Jobs

About you:

We are looking for a proficient Vulnerability Researcher to work in the cybersecurity field. If you are interested in making a difference and being part of an exciting project, please apply with your CV.

About project:

Our new client develops a cyber security project for the US government. You will have the opportunity to contribute to the security of the United States.

Your area of responsibility:

- Detect and exploit vulnerabilities;

- Build scripts and software modules to verify the presence of vulnerabilities;

- Reverse-engineer vulnerability patches in order to better understand certain vulnerabilities;

- Assist in the development of tools to improve vulnerability or threat research.

Skills and requirements:

- Proven experience in vulnerability exploitation and fuzzing;
- Extensive experience (3+ years) in reverse engineering;
- Knowledge of OS internals (any OS);
- Recent knowledge of exploitation techniques (iOS/Android/Windows/Linux/embedded).

Will be a plus:

- Academic degree in Computer Sciences/Mathematics/Physics;

- Proven record (CVEs or verbal description) of found vulnerabilities in mobile/desktop OSes;

- Good interpersonal skills.

We offer:

- Висококласні робочі умови: спільнота першокласних інженерів, близько 90% нашої команди це Middle та Senior; цікаві та довгострокові проєкти у різних сферах; можливість змінити проєкт в разі необхідності;

- Конкурентна ринкова компенсація в валюті (не в гривневому еквіваленті), яка виплачується без затримок;

- Власний план розвитку та регулярні перегляди компенсації;

- Оплачувані відпустки (20 днів) та лікарняні дні (5 днів);

- Всі державні свята за Українським законодавством є вихідними;

- Можливість працювати з будь-якою точки світу — ми знайдемо юридичний варіант, допоможемо легалізуватися або проконсультуємо з цього питання.

- Бухгалтерський супровід;

- Юридична підтримка в межах України;

- Повноцінна HR-підтримка та турбота.

About project:

Our new client develops a cyber security project for the US government. You will have the opportunity to contribute to the security of the United States.

Your area of responsibility:

- Detect and exploit vulnerabilities;

- Understand the technical details of the published vulnerabilities as well as their real risk;

- Build scripts and software modules to verify the presence of vulnerabilities;

- Effectively communicate the vulnerability impact;

- Reverse-engineer vulnerability patches in order to better understand certain vulnerabilities;

- Assist in analyzing data from internet scanning tools in order to validate its accuracy;

- Assist in the development of tools to improve vulnerability or threat research.

Skills and requirements:

- Proven experience in vulnerability exploitation;

- Extensive experience (3+ years) in reverse engineering (optionally);

- Knowledge of OS internals (any OS);

- Recent knowledge of exploitation techniques (iOS/Android/Windows/Linux/embedded).

Will be a plus:

- Academic degree in Computer Sciences/Mathematics/Physics;

- Proven record (CVEs or verbal description) of found vulnerabilities in mobile/desktop OSes;

- Good interpersonal skills.

We offer:

- Working in a team of talented and passionate engineers;

- Opportunity to work with the most trending technologies;

- Long-term enjoyable cooperation;

- Personal legal support;

- Payable vacation and sick days;

- Competitive salary depending on your own talents;

- Regular performance & career development reviews;

- Team building events.

We are looking for an endpoint/workstation support engineer to support multiple mixed MacOS/Windows/Lin remote working environments. You should maintain a high level of user satisfaction, as well as properly document your work.

Your primary tasks will include:

* Enduser remote support for agents installation

* AV alerts investigation

* Ensuring security compliance policies are in place (e.g. full disk encryption, firewall)

* Implementing updates on agent installation packages whenever new version arrives

* Testing of Windows/Win/Lin endpoint agent updates

The candidate should have a proof records of successful projects in the following areas:

* support of AV/EDR/VPN and other security agents on multiple platforms

* Intune MDM

* Apple Business Manager

* Windows, MacOS and Linux endpoint support

* Basic Unix shell and Powershell scripting

* MS Graph API and other REST API basic experience

* Windows and MacOS troubleshooting with the aid of Sysinternals tools and different set of MacOS tools (netstat, lsof, vmstat, top, dtruss, etc.)

* Fluent English

* Teamwork and problem solving mind

* Compliance framework basic awareness (ISO27001/PCI-DSS/HIPAA etc.)

* ITIL and IT service basic awareness and ability to write end-user documentation/procedures/instructions

A big plus if have all or any of the following:

* Microsoft Intune certification or other Microsoft Security/Endpoint certificationi

* Any AV vendor certification

* Any security related certification (e.g. ISO27001LA, CISSP, CISA)

Skills and Experience Requirements:

- 3+ years of experience as an Information Security Auditor/Internal Security Assessor.

- Experience managing controls or compliance with SOC2, ISO 27001, PCIDSS.

- Experience managing multiple projects in a fast paced, ambiguous environment, accountability/ownership for the audit project lifecycle.

- A high degree of personal integrity, attention to detail, and strong investigative skills.

- Associate or bachelor’s degree in  Information Security/IT/Cybersecurity related discipline is preferred.

Responsibilities:

- Schedule, coordinate, and lead company internal audits. Handle the full internal audit cycle.

- Develop and implement of audit program ( ISO/IEC 27001, PCIDSS, GDPR).

- Support preparation for external audits, liaise with external auditors and provide internal guidance in support of external audits.

- Plan, implement, monitor, and upgrade security measures to protect the organization’s data, systems, and networks.

- Conduct audits regular audits and provide recommendations.

- Maintain, monitor, and improve the audit process. 

- Control of implementation of corrective actions addressing nonconformities with management systems standards and document requirements.

We offer:

- 20 working days of vacation;

- 12 sick days;

- Compensation for sick leave;

- Medical insurance;

- Flexible work schedule;

- Gifts and benefits for significant occasions;

- Mental health care;

- Support and development of volunteer culture.

We are seeking a Head of Security to lead and enhance our global security strategy. As a key executive, you will be responsible for safeguarding our trading infrastructure, customer data, and regulatory compliance in a highly dynamic and fast-paced environment. This role is ideal for a security leader with deep expertise in cybersecurity, fraud prevention, compliance, and financial market security.
 

Responsibilities

• Cybersecurity & Infrastructure Protection
  • Develop and implement a comprehensive cybersecurity strategy to protect trading platforms, APIs, and back-office infrastructure
  • Ensure secure architecture of trading systems, web applications, and cloud environments
  • Oversee SOC operations, monitoring, and response strategies for cyber threats
  • Establish and enforce incident response plans, including DDoS mitigation, data breaches, and insider threats
  • Collaborate with IT and DevOps teams to embed security best practices into SDLC
• Fraud & Risk Management
  • Design and execute anti-fraud frameworks to prevent account takeovers, money laundering, and financial fraud
  • Implement AI-driven fraud detection systems to analyze trading patterns and suspicious activities
  • Work closely with KYC, AML, and Compliance teams to mitigate risks related to financial crime
  • Establish protocols for secure identity verification, access control, and user authentication
• Compliance & Regulatory Security
  • Ensure compliance with CySEC and other regulatory security requirements
  • Lead security audits, penetration testing, and vulnerability assessments to meet industry standards
  • Define security policies aligning with GDPR, PSD2, and other data privacy regulations
  • Coordinate with regulatory bodies to ensure continuous compliance with cybersecurity laws
• Data Leak Prevention & Office Security
  • Preventing data theft from office premises, including equipment, documents, and company valuables
  • Supporting and maintaining security tools used in the office
  • Protecting employee and corporate data from unauthorized access
  • Securing company documents to prevent leaks
  • Identifying and mitigating risks related to data breaches in company operations and processes
• Leadership & Strategy
  • Build and lead a high-performing security team, including security engineers, analysts, and risk specialists
  • Develop security awareness training for employees, fostering a strong security culture
  • Oversee third-party security vendors, risk assessments, and partnerships
  • Report security risks, incidents, and mitigation strategies to C-level executives and the board
     

Requirements

• 10+ years of experience in cybersecurity, risk management, or IT security within financial services, preferably in CFD/FX brokerage
• Proven track record in leading security teams and building cybersecurity programs
• Strong knowledge of infrastructure security (AWS, Azure, GCP, on-premise servers), DevSecOps, and application security
• Experience with SIEM, XDR, IAM, PAM, and fraud detection systems
• Deep understanding of regulatory requirements in financial markets, including AML, KYC, and PSD2 security mandates
• Experience in passing security audits for SOC 2 and PCI DSS
• Bachelor's or Master’s degree in Cybersecurity, Computer Science, or a related field
• Relevant certifications such as CISSP, CISM, CISA, CEH, OSCP, or CCSP
• Strong analytical and problem-solving mindset
• Excellent communication skills, capable of influencing executive leadership
• Ability to thrive in a high-pressure, fast-paced trading environment
   

We offer

• Work in a transparent, client-focused environment where every trading decision fosters long-term trust and exceptional service
• Opportunity to tackle the thrilling challenges of a rapidly expanding environment
• Lead the charge in implementing cutting-edge technologies and strategies to drive the company's success
• 10 medical leave days per year
• 21 annual leave days per year
• Public holiday in accordance with the Cyprus Public Holiday list
• Medical insurance
• Compensation for professional education, learning English
• Compensation for a sports subscription or sports equipment
• Extensive relocation package for you and your family

RISK inc: An International iGaming Company Pushing the Boundaries of Entertainment

Who We Are:

An international iGaming company specializing in identifying and fostering the growth of high-potential entertainment markets. With 700+ professionals in 20+ locations, we operate in 10 countries, serving over 300,000 customers.

Always Pushing the Boundaries? You Already Belong at RISK!

Our global-scale operations are based on strong internal expertise, analytics, and data research. We have expertise in iGaming operations (sports betting, online casino), digital and affiliate marketing, tech solutions, and data analytics.

We are seeking a SOC Specialist to become a part of our team.

Responsibilities:

• Event Collection and Analysis: Gather and analyze events from infrastructure components (websites, servers, databases).
• Security Rule Development and Implementation: Create and implement security rules for scenarios like fake registrations, mass registrations, and DDoS attacks.
• Monitoring and Incident Response: Monitor and respond to rule triggers/incidents, refine response rules, and handle blocking actions.
• Security Incident Investigation: Investigate security incidents.
• Resource and Service Registry: Maintain a registry of resources and services.
• Security Compliance Control: Ensure resource compliance with international security standards and apply the latest security patches.
• Collaboration with Subcontractors and Security Partners: Work closely with subcontractors and partner companies on security matters.
• Administration of Security Systems: Manage security systems such as MDM (Mobile Device Management), BYOD (Bring Your Own Device), SIEM (Security Information and Event Management), and CloudFlare.
• Risk Analysis and Mitigation: Assess existing risks and develop compensatory actions to minimize them. Risk Analysis for New Systems and Projects: Evaluate potential risks related to implementing new systems, services, or applications to enhance business processes.

Qualifications

• Minimum 3 years of experience in IT and/or information security.
• Solid understanding of IT Infrastructure and Network Security principles.
• Familiarity with IT infrastructure protection systems and network security.
• Experience with IAM (Identity and Access Management) systems.
• Proficient in vulnerability management systems.
• Experience in configuring SIEM tools (Open Search, Splunk, or others).
• Desired experience in configuring security policies for Google Workspace/Office 365.
• Familiarity with tools like Terraform, GitLab, Prometheus, Grafana, Loki, Docker, Docker Compose, PowerBI, HaProxy, Nginx, and LEMP.
• Familiarity with cloud solutions such as AWS, DigitalOcean, CloudFlare, GCP, and Kubernetes.
• Experience with external audits (either undergoing or conducting them).
• Strong understanding of risk and incident management methodologies.
• Excellent documentation skills (creating instructions, policies, guidelines).
• Familiarity with scripting languages like Python, Bash/Shell scripts, SQL, and PowerShell for automation, parsing, API work, and database tasks.
• Knowledge of security standards like ISO/IEC 27001 and NIST.
• Familiarity with antivirus systems; experience with CrowdStrike is a plus.
• Desired experience in deploying and administering databases.
• Desired experience with Windows, Linux, and MacOS operating systems.
• Intermediate or higher proficiency in English (both written and spoken).

Our Benefit Cafeteria is Packed with Goodies:

• Children Allowance
• Mental Health Support
• Sport Activities
• Language Courses
• Automotive Services
• Veterinary Services
• Home Office Setup Assistance
• Dental Services
• Books and Stationery
• Training Compensation
• And yes, even Massage

We are inviting you, a highly motivated and results-oriented Security Engineer to join our team for ensuring and developing solutions, as well as strengthening the product infrastructure.

Our team has unique expertise in research, analysis, and product development. By relying on technical insights and a data-driven approach, we create disruptive future-defining innovations of the fin-tech industry that remain our basis for success.

Responsibilities

• Develop, implement, maintain, upgrade, and test cybersecurity products
• Provide cybersecurity-related support to users and customers
• Integrate cybersecurity solutions into systems and services, ensuring their stability and performance
• Securely configure systems, services, and products
• Maintain and upgrade the security of systems, services, and products
• Implement cybersecurity procedures and controls
• Monitor and ensure the performance of the implemented cybersecurity controls
• Document and report on the security of systems, services, and products
• Work closely with the Engineering teams on cybersecurity-related actions

• Implement, apply, and manage patches to products to address technical vulnerabilities

   

Requirements

• 3+ years of experience in information security and cybersecurity roles
• Background in development, DevOps, system administration, etc.
• Hands-on experience in developing, integrating, and testing security solutions
• Experience with vulnerability analysis and incident response
• Proficiency in scripting languages such as Python, Bash, PowerShell, etc
• Solid understanding of secure development lifecycle, operating system security, and computer network security
• Experience with both offensive and defensive security practices
• Knowledge of cybersecurity controls, solutions, and technologies
• Ability to collaborate with cross-functional teams and colleagues
• Effective communication and presentation skills to report to stakeholders
• Strong analytical and problem-solving skills
• Reliability, integrity, and responsibility in handling sensitive information and security tasks

• Upper-Intermediate English

   

Will be a plus

• Experience with Ruby, Go, or other programming languages

• Security certifications

   

We offer

• Tax expenses coverage for private entrepreneurs in Ukraine
• Expert support and guidance for Ukrainian private entrepreneurs
• 20 paid vacation days per year
• 10 paid sick leave days per year
• Public holidays as per the company’s approved Public holiday list
• Medical insurance
• Opportunity to work remotely
• Professional education budget
• Language learning budget
• Wellness budget (gym membership, sports gear and related expenses)

We are looking for a Security Operations Centre Specialist to join our partner's team.
 

Your main responsibilities will be:

• Provide exceptional operational management and support for the analysis and investigation of security incidents;
• Respond promptly to alerts, perform triage operations, and determine the appropriate level of response;
• Decide on and implement the best course of action in response to cyber attacks, initiating suitable recovery procedures;
• Investigate, document, and report on information security issues and emerging trends;
• Maintain, monitor, and operate security infrastructure and related technologies;
• Conduct security assessments for newly acquired systems and technologies to ensure compliance with security standards.
   

Essential professional experience:

• Understanding of network and systems security, security testing, and software security;
• Experience with Windows & *nix platforms;
• Familiar with scripting languages (Bash, Python, Powershell);
• Knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS and HTTP Protocols, network analysis;
• Knowledge of common malware threats and attack methodologies;
• Analytical and observational skills;
• Threat Hunting experience;
• Strong communication skills, team player, able to function independently and as part of a team;
• Endless will to learn something new.

We are inviting a highly motivated and security-driven DevSecOps Engineer to join our team and help strengthen the security of our infrastructure, services, and development processes.

Our company specializes in research, engineering, and product development for the fintech industry. By applying a data-driven approach and leveraging technical expertise, we build future-defining solutions that drive innovation and success.

Responsibilities:

• Integrate and automate security controls within CI/CD pipelines and infrastructure
• Securely configure and harden systems, services, and cloud/on-premise environments
• Implement and manage vulnerability management processes and tools
• Develop automation scripts (Python, Bash, PowerShell) for log analysis and security monitoring
• Configure and maintain SIEM and SOAR solutions for incident detection and response
• Support the Secure Development Lifecycle (SDL) by embedding security at all stages (from threat modeling to deployment and monitoring)
• Apply patches and updates to mitigate security vulnerabilities

• Collaborate closely with DevOps and Development teams on security initiatives

   

Requirements:

• 3+ years of hands-on experience specifically in DevSecOps or cybersecurity-focused infrastructure roles
• 3+ years of experience in DevOps, System Administration, or Infrastructure Engineering
• Proven experience integrating security tools and processes into CI/CD pipelines and both cloud and on-premise infrastructure
• Strong expertise in vulnerability management, including scanning, analysis, and remediation
• Proficient scripting skills (Python, Bash, PowerShell, etc.) for automation and log analysis
• Solid understanding of operating system security (Linux and Windows) and computer network security principles
• Experience with secrets management, identity and access management (IAM), and infrastructure hardening
• Hands-on experience with SIEM and SOAR platforms for security monitoring and automated incident response
• Knowledge of cybersecurity controls and technologies (firewalls, IDS/IPS, WAF, etc.)
• Practical understanding of the Secure Development Lifecycle (SDL), including threat modeling, secure design, SAST, DAST, and secure deployment practices
• Strong analytical and problem-solving skills
• Ability to collaborate effectively with cross-functional teams and communicate security risks and recommendations clearly

• Intermediate or higher level of English

   

Will be a plus:

• Experience in CFD domain

• Security certifications (e.g., CISSP, CKS, OSCP, etc.)

   

We offer

• Tax expenses coverage for private entrepreneurs in Ukraine
• Expert support and guidance for Ukrainian private entrepreneurs
• 20 paid vacation days per year
• 10 paid sick leave days per year
• Public holidays as per the company’s approved Public holiday list
• Medical insurance
• Opportunity to work remotely
• Professional education budget
• Language learning budget
• Wellness budget (gym membership, sports gear and related expenses)

Job Description

· 7 to 10 years of experience in Information Security, specializing in modern SIEM platforms, including end-to-end implementation, configuration, maintenance, and ongoing assessment in mid-scale and large-scale enterprise environments.

· Strong knowledge of KQL, SPL or UDM schema and YARA-L rules.

· Experience ingesting and parsing logs from EDR, firewalls, cloud services, and applications.

· Familiarity with threat hunting methodologies and MITRE ATT&CK framework.

· Experience working in cloud environments (Google Cloud, AWS, Azure).

· Solid understanding of security monitoring, log analysis, detection engineering, and incident response.

· Strong communication skills with the ability to explain technical concepts to both technical and non-technical audiences.

· Ability to learn and adapt quickly in fast-paced environments with evolving tools and requirements.

· Familiarity or working knowledge of Google SecOps is a strong advantage.

· Strong experience in building and maintaining security reports and tracking key performance Indicators (KIPs) to support operational efficiency and decision-making.

Job Responsibilities

· Act as a trusted security advisor to clients, providing guidance on improving their overall security posture and aligning operations with industry best practices on the backend.

· Leverage hands-on experience with various SIEM platforms (e.g., Microsoft Sentinel, Splunk) to support detection use cases, alert tuning, and incident investigations.

· Learn and adapt quickly to new platforms and tools, including Google SecOps (prior knowledge is beneficial but not mandatory)

· If familiar with Google SecOps, assist in areas such as design and implementing Google SecOps platform for enterprise-level security.

· Ingest and normalize data from diverse sources into Google SecOps using UDM (Unified Data Model).

· Develop, test, and optimize detection rules.

· Collaborate with internal and external teams to create and optimize custom parsers.

· Integrate Google SecOps with third-party security tools (EDR, NDR, SIEMs, SOARs, threat intel feeds).

· Identify gaps and recommend practical improvements to enhance scalability, security, and overall effectiveness.

· Assess existing automation workflows and incident response playbooks.

· Propose optimizations to increase operational efficiency and reduce response times.

· Conduct threat hunting, triage alerts, and support incident response efforts using Google SecOps.

· Stay up to date with the Google SecOps feature updates, security threats, and best practices.

· Provide training and documentation to SOC and IT teams on Google SecOps usage and playbooks.

Department/Project Description

We are looking for a highly technical and client-focused Senior Information Security Specialist to join our growing Information Security team. This is a hands-on role that requires strong security operations expertise, experience with modern SIEM platforms, and the ability to engage with clients as a trusted security advisor.

Broad experience with SIEM platforms such as Microsoft Sentinel, Splunk, and other tools is essential. Familiarity with emerging technologies like Google SecOps and SOAR is a plus (training will be provided as needed). We're looking for someone who can adapt quickly, manage client expectations effectively, and contribute meaningfully to complex, dynamic environments.

You will work closely with SOC Analysts, SOAR Engineers, and Solutions Engineers to align security operations with industry standards and client-specific requirements.

Position is open onsite or hybrid in Krakow, Poland

Requirements:

• Bachelor's or Master's degree in Computer Science, Electrical Engineering, Information Systems, or a related field.
• 8+ years of development experience focused on identity and access management systems.
• Hands-on experience with programming languages and automation tools (C#, .NET, Ansible, Python, Java, Go, Node.js, Terraform, Docker, etc.).
• Experience with Active Directory or similar systems.
• Experience integrating with Microsoft Active Directory or comparable third-party systems.
• Development experience in hybrid cloud environments.
• Strong cross-functional communication skills for technical and non-technical audiences.
• Experience working with multiple vendors in the identity and access management ecosystem.

Nice-to-Have:

• Familiarity with cloud security best practices and certificate infrastructure.
• Experience with container orchestration and microservices architectures.
• Knowledge of Single Sign-On (SSO), multi-factor authentication, and identity federation.
• Experience with continuous integration/continuous deployment (CI/CD) pipelines.
• Exposure to agile development methodologies and DevOps practices.

Key Responsibilities:

• Integrate identity data from corporate systems and enforce roles and policies to control access to critical resources.
• Implement features such as JIT, JML, PIM, PAM, and RBAC.
• Collaborate with security, compliance, and engineering teams to ensure proper logging and auditing of access activities.
• Design, develop, and operate identity management systems across infrastructure in both private and public clouds.
• Monitor industry trends and adopt new tools and features as needed.
• Mentor junior engineers and participate in on-call rotations.

About the Project:

We are seeking an experienced Active Directory Engineer specializing in Identity and Access Management to enhance product infrastructure security. The role involves managing user identities, governing access to production systems, and automating security processes to ensure seamless and secure access management for engineers and operations personnel. The team collaborates cross-functionally to build scalable solutions that integrate with compliance and security requirements.

Mandatory requirements:

• Minimum of 5 years of product security experience in the medical device industry either directly for a medical device manufacturer or for a product security services organization providing consultative services to the manufacturer.
• Strong experience working with standards such as ISO 13485, ISO 14971, IEC 62304, NIST 800-30, NIST 800-53, AAMI TIR 57, UL 2900-2-1, IEC 62443.
• Strong understanding of the cybersecurity requirements of international regulations and guidance documents, including FDA Premarket Guidance for Cybersecurity of Medical Devices, MDR, IVDR, etc.
• Background in leveraging industry standard threat modeling and risk management frameworks.
• Background in penetration testing or leading pen testing engagements with third party organizations.
• Practical knowledge of Agile and agile-based methodologies
• Degree in computer science, software engineering, or cybersecurity

Optional:

• Experience advising on or writing cybersecurity SOPs for Quality Management Systems
• Experience with regulatory submission process
• Experience leading cross functional teams to incorporate cybersecurity across product engineering, Quality, Regulatory, IT, and other business functions
• Experience in working with embedded systems, cloud enabled systems, and IoT systems

We are building a B2B iGaming platform and are looking for a DevOps & Security Engineer to join our infrastructure team. We are looking for a mid- to senior-level engineer with strong technical expertise. You should be passionate about or highly experienced with Cloudflare and Amazon Web Services (AWS), and have hands-on experience with Kubernetes (k8s). Specialized in Network and Information Security. Familiarity with performance testing, Continuous Integration/Continuous Deployment (CI/CD), and Infrastructure as Code (IaC), among other DevOps practices. Willingness to audit existing solutions and implement design and implementation improvements.

Your tasks:

• Configure and maintain Cloudflare services, including WAF (Web Application Firewall), DDoS protection, rate limiting, and custom rules;
• Design and enforce security policies in Kubernetes, including RBAC, network policies, pod security standards, and secrets management;
• Analyze and improve security configurations in AWS, such as IAM policies, VPC setup, security groups, S3 access, and KMS usage;
• Optimize CI/CD processes and set up deployment environments;
• Lead security incident response processes and postmortems, when necessary.

Our criteria:

• Hands-on expertise with Cloudflare security configuration: DNS, WAF, Access, Rate Limiting, SSL/TLS, and Zero Trust tools;
• Proficiency in Amazon AWS, including EC2, RDS, S3, VPC, IAM, EKS and related services;
• Experience with Kubernetes (k8s), Docker, Helm, and Terraform;
• Experience with monitoring and logging stacks (e.g., Prometheus, Grafana, Loki);
• Proficient in *nix systems and shell scripting;
• Experience with ISO27001 or PCI DSS is a plus

Our offer:

• We are global, we don’t stick to office or remote options only;
• We value work-life balance and start anytime from 8 to 11, with flexible lunchtime;
• We trust each other and provide unlimited vacation days and sick-leaves;
• We support our people and provide relocation options for team members, who are interested;
• We encourage growth and cover 50% of learning expenses;
• We hold yearly performance reviews to help our team members grow and reach new heights, and reward results with regular performance bonuses;
• We believe in potential and prefer to promote internally, giving everyone a chance to prove themselves, and building our company around talents above anything else;
• We are small enough to hear the opinion of every team member, and already big enough to act on the best ideas - an opportunity to have a visible and immediate impact;
• We celebrate our team with corporate gifts and thoughtful appreciation throughout the year.

N-iX is a software development service company that helps businesses across the globe develop successful software products. Founded in 2002 in Lviv, N-iX has come a long way and increased its presence in 9 countries Poland, Ukraine, Sweden, Romania, Bulgaria, Malta, the UK, the US, and Colombia. Today, we are a strong community of 2,000+ professionals and a reliable partner for global industry leaders and Fortune 500 companies.

We’re looking for a highly motivated and detail-oriented Junior Compliance Specialist to join our Internal Audit team. This is a fantastic entry-level opportunity to gain hands-on experience in both compliance and internal audit functions within a dynamic and evolving landscape. You’ll play a crucial role in supporting our internal audit direction by oversee a portion of the assessment of compliance with critical international standards and regulations, including ISO 9001 (Quality Management System), ISO 27001 (Information Security Management System), ISO 27701 (Privacy Information Management System), PCI DSS (Payment Card Industry Data Security Standard), SOC2 Type II, GDPR (General Data Protection Regulation), etc.

Duties:

• Support Internal Audit Engagements: Assist in the planning, execution, and reporting of internal audit engagements, with a specific focus on adherence to ISO 9001, ISO 27001, ISO 27701, PCI DSS, SOC2 Type II, GDPR, etc. requirements
• Standard Monitoring & Analysis: Monitor and track changes in these key standards and regulations, assessing their potential impact on the company’s operations and compliance framework
• Policy & Procedure Review: Contribute to the review and analysis of internal policies, procedures, and controls to ensure alignment with ISO 9001, ISO 27001, PCI DSS, SOC2 Type II, and GDPR requirements and internal audit findings
• Documentation & Reporting: Prepare clear and concise documentation of audit work performed, findings, and recommendations. Contribute to the drafting of audit reports and presentations specifically highlighting compliance with relevant standards
• Issue Tracking: Perform the tracking and follow-up on identified audit findings and management action plans to ensure timely remediation in line with compliance requirements
• Risk Assessment Support: Assist in identifying and assessing compliance risks across various business functions, particularly those related to information security, data privacy, and quality management
• Training & Awareness: Support the development and delivery of compliance training materials and awareness initiatives
• Ad-hoc Projects: Participate in ad-hoc projects and initiatives related to compliance and internal audit as required

Qualifications:

• Foundational understanding of, or a strong willingness to learn, key compliance frameworks such as ISO 9001, ISO 27001, ISO 27701, PCI DSS, SOC2 Type II, and GDPR
• Good written and verbal communication skills in English
• High level of attention to detail and accuracy
• Ability to work independently and as part of a team
• Stakeholder management and communication skills, comfortable working with stakeholders at all levels of seniority
• Good organizational and time management skills
• Proactive, inquisitive, and eager to learn

We offer*:

• Flexible working format — remote, office-based or flexible
• A competitive salary and good compensation package
• Personalized career growth
• Professional development tools (mentorship program, tech talks and trainings, centers of excellence, and more)
• Active tech communities with regular knowledge sharing
• Education reimbursement
• Memorable anniversary presents
• Corporate events and team buildings
• Other location-specific benefits

*not applicable for freelancers

We are looking for a  Information Security Compliance Specialist to strengthen our organization’s cybersecurity defenses by executing and enhancing security operations. This role is dedicated to Miratech’s internal projects, providing an opportunity to work in a dynamic, multicultural environment alongside talented professionals worldwide.

You'll collaborate with global teams to drive compliance with international standards like ISO 27001, GDPR and support security audits, policy development, and awareness initiatives across the company.

Responsibilities:

• Support and collaborate on internal and external security audits, ensuring compliance with security frameworks (ISO 27001, GDPR, etc.) and provide detailed security reports based on collected and analyzed data.
• Review and maintain security procedures , and control frameworks while assessing customer security requirements.
• Work with security processes, risk assessments, and incident investigations, when necessary.
• Audit, monitor, and improve information security across Miratech’s internal systems and third parties.
• Participate in internal security projects.
• Enhance security awareness by developing training materials and conducting security programs for employees.

Qualifications

• 2+ years of experience in security operations, management, or analytical / audit roles.
• Understanding of cloud computing, microservices, networking, security protocols, authentication, and authorization.
• Knowledge of IT/Cybersecurity risks and security solutions (SIEM, IAM, SOAR, EDR, etc.)
• Hands-on experience with security frameworks such as ISO 27001/27701, GDPR.

We offer:

• Culture of Relentless Performance: join an unstoppable technology development team with a 99% project success rate and more than 30% year-over-year revenue growth.
• Competitive Pay and Benefits: enjoy a comprehensive compensation and benefits package, including health insurance, and a relocation program.
• Work From Anywhere Culture: make the most of the flexibility that comes with remote work.
• Growth Mindset: reap the benefits of a range of professional development opportunities, including certification programs, mentorship and talent investment programs, internal mobility and internship opportunities.
• Global Impact: collaborate on impactful projects for top global clients and shape the future of industries.
• Welcoming Multicultural Environment: be a part of a dynamic, global team and thrive in an inclusive and supportive work environment with open communication and regular team-building company social events.
• Social Sustainability Values: join our sustainable business practices focused on five pillars, including IT education, community empowerment, fair operating practices, environmental sustainability, and gender equality.