Key skills
AWSAzureCloudCyber SecurityDNSGoogle Cloud PlatformKafkaKubernetesPostgresPythonSDLCTCP/IPBashPowerShellGCPGoogle CloudEnvoyIAMAzure ADPostgreSQLOktaSSOCommunicationOWASPWAF
About this role
Role Overview
- Develop and implement information security policies and protection procedures.
- Perform risk assessments, security audits, and threat analysis.
- Monitor and respond to security incidents and conduct investigations.
- Implement and maintain security tools such as SIEM, DLP, WAF and others.
- Integrate DevSecOps practices into development workflows (Secure SDLC, code reviews).
- Ensure compliance with security standards (ISO/IEC 27001, NIST, OWASP, CIS Controls).
- Provide cybersecurity awareness training to employees.
- Support secure architecture for platforms including GCP, Kubernetes, ClickHouse, Kafka, PostgreSQL, and Envoy.
- Conducting proof-of-concept for new security integrations and actively participating in security budget discussions with product stakeholders and upper management.
Requirements
- Experience in information security or related fields (both formal education and practical hands-on experience are considered).
- 2+ years of hands-on experience in InfoSec/DevSecOps roles, preferably in a cloud environment (GCP, AWS, Azure).
- Strong understanding of network protocols (TCP/IP, DNS, HTTP/S, VPN).
- Hands-on experience securing infrastructure based on GCP, Kubernetes, ClickHouse, Kafka, PostgreSQL.
- Familiarity with SIEM systems, vulnerability management tools, IAM/SSO/MFA solutions (e.g., Okta, Azure AD).
- Incident response and forensics experience (IR, investigations).
- Solid understanding of security standards and frameworks: ISO/IEC 27001, NIST, OWASP, DevSecOps principles.
- Strong understanding of security principles, protocols, and standards (e.g., encryption, authentication, access control).
- Experience with security tools and technologies for monitoring and incident response.
- Proficiency in securing Kubernetes, PostgreSQL, ClickHouse, Envoy, Kafka, and related technologies.
- Experience with security tooling in cloud platforms (GCP, AWS, Azure).
- Scripting skills in Bash, Python, or PowerShell for automation.
- Relevant certifications (e.g., CISSP, CISM, CompTIA Security+, GCP Security Engineer) are a plus.
- Excellent communication skills and ability to collaborate effectively with technical and non-technical stakeholders.
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security
- DNS
- Google Cloud Platform
- Kafka
- Kubernetes
- Postgres
- Python
- SDLC
- TCP/IP
Benefits
- Competitive compensation package
- Flexible working schedule and the hybrid type of work
- Annual performance bonus
- One month of workation (you can work from any part of the world for one month)