analysis, helping us maintain transparent relationships with partners and protect the business from low-quality or fraudulent traffic.

HOW YOU WILL MAKE AN IMPACT:

• Analyze affiliate traffic across CPA / RevShare / Hybrid models;
• Detect fraud patterns (bot traffic, duplicates, incentive traffic, low-quality traffic);
• Cross-check traffic and player data across multiple platforms;
• Perform monthly reconciliations with affiliate partners;
• Calculate and verify final payout amounts;
• Ensure invoice accuracy before submitting to the finance team;
• Communicate with partners regarding discrepancies and fraud cases;
• Align and approve final reconciliation results with affiliates;
• Clearly explain discrepancies and defend calculations;
• Support Affiliate Managers with operational tasks and data validation.

WHAT WILL HELP YOU SUCCEED IN THE ROLE:

• 1+ years of experience in affiliate operations, traffic analysis, fraud, risk, or similar roles;
• Strong understanding of affiliate models (CPA, RevShare, Hybrid);
• Experience with reconciliation processes and payout calculations;
• Understanding of tracking systems, postbacks, and attribution logic;
• Knowledge of fraud detection principles (bot traffic, duplicates, incentive traffic, chargebacks);
• Strong Excel / Google Sheets skills;
• Ability to work with large datasets and meet deadlines;
• Intermediate English for partner communication. 

WILL BE A PLUS:

• Basic understanding of AML/KYC principles;
• Experience in iGaming / betting / high-risk verticals;
• Experience working with large volumes of traffic and payouts. 
   

WHY YOU’LL LOVE IT HERE:

• Flexible working hours and a remote work setup, so you can plan work around your life and not your life around work!
• Unlimited vacation days and paid sick leave—because your rest matters.
• A competitive compensation that truly reflects your skills and expertise.
• Employee referral bonus and gifts to celebrate your special occasions.
• 50% financial support for learning expenses to supercharge your professional growth!
• A positive atmosphere where you always feel respected and truly belong.
• Inspirational team-building activities that turn colleagues into best friends.
• Wellness benefits: We’ll support your sports passions, from yoga classes to gym memberships.
• Co-working space reimbursement to save your nerves from always working from home :)

We are looking for an IAM Security Engineer to build and strengthen our identity and access security controls across cloud, SaaS, and internal systems. In this role, you will be responsible for implementing practical Zero Trust principles, ensuring secure authentication, enabling Single Sign-On (SSO), enforcing Multi-Factor Authentication (MFA), and handling other key security tasks. Join our team to help protect sensitive data and improve the overall security posture of our systems.

Responsibilities

• Implement and maintain IAM controls across cloud, SaaS, and internal platforms
• Configure and optimize SSO integrations using SAML, OAuth 2.0, and OIDC
• Design and refine MFA and Conditional Access policies 
• Support secure user lifecycle processes, including Joiner, Mover, and Leaver (JML) activities
• Participate in access reviews and privilege cleanup activities
• Troubleshoot  authentication and authorization issues
• Analyze authentication events and provide technical expertise for identity-related investigations
• Collaborate with Engineering and IT teams to ensure secure onboarding of applications and access models
• Ensure alignment with audit and compliance requirements related to IAM controls
• Contribute to practical Zero Trust improvements based on company priorities and maturity

Requirements

• 3+ years of hands-on experience in IT or Information Security with a dedicated focus on Identity and Access Management (IAM), authentication, SSO, MFA, access control and user administration
• Practical experience with major Identity Providers such as Microsoft Entra ID, Okta, or similar solutions
• Solid grasp of identity standards, including SAML 2.0, OAuth 2.0, and OpenID Connect (OIDC)
• Proven ability to configure SSO integrations, manage MFA policies, and administer user/group/role hierarchies
• Strong understanding of Least Privilege, Conditional Access frameworks, and Joiner-Mover-Leaver (JML) lifecycles
• Ability to troubleshoot authentication issues and analyze identity-related logs
• Proficiency in PowerShell, Python or Bash
• English - Intermediate or higher (for free communication)

Will be a plus

• Practical experience in automating identity workflows, including user provisioning, deprovisioning, access reviews, and role-based access assignments
• Experience in enterprise-scale Fintech, Banking, or Telecom industries

We offer

• 20 paid vacation days per year
• 10 paid sick leave days per year
• Public holidays as per the company’s approved Public holiday list
• Medical insurance
• Opportunity to work remotely
• Professional education budget
• Language learning budget
• Wellness budget (gym membership, sports gear and related expenses)

Playson is a leading iGaming supplier operating in multiple regulated markets, delivering engaging casino content and advanced technology. We’re a fast-growing, tech-driven company that values innovation, autonomy, and ownership. At Playson, we welcome people who are curious, proactive, and passionate about solving complex challenges at scale.

We are ISO/IEC 27001 certified and committed to maintaining a robust security and compliance posture across all our operations.

About the Role

We are looking for a Security Lead to strengthen Playson’s information security framework and drive continuous improvement of our security culture. This role combines technical expertise, investigative focus, and process leadership - ensuring that our systems, data, and people remain secure, compliant, and resilient.

What will you be doing?

Information Security & Compliance

• Maintain and continuously improve the ISO/IEC 27001:2022 Information Security Management System (ISMS).
• Foster a strong Security-First mindset across the organization.
• Work closely with the CTO, Head of IT, and DevOps to enhance internal security controls.
• Conduct internal audits, risk assessments, and coordinate certification renewals.
• Update security policies and controls in line with ISO 27001, GDPR, and relevant international frameworks (e.g., NIST CSF and NIS2 principles where applicable).
  Manage integrations and alerting within Datadog SIEM, CrowdStrike, Cloudflare, and Google Workspace.
• Support DLP implementation and maintain central tracking of security events.
• Document risks, incidents, and corrective actions to ensure continuous compliance.

Incident Response & Investigation

• Lead investigations into security incidents such as phishing, data leakage, or unauthorized access.
• Collect and analyze digital evidence across systems (CrowdStrike, Cloudflare, Google, Slack).
• Maintain and enhance incident response playbooks and escalation workflows.
• Collaborate with HR, Legal, and IT teams during internal investigations.
• Produce post-incident reports and recommend remediation measures.

Endpoint & Access Security

• Manage MDM systems (Zoho MDM, Endpoint Central) and ensure full compliance for macOS endpoints.
• Maintain CrowdStrike Falcon configurations and endpoint posture enforcement.
• Oversee SSO, MFA, and 2FA enforcement across services (Google SSO, DUO Mobile, 1Password).
• Implement Just-in-Time (JIT) privilege elevation and regular admin access reviews.
• Perform Quarterly RAS Access Management Reviews.

• Maintain a consistent audit trail for access management throughout the year.

   

To succeed in the role, you will have:

• 3+ years of experience in information security, IT audit, or digital investigations.
• Solid understanding of ISO 27001, GDPR, and modern security frameworks (NIST CSF / NIS2).
• Hands-on experience with SIEM / EDR systems
• Proven ability to manage SSO, MFA, DLP, and MDM environments.
• Strong communication skills in English (B2 or higher).
• Analytical mindset, integrity, and attention to detail.

Preferred additional qualifications:

• Certifications: CISSP, CISM, CEH, ISO 27001 Lead Auditor, AWS Security Specialty.
• Experience with Zero Trust, PAM, DLP/CASB, or SOAR platforms.
• Forensics experience.
• Experience in designing awareness programs or running phishing simulations.

What you get in return:

• Competitive Salary: We offer a competitive salary in EUR, subject to annual performance reviews
• Quarterly Bonuses: Benefit from a transparent and systematic quarterly bonus system
• Flexible Schedule: We offer a flexible work schedule to accommodate your needs
• Remote Work Option: Choose to work remotely, providing greater flexibility and comfort
• Medical Insurance: Receive comprehensive medical insurance for both you and a significant other
• Financial Support for Life Events: We provide financial support during special life events
• Unlimited Paid Vacation: Enjoy unlimited paid vacation leave
• Unlimited Paid Sick Leave: Take unlimited paid sick leave whenever necessary
• Professional Development: Get reimbursement for professional development courses and training

The recruitment process includes the following steps:

1. HR Interview (30-45 mins)

2. Technical interview with Service Desk & Security Lead (60 mins)

3. Final Interview with CTO and People Business Partner (60 mins)

KPMG is a global network of professional firms providing Audit, Tax and Advisory services.
 

We operate in 143 countries and territories, and in FY22, collectively employed more than 265,000 people working in member firms around the world. KPMG is the brand under which the member firms of KPMG International Limited (“KPMG International”) operate and provide professional services. “KPMG” is used to refer to individual member firms within the KPMG organization or to one or more member firms collectively.
 

KPMG is committed to three key imperatives: quality of services, insight into the problems of our clients, and integrity in our business. It is these principles that drive our firms’ professionals to provide audit, tax, and advisory services that reflect global consistency and unwavering integrity. We will build and sustain our reputation as the best firm to work with by ensuring that our people, our clients and our communities achieve their full potential.
 

Experience and Skills

• Education: Bachelor’s or Master’s degree in Information Technology, Engineering, Computer Science, Information Systems, or Cybersecurity.
• Work Experience: Minimum of 5 years in designing and administering network infrastructure (or 2–3 years of experience in information security and/or at least 1 year in a managerial role).
• Network and Cloud Technologies: In-depth knowledge of network protocols and infrastructure, operating systems (Linux, Windows), and hands-on experience with cloud platforms (AWS, Azure, GCP), including ensuring their security.
• Network Security Tools: Experience in configuring and managing modern network security solutions such as next-generation firewalls (NGFW), web application firewalls (WAF), VPNs, IDS/IPS systems, as well as SIEM, EDR, NDR, SOAR, network access control (NAC), and similar protection tools.
• Secure Architecture: Practical skills in building secure network architectures using segmentation, micro-segmentation, and zero-trust principles.
• Incident Response: Experience in responding to cybersecurity incidents and investigating security events using appropriate tools and evidence analysis.
• Threat Modeling and Risk Assessment: Ability to perform threat modeling and cyber risk assessments, analyze potential threats, and develop appropriate security measures.
• Regulations and Standards: Knowledge of and compliance with information security legislation and standards (ISO/IEC 27001, NIST Cybersecurity Framework, NBU requirements, PCI DSS, etc.).
• Automation and Scripting: Hands-on experience in scripting and automating processes using Python, PowerShell, Bash, or similar languages.
• Certifications: Possession of international cybersecurity certifications is an advantage (e.g., CISSP, CISM, CISA, GIAC/SANS, OSCE, OSCP, CCNP Security/CyberOps, CCSP, and vendor-specific certifications).
   

Benefits:

• comprehensive remuneration package;
• transparent path of career growth;
• a wide range of training and development programs;
• opportunities for further development of professional skills through participation in diverse projects with international focus.
   

If you are passionate about cybersecurity, possess strong technical and managerial skills, and thrive in a collaborative environment, we invite you to join our team and contribute to the security and success of our clients.
 

KPMG in Ukraine creates a work environment that provides everyone with opportunities to develop and build a career. We are committed to the principle of zero tolerance for any form of discrimination based on age, gender, sexual orientation or disability. We respect the diversity of opinions and experiences, as we are convinced that by working together, people with different knowledge and views generate more creative ideas, find better solutions and develop innovative products.
 

You are welcome to join the diverse team of KPMG in Ukraine, express your individuality and realise your potential

About the project

We're working on an enterprise-scale Cyber Recovery Environment in AWS — built to protect critical workloads from ransomware and destructive attacks. Think highly isolated cloud architecture, immutable storage, fail-closed security, and automated access controls. Everything is scoped to NIST 800-53 Moderate, with a full audit-ready evidence package ready at go-live.

The role

You'll be the person who owns security controls — from design to validation to ongoing review — with everything implemented as code. It's a part-time engagement (~20 hrs/week) with a predictable twice-weekly review cadence covering infrastructure, IAM, encryption, and serverless automation. You'll work closely with GRC, SOC, and Cloud/DevOps teams, so communication matters as much as technical depth here.

What you'll be doing

• Designing and implementing security controls against NIST 800-53 Moderate — tailoring them to the environment and mapping inheritance across layers
• Running regular security reviews of Terraform and IaC changes, keeping a clean findings log and tracking remediations
• Reviewing and shaping IAM policies, SCPs, and access models across a multi-account AWS setup
• Designing and validating KMS encryption — key policies, rotation schedules, and cross-account access patterns
• Reviewing and improving serverless automation — replication windows, access controls, and security boundaries
• Making sure logging, monitoring, and threat detection are properly configured end-to-end
• Validating the fail-closed model — access restrictions, automated controls, and break-glass procedures
• Keeping the Control Traceability Matrix up to date and putting together audit evidence packages in immutable storage
• Supporting SIEM integration, tuning detection rules, writing runbooks, and helping internal teams get up to speed

What we're looking for

• 5+ years in AWS Security or DevSecOps engineering
• Solid, hands-on Terraform experience — you know what to look for in an IaC security review
• Real familiarity with NIST 800-53 Rev. 5 and what it actually takes to pass an audit
• Deep knowledge of IAM, Identity Center, SCPs, and multi-account AWS architecture
• Strong background in KMS and encryption design
• Hands-on with AWS security and monitoring services — logging, config, threat detection
• Experience validating automated, fail-closed security architectures
• Comfortable writing Python and/or Bash
• Clear communicator — you document things well and can explain security decisions to non-security people

Nice to have

• Cyber recovery / immutable storage
• S3 Object Lock
• Security Hub Macie · Inspector · Access Analyzer
• AWS Solutions Architect Pro / DevOps Pro
• SOC 2 · PCI-DSS · HIPAA
• SIEM integration experience

What AppRecode offers

• 20 days of paid annual leave plus public holidays.
• 5 paid sick days per year.
• Remote-first work environment.
• Friendly and supportive team culture.
• Personal development plans and access to experienced mentors and technical leaders.
• Reimbursement for sports activities and professional certifications (after probation).
• Ongoing learning opportunities: internal trainings and knowledge-sharing sessions.
• Free English classes if you want to further improve your communication skills.