Jobs

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a talented and motivated Junior Pentester who will join our security team to work on penetration testing and vulnerability/cloud security assessment projects.

We expect a short motivation letter where you can explain your skills, achievements and motivation.

Required skills

- Solid non-commercial cybersecurity experience, such as HTB/THM

- Junior-level cybersecurity certifications would be a plus.

- Comfortable with basic application security testing and common vulnerabilities (like OWASP Top 10, CWE Top 25) and cybersecurity fundamentals

- Strong basic IT skills: Linux, networking (TCP/IP, DNS, HTTP etc.)

- Some experience in scripting/coding languages, such as Java, JS, Python, Shell, etc.

- Strong drive to learn and develop cybersecurity skills

- Technical English (Intermediate)

We offer

- Good salary + bonus system

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Support in obtaining professional certifications, such as BSCP, OSCP, eWPTX, cloud certifications, etc.

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Execute penetration tests and security assessments as part of a team, including internal/external networks, web and mobile applications, Windows and Linux environments, cloud architectures, IoT devices, and more

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Conduct security research

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a Middle/Senior Security Consultant / Penetration tester to work on and lead penetration testing and vulnerability/cloud security assessment projects.

In this role, you will work on technically challenging projects and also spend some time leading/mentoring our junior pentesting colleagues.

Required skills

- 1.5+ years of intensive commercial experience

- OSCP, eWPTx2 or similar would be a plus

- Scripting/coding skills and being comfortable with advanced pentesting tooling

- Strong knowledge of mobile/web security

- Comfortable with cloud and container security

- Basic RE skills

- Ability to mentor/lead colleagues

- Strong ability and drive to learn and develop cybersecurity skills

- Technical English (Intermediate+)

We offer

- Good salary + bonus system

- Diverse project portfolio and technologies to work with

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Participate in various pentesting projects

- Lead junior colleagues

- Perform threat modeling in pentesting and security assessment projects

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Consult clients on efficient issues remediation

- Conduct security researches

- Develop tools and scripts to automate and improve current pentesting processes

About you:

We are looking for a proficient Vulnerability Researcher to work in the cybersecurity field. If you are interested in making a difference and being part of an exciting project, please apply with your CV.

About project:

Our new client develops a cyber security project for the US government. You will have the opportunity to contribute to the security of the United States.

Your area of responsibility:

- Detect and exploit vulnerabilities;

- Build scripts and software modules to verify the presence of vulnerabilities;

- Reverse-engineer vulnerability patches in order to better understand certain vulnerabilities;

- Assist in the development of tools to improve vulnerability or threat research.

Skills and requirements:

- Proven experience in vulnerability exploitation and fuzzing;
- Extensive experience (3+ years) in reverse engineering;
- Knowledge of OS internals (any OS);
- Recent knowledge of exploitation techniques (iOS/Android/Windows/Linux/embedded).

Will be a plus:

- Academic degree in Computer Sciences/Mathematics/Physics;

- Proven record (CVEs or verbal description) of found vulnerabilities in mobile/desktop OSes;

- Good interpersonal skills.

We offer:

- Висококласні робочі умови: спільнота першокласних інженерів, близько 90% нашої команди це Middle та Senior; цікаві та довгострокові проєкти у різних сферах; можливість змінити проєкт в разі необхідності;

- Конкурентна ринкова компенсація в валюті (не в гривневому еквіваленті), яка виплачується без затримок;

- Власний план розвитку та регулярні перегляди компенсації;

- Оплачувані відпустки (20 днів) та лікарняні дні (5 днів);

- Всі державні свята за Українським законодавством є вихідними;

- Можливість працювати з будь-якою точки світу — ми знайдемо юридичний варіант, допоможемо легалізуватися або проконсультуємо з цього питання.

- Бухгалтерський супровід;

- Юридична підтримка в межах України;

- Повноцінна HR-підтримка та турбота.

We are looking for an endpoint/workstation support engineer to support multiple mixed MacOS/Windows/Lin remote working environments. You should maintain a high level of user satisfaction, as well as properly document your work.

Your primary tasks will include:

* Enduser remote support for agents installation

* AV alerts investigation

* Ensuring security compliance policies are in place (e.g. full disk encryption, firewall)

* Implementing updates on agent installation packages whenever new version arrives

* Testing of Windows/Win/Lin endpoint agent updates

The candidate should have a proof records of successful projects in the following areas:

* support of AV/EDR/VPN and other security agents on multiple platforms

* Intune MDM

* Apple Business Manager

* Windows, MacOS and Linux endpoint support

* Basic Unix shell and Powershell scripting

* MS Graph API and other REST API basic experience

* Windows and MacOS troubleshooting with the aid of Sysinternals tools and different set of MacOS tools (netstat, lsof, vmstat, top, dtruss, etc.)

* Fluent English

* Teamwork and problem solving mind

* Compliance framework basic awareness (ISO27001/PCI-DSS/HIPAA etc.)

* ITIL and IT service basic awareness and ability to write end-user documentation/procedures/instructions

A big plus if have all or any of the following:

* Microsoft Intune certification or other Microsoft Security/Endpoint certificationi

* Any AV vendor certification

* Any security related certification (e.g. ISO27001LA, CISSP, CISA)

We are looking for a Security Architect (Cloud) to join our team!

As a Security Architect (Cloud), you will become an essential and vital part of our Cyber Risk team, providing expert advice in both local and international cloud security projects where a diverse skillset, relevant knowledge on both IT and business aspects set us apart from the competition. As part of our Cyber Practice, you will be part of a team of seasoned cyber security professionals where inclusive leadership, continuous learning and coaching culture is considered an essential part of who we are.

As part of your role, together with Senior Leadership, you will be in charge of developing and refining Deloitte's Cloud Security offering and go to market; as well as build the Cloud Security practice within Ukraine and central Europe.

Some of your tasks will include:
 

• Supporting clients during their cloud transformation initiatives, making sure that all technical security risks are correctly identified, mitigated and reported. In addition, integrating the new cloud infrastructure in the overarching security architecture and strategy
• Plan, research, and design security controls for IT systems and data to align with business objectives
• Developing technical security standards to serve as input for the creation of the cloud landing zones
• Defining, establishing and maintaining multi-cloud security architectures, strategies and methodologies
• Leading the implementation of technological cloud security capabilities by defining the technological security vision, defining the solutions and steering the implementation teams in realizing these architectures
• Review system security measures and implement necessary enhancements
• Defining and reviewing cloud security architectures and strategic roadmaps on an ongoing basis to ensure alignment with both business and IT strategies, taking into account technology evolutions
• Giving input to the ongoing improvement and streamlining of security architecture development and delivery
• Delivering an integrated security architecture model linking cloud, applications, information and infrastructure architectures

Let's talk about you

• Between 7 - 15 years of Cyber security experience, ideally most of it within consulting within the following areas:

Cloud and Container Security: 

• Minimum of 5 years experience with AWS, Azure, GCP or OCI and demonstrable affinity with Cloud technology
• Knowledge of information security principles and guidelines (including CIS, MITRE ATT&CK frameworks)
• Strong working knowledge of IT risks, cybersecurity, computer operating systems, and cloud computing environments
• Experience with containerization: Kubernetes, Docker. Practical experience with serverless and secure development environments, infrastructure-as-code is a plus

Governance and Risk Assessment :

• Good knowledge of security frameworks such as ISO, NIST CSF, CSA and CIS controls
• Experience with the implementation of cloud risk frameworks and optimization of controls in CI/CD pipelines

Architecture and Design:

• Well-versed in Secure Cloud Architecture Design and Implementation; Able to design solutions for improving Cloud Security by enforcement of cloud security guardrails and standards
• Experience with architecture and security reviews, threat modeling applications, and identifying areas of risk
• Experience with encryption in-flight and at-rest practices, as well as certificate and secrets is a nice to have
• High level knowledge of network architectures, topologies, and concepts (Firewalls, LB, WAF, CDN, VPC, ACL, TLS, SSH, and DNS)
• Experience implementing strategies to support secure and compliant architectures

Soft skills: 

• Adaptable, flexible and able to see the bigger picture
• Comfortable or eager to be involved in business development initiatives, should be at ease being on the market and engaging with potential new clients or increasing our offering with existing clients
• A thought-leader with a strong drive and motivation to build a team
• Ability to work within international environment

Certifications such as CISSP, CISA, or CISM are highly desired

Skills and Experience Requirements:

- 3+ years of experience as an Information Security Auditor/Internal Security Assessor.

- Experience managing controls or compliance with SOC2, ISO 27001, PCIDSS.

- Experience managing multiple projects in a fast paced, ambiguous environment, accountability/ownership for the audit project lifecycle.

- A high degree of personal integrity, attention to detail, and strong investigative skills.

- Associate or bachelor’s degree in  Information Security/IT/Cybersecurity related discipline is preferred.

Responsibilities:

- Schedule, coordinate, and lead company internal audits. Handle the full internal audit cycle.

- Develop and implement of audit program ( ISO/IEC 27001, PCIDSS, GDPR).

- Support preparation for external audits, liaise with external auditors and provide internal guidance in support of external audits.

- Plan, implement, monitor, and upgrade security measures to protect the organization’s data, systems, and networks.

- Conduct audits regular audits and provide recommendations.

- Maintain, monitor, and improve the audit process. 

- Control of implementation of corrective actions addressing nonconformities with management systems standards and document requirements.

We offer:

- 20 working days of vacation;

- 12 sick days;

- Compensation for sick leave;

- Medical insurance;

- Flexible work schedule;

- Gifts and benefits for significant occasions;

- Mental health care;

- Support and development of volunteer culture.

We are seeking a Head of Security to lead and enhance our global security strategy. As a key executive, you will be responsible for safeguarding our trading infrastructure, customer data, and regulatory compliance in a highly dynamic and fast-paced environment. This role is ideal for a security leader with deep expertise in cybersecurity, fraud prevention, compliance, and financial market security.
 

Responsibilities

• Cybersecurity & Infrastructure Protection
  • Develop and implement a comprehensive cybersecurity strategy to protect trading platforms, APIs, and back-office infrastructure
  • Ensure secure architecture of trading systems, web applications, and cloud environments
  • Oversee SOC operations, monitoring, and response strategies for cyber threats
  • Establish and enforce incident response plans, including DDoS mitigation, data breaches, and insider threats
  • Collaborate with IT and DevOps teams to embed security best practices into SDLC
• Fraud & Risk Management
  • Design and execute anti-fraud frameworks to prevent account takeovers, money laundering, and financial fraud
  • Implement AI-driven fraud detection systems to analyze trading patterns and suspicious activities
  • Work closely with KYC, AML, and Compliance teams to mitigate risks related to financial crime
  • Establish protocols for secure identity verification, access control, and user authentication
• Compliance & Regulatory Security
  • Ensure compliance with CySEC and other regulatory security requirements
  • Lead security audits, penetration testing, and vulnerability assessments to meet industry standards
  • Define security policies aligning with GDPR, PSD2, and other data privacy regulations
  • Coordinate with regulatory bodies to ensure continuous compliance with cybersecurity laws
• Data Leak Prevention & Office Security
  • Preventing data theft from office premises, including equipment, documents, and company valuables
  • Supporting and maintaining security tools used in the office
  • Protecting employee and corporate data from unauthorized access
  • Securing company documents to prevent leaks
  • Identifying and mitigating risks related to data breaches in company operations and processes
• Leadership & Strategy
  • Build and lead a high-performing security team, including security engineers, analysts, and risk specialists
  • Develop security awareness training for employees, fostering a strong security culture
  • Oversee third-party security vendors, risk assessments, and partnerships
  • Report security risks, incidents, and mitigation strategies to C-level executives and the board
     

Requirements

• 10+ years of experience in cybersecurity, risk management, or IT security within financial services, preferably in CFD/FX brokerage
• Proven track record in leading security teams and building cybersecurity programs
• Strong knowledge of infrastructure security (AWS, Azure, GCP, on-premise servers), DevSecOps, and application security
• Experience with SIEM, XDR, IAM, PAM, and fraud detection systems
• Deep understanding of regulatory requirements in financial markets, including AML, KYC, and PSD2 security mandates
• Experience in passing security audits for SOC 2 and PCI DSS
• Bachelor's or Master’s degree in Cybersecurity, Computer Science, or a related field
• Relevant certifications such as CISSP, CISM, CISA, CEH, OSCP, or CCSP
• Strong analytical and problem-solving mindset
• Excellent communication skills, capable of influencing executive leadership
• Ability to thrive in a high-pressure, fast-paced trading environment
   

We offer

• Work in a transparent, client-focused environment where every trading decision fosters long-term trust and exceptional service
• Opportunity to tackle the thrilling challenges of a rapidly expanding environment
• Lead the charge in implementing cutting-edge technologies and strategies to drive the company's success
• 10 medical leave days per year
• 21 annual leave days per year
• Public holiday in accordance with the Cyprus Public Holiday list
• Medical insurance
• Compensation for professional education, learning English
• Compensation for a sports subscription or sports equipment
• Extensive relocation package for you and your family

FAVBET Tech develops software that is used by millions of players around the world for the international company FAVBET Entertainment.
We develop innovations in the field of gambling and betting through a complex multi-component platform which is capable to withstand enormous loads and provide a unique experience for players.
FAVBET Tech does not organize and conduct gambling on its platform. Its main focus is software development.

Main areas of work:

• Betting/Gambling Platform Software Development — software development that is easy to use and personalized for each customer.
• Highload Development — development of highly loaded services and systems.
• CRM System Development — development of a number of services to ensure a high level of customer service, effective engagement of new customers and retention of existing ones.
• Big Data — development of complex systems for processing and analysis of big data.

• Cloud Services — we use cloud technologies for scaling and business efficiency.

   

About Us
We are a dynamically growing company specializing in developing high-load and fault-tolerant systems. Our team values professionalism, innovation, and a commitment to continuous growth.

Responsibilities:

• Lead the design, implementation, and integration of various cyber defense tools
• Conduct threat hunting over log sources connected to the SIEM and develop new coverage
• Monitor security alerts, perform triage and analysis, and respond to security incidents
• Identify security tools and implement solutions from POC to production (e.g., container security, cloud security, etc.)
• Develop SOAR to enhance monitoring, response, and observability for security alerts
• Managing infrastructure as code with Terraform
• Managing configuration as code with Ansible (AWX), Helm and Jsonnet
• Work closely with Engineering and DevOps teams to define a security strategy and execute it. 

Requirements:

• Strong knowledge of AWS, Kubernetes, containerized, and microservice architectures
• Strong knowledge of Linux and using languages such as Shell/Bash, Python, or Go
• Strong knowledge of Terraform, Ansible and Helm
• Experience with security solutions in cloud environments (e.g., DDoS, WAF, IDS/IPS, DB-FW, Kubernetes security, etc.)
• Knowledge of build/release systems and CI/CD pipelines

Nice to Have:

• Experience with Elastic XDR, including fine-tuning ILMs

We offer:

• 30 day off — we value rest and recreation;
• Medical insurance for employees and the possibility of training employees at the expense of the company and gym membership;
• Remote work or the opportunity — our own modern lofty office with spacious workplace, and brand-new work equipment (near Pochaina metro station);
• Flexible work schedule — we expect a full-time commitment but do not track your working hours;

• Flat hierarchy without micromanagement — our doors are open, and all teammates are approachable.

   

During the war, the company actively supports the Ministry of Digital Transformation of Ukraine in the initiative to deploy an IT army and has already organized its own cyber warfare unit, which makes a crushing blow to the enemy’s IT infrastructure 24/7, coordinates with other cyber volunteers and plans offensive actions on its IT front line.

RISK inc: An International iGaming Company Pushing the Boundaries of Entertainment

Who We Are:

An international iGaming company specializing in identifying and fostering the growth of high-potential entertainment markets. With 700+ professionals in 20+ locations, we operate in 10 countries, serving over 300,000 customers.

Always Pushing the Boundaries? You Already Belong at RISK!

Our global-scale operations are based on strong internal expertise, analytics, and data research. We have expertise in iGaming operations (sports betting, online casino), digital and affiliate marketing, tech solutions, and data analytics.

We are seeking a SOC Specialist to become a part of our team.

Responsibilities:

• Event Collection and Analysis: Gather and analyze events from infrastructure components (websites, servers, databases).
• Security Rule Development and Implementation: Create and implement security rules for scenarios like fake registrations, mass registrations, and DDoS attacks.
• Monitoring and Incident Response: Monitor and respond to rule triggers/incidents, refine response rules, and handle blocking actions.
• Security Incident Investigation: Investigate security incidents.
• Resource and Service Registry: Maintain a registry of resources and services.
• Security Compliance Control: Ensure resource compliance with international security standards and apply the latest security patches.
• Collaboration with Subcontractors and Security Partners: Work closely with subcontractors and partner companies on security matters.
• Administration of Security Systems: Manage security systems such as MDM (Mobile Device Management), BYOD (Bring Your Own Device), SIEM (Security Information and Event Management), and CloudFlare.
• Risk Analysis and Mitigation: Assess existing risks and develop compensatory actions to minimize them. Risk Analysis for New Systems and Projects: Evaluate potential risks related to implementing new systems, services, or applications to enhance business processes.

Qualifications

• Minimum 3 years of experience in IT and/or information security.
• Solid understanding of IT Infrastructure and Network Security principles.
• Familiarity with IT infrastructure protection systems and network security.
• Experience with IAM (Identity and Access Management) systems.
• Proficient in vulnerability management systems.
• Experience in configuring SIEM tools (Open Search, Splunk, or others).
• Desired experience in configuring security policies for Google Workspace/Office 365.
• Familiarity with tools like Terraform, GitLab, Prometheus, Grafana, Loki, Docker, Docker Compose, PowerBI, HaProxy, Nginx, and LEMP.
• Familiarity with cloud solutions such as AWS, DigitalOcean, CloudFlare, GCP, and Kubernetes.
• Experience with external audits (either undergoing or conducting them).
• Strong understanding of risk and incident management methodologies.
• Excellent documentation skills (creating instructions, policies, guidelines).
• Familiarity with scripting languages like Python, Bash/Shell scripts, SQL, and PowerShell for automation, parsing, API work, and database tasks.
• Knowledge of security standards like ISO/IEC 27001 and NIST.
• Familiarity with antivirus systems; experience with CrowdStrike is a plus.
• Desired experience in deploying and administering databases.
• Desired experience with Windows, Linux, and MacOS operating systems.
• Intermediate or higher proficiency in English (both written and spoken).

Our Benefit Cafeteria is Packed with Goodies:

• Children Allowance
• Mental Health Support
• Sport Activities
• Language Courses
• Automotive Services
• Veterinary Services
• Home Office Setup Assistance
• Dental Services
• Books and Stationery
• Training Compensation
• And yes, even Massage

PIN-UP Global is an international holding specializing in the development and implementation of advanced technologies, B2B solutions and innovative products for the iGaming industry. We provide certification and licensing of our products, providing customers and partners of the holding with high-quality and reliable solutions.
 

We are looking for an Application Security Engineer to join our team.

Requirements:
 

- 2+ years in cybersecurity or software development.

- Experience with SAST/DAST/IAST tools (e.g., Semgrep, Snyk, Burp, OwaspZap).

- Knowledge of secure development practices (OWASP Top 10, CWE/SANS Top 25).

- Experience implementing Quality Gate in CI/CD.

- Understanding of web applications and API architecture (web-GRPC, REST, Ajax).

- Knowledge of security standards: ISO 27001, SOC 2, NIST, PCI-DSS.

- Basic understanding of containers (Docker, Kubernetes).

- Programming Languages:

- Python, Go, JavaScript, Bash for code review and scripting.

- Fluently on Russian or Ukrainian;
 

Will be plus:

- Certifications (optional): eWPT, OSWE, CEH, GWEB.

Responsibilities:

Application Security Analysis:
 

- Implement and maintain SAST/DAST tools.
- Conduct threat modeling for new features.
- Perform source code analysis for vulnerabilities.
- Ensure secure API implementations.

DevSecOps Processes:
 

- Set up security gates in GitLab CI/CD.
- Scan dependencies (Grype, Trivy).
- Validate Helm charts for security issues.

Vulnerability Management:
 

- Track vulnerabilities using DefectDojo.
- Prioritize and assign remediation tasks.
- Monitor vulnerability resolution.

Training and Documentation:
 

- Conduct secure coding workshops.
- Develop guidelines and checklists.

Our benefits to you:

☘️An exciting and challenging job in a fast-growing product holding, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and other
🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed
🧑🏻‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided
🏖Paid vacations, sick leave, personal events days, days off
💵Referral program — enjoy cooperation with your colleagues and get the bonus
📚Educational programs: regular internal training, compensation for external education, attendance of specialized global conferences
🎯Rewards program for mentoring and coaching colleagues
🗣Free internal English courses
🦄Multiple internal activities: online platform for employees with quests, gamification and presents for collecting bonuses, PIN-UP team clubs for movie / book / pets lovers, etc
🎳Other benefits could be added based on your location

Company: Developer of a B2C trading platform

Company size: 150+ employees and growing

Work format: remote

Reporting to: CEO, close collaboration with CTO

Why is this role exciting?

This is a unique opportunity to build the security function from the ground up in a fast-growing tech company. You’ll be working in a young and friendly team, tackling real security challenges rather than focusing on compliance and certification. The company values practical and efficient security that brings real benefits to the business.

The role offers plenty of interesting challenges, room for professional growth, and the opportunity to set up the security function as needed. If you’re passionate about hands-on security, solving real-world security problems, and making an impact, this role is for you!

Responsibilities:

• Building a corporate information and cybersecurity system from scratch, aligning with business strategy and leadership expectations
• Identify security risks in business processes, evaluate, and prioritise mitigation controls
• Executethe cybersecurity roadmap with alignment to the emerging threats
• Implementing and managing access control (SSO, MFA, RBAC)
• Developing and enforcing information security policies for personal data protection (PII), information, and access management procedures
• Establishing vulnerability management processes
• Control network and application security resilience against attacks (DDoS, takeovers, injections, etc.),
• Developing and implementing workstation security with Mobile Device Management (MDM) policies and XDR tools
• Collaborating with IT and development teams on the platform’s security architecture, customer security aspects in products, and enabling DevSecOps
• Lead the security incident management process, orchestration, and control execution

• Conducting security training and fostering a strong security culture

   

Requirements:

• 5+ years of experience in information security
• Strong knowledge in security frameworks such as ISO27000, NIST, SOC, CSI or similar
• Practical understanding of IAM, PII protection built into the operational process of the company
• Experience in setting up vulnerability and patch management processes
• Familiarity with security threats and mitigation practices for DDoS, brute forces, injections, etc.
• Experience in mobile security, anti-virus tools, and BYOD policies
• Understanding of DevSecOps and the secure software development concept
• Ability to design security processes from scratch and their adoption
• Practical knowledge of cryptocurrencies and the risks associated with crypto
• Excellent communication and reporting skills
• Agility in risk management

Nice to have:

• Experience in fintech companies or trading platforms
• Experience in implementing SOC, DLP, and SIEM
• Knowledge of compliance frameworks (GDPR, PCI DSS)

We offer flexibility in discussing terms, building a team, and providing the necessary resources to create a strong, practical security system that truly benefits the business.

This app is an internal GenAl platform designed to support building and deploying Al-powered tools and agents. It provides infrastructure and components for working with large language models (LLMs), integrating various data sources, and orchestrating intelligent workflows. The platform includes tools for managing prompt templates, configuring model pipelines, handling input/output processing, and deploying modular Al services. It supports both open-source and commercial LLMs (e.g., OpenAl, Anthropic), and can run across multiple cloud environments. App AI is used across the organization to create custom Al assistants, automations, and decision support systems - typically combining structured business data with LLMs to generate insights, recommendations, and actions. It also includes role-based access controls, audit logging, and API integrations to ensure enterprise compliance and scalability. App AI is applied across industries such as: Healthcare: Accelerates insights from medical data. Aviation: Analyzes customer feedback to improve services. Retail: Generates personalized marketing content. Finance: Automates contract workflows and compliance processes

Typical Tasks for Python Developers 

* Build modular Python services for parsing, analyzing, and routing incoming medical and insurance documents. 

* Design and maintain custom pipelines for PDF processing, layout extraction, and field mapping using tools like pdfplumber, PyMuPDF, and heuristic matching. 

* Develop integrations with third-party APIs for document retrieval, submission, and status tracking (e.g., eFax, Athenahealth). 

* Implement and benchmark different approaches for matching patient and provider identities across unstructured data sources. 

* Create and maintain internal tools for debugging document flows and visualizing extracted metadata. 

* Automate QA checks for document classification and extraction results, reducing manual validation by >30%. 

* Prototype and deploy semantic search features using vector databases and hybrid retrieval methods. 

* Build health-check dashboards and job monitors to track performance and reliability of ingestion services. 

* Collaborate with ML and product teams to define input/output specs for document annotation and pre-processing steps. 

* Contribute to CI/CD setup, containerization, and environment management for Python services (Docker, GitHub Actions).

We offer:

• Attractive financial package

• Challenging projects

• Professional & career growth

• Great atmosphere in a friendly small team

Have you always dreamed of building a career in information security? Do you have an analytical mindset and a keen eye for detail?

We are looking for an IT Compliance & Audit Specialist who is eager to expand their knowledge in information technology and cybersecurity, as well as gain experience working in an international IT company.

You will work on a wide range of tasks related to information security to support the company's operations together with our Security Department.

Sounds interesting? There's more to come 💛

What you will do:

• Manage certification preparation processes (ISO, PCI DSS, SOC 2, etc.) and conduct them in accordance with relevant requirements (HIPAA, GDPR, CCPA, etc.)
• Monitor compliance of IT infrastructure with security standards;
• Collaborate with auditors and certification bodies;
• Monitor changes in legislation and security standards;
• Create documentation on policies and processes;
• Handle security requests from clients (external and internal);
• Develop and conduct internal audits;
• Assess risks and monitor compliance with security requirements;
• Prepare and conduct training on information security and compliance requirements.

What you need to succeed in this role:

• 3+ years of proven experience in information security, audit or compliance sphere(s);
• Degree in information technology, cybersecurity, law or risk management;
• Certifications (one or more) are desirable:
  - ISO 27001 Lead Implementer / Lead Auditor;
  - CISM (Certified Information Security Manager);
  - CISA (Certified Information Systems Auditor);
  - CISSP (Certified Information Systems Security Professional);
  - CIPP/E or CIPM (for GDPR);
  - PCIP, ISA or QSA (for PCI DSS).
• Experience in external audits and certification preparation;
• Knowledge of risk management principles;
• Skills in conducting GAP analysis and internal audits;
• Outstanding analytical skills and attention to detail; 
• Excellent English skills (for interacting with auditors, writing policies and reports, communicating with clients).

Would be a plus:

• Experience working in the financial and/or tech industry that handles sensitive data;
• Experience in automating compliance processes (GRC platforms, ISMS systems);
• Knowledge of DevSecOps approaches for integrating security into the development lifecycle.

Benefits and Perks:

• Business hours;
• Opportunity to work fully remotely;
• Creative and unique art offices;
• Inclusive international environment;
• Compensation in USD;
• Good bonuses for referring friends;
• Paid intensive training and probation;
• Mind-blowing corporate events and social activities;
• Work-life balance;
• Responsive management interested in your growth and long-lasting cooperation;
• Greenhouse conditions for self-development.

At WhiteTech, we empower businesses in the financial ecosystem with cutting-edge white-label and SAAS solutions.

Our comprehensive suite of tools is tailored for EMI, PSP, e-commerce, and open banking platforms. With WhiteTech, clients gain access to a platform designed for flexibility, scalability, and seamless integration.

Our mission is to help businesses unlock their full potential in a rapidly evolving financial landscape.

Whether scaling your PSP, enhancing your EMI services, or diving into open banking, WhiteTech is your partner for innovation and growth.

We are a remote-first technology company and welcome applications from candidates across Europe, including the EEA, the UK, Switzerland, and other non-EEA European countries such as Ukraine, Moldova, Georgia, Armenia, Montenegro, Turkey, and the Western Balkans. We also consider applicants from different locations who can work within Central European Time (CET).

Key Responsibilities:

• Support company preparation for PCI DSS and ISO/IEC 27001 certifications
• Develop and implement security policies, procedures, and technical controls
• Collaborate with auditors, technical teams, and business stakeholders
• Analyze logs, incidents, and vulnerabilities; participate in incident investigations
• Support identity and access management (IAM) processes and automation
• Work with SIEM, DLP, and SOC tools and processes
• Perform risk assessments and help implement mitigation measures
• Create security reports and dashboards based on key metrics

Requirements:

• 3+ years of experience in information security
• Knowledge of PCI DSS and ISO/IEC 27001 standards
• Experience with audits or certification processes
• Hands-on experience with security tools: SIEM, vulnerability scanners (e.g., Nessus, Qualys)
• Understanding of RBAC and the principle of least privilege
• Experience developing security documentation (policies, procedures)

Nice to Have:

• Relevant certifications (PCI DSS, ISO 27001, CISSP, CISA, etc.)
• Experience with IAM systems and process automation
• Strong analytical skills and attention to detail
• Team player with the ability to perform under pressure
• English proficiency (for reading technical documentation)

Our recruitment process typically follows these stages:

1. Application screening
2. Interview Stages (2-3 weeks):
    
   • Prescreen Call with the Recruiter 
   • Final Interview 
3. Job Offer
4. Referrals: Employment and Background Check

We offer: 

• Competitive compensation package (commensurate with your experience)
• Access to paid corporate English lessons (through Preply)
• 19 business days of flexible Paid Time Off (PTO)
• Fully remote work with flexible hours (within the CET time zone) from any location of your choice
• Values-driven culture with a friendly and supportive work environment
• Opportunity to regularly participate in conferences and community events as both a participant and contributor
• Matrix organizational structure designed to streamline communication, remove barriers, and promote efficiency

Embrace the opportunity to develop your skills in a cutting-edge fintech environment.

Please apply now to be part of our dynamic team and make a tangible impact on the future of payments!

Let’s build something great together!

Description

Harmonic is seeking for a UEM Security senior engineer for its IT infrastructure team. The candidate will report to the IT infrastructure manager located in Rennes.
In this context, the Unified Endpoint Management Senior Engineer is responsible for planning, architecture, design, installation and configuration of UEM services and transition to Windows modern management as a second role.

Requirements

• At least 6 years of experience, with strong experience in Unified Endpoint Management and Windows modern management projects implementation, exploitation and support;
• You will need to have in-depth knowledge of: providing Solutions, Implementation, configuration and troubleshooting of various platforms (Linux/Max/Windows/iOS/Android).

Job responsibilities

• Providing Solutions, Implementation, configuration and troubleshooting of various platforms (Linux / Max / Windows / iOS / Android);
• Device security Hardening (password protection, Device settings & Security factors enforcement);
• Device OS upgrades;
• Identification of jailbroken and rooted devices;
• Device and data protection (Encryption, Web filtering, VPN configuration);
  Secure apps installed on devices (Installation Restriction, Blacklist of unsecure apps, predefinition of Apps Configs and Permissions);
• Monitor data consumption;
• Manage Pro / Personal containers;
• Manage Network and FW settings;
• Remote management (Lost and out-of-compliance devices);
• Execute custom scripts;
• Transversal cooperation with all IT teams to architect UEM;
• Extensive experience in design, installation and exploitation of UEM cloud platform;
• Technical Documentation and Report Creation;
• Experience with AD, GPO, MDT and related technologies/tools;
• Use of Enterprise Management Systems, including Patch Management, Software Distribution and Asset Management;
• opportunities and development automation for the deployment and management of UEM Services.