Infrastructure Security Engineer

Sumsub is a leading full-cycle verification platform that enables scalable compliance. They are looking for an Operational Security Engineer to enhance security operations, focusing on security alerts handling, vulnerability coordination, and employee-facing security requests.

Responsibilities:

• Design and implement security controls integrated into CI/CD pipelines
• Build and operate infrastructure security guardrails (Terraform, cloud, Kubernetes)
• Own security tooling as products (architecture, reliability, lifecycle)
• Implement audit logging, change tracking, and security evidence generation
• Design and evolve vulnerability management foundations (inventory, scoping, correlation)
• Define and enforce infrastructure security baselines
• Work with compliance teams to support audits (e.g., PCI DSS) through technical evidence
• Collaborate with SOC and operational teams to ensure controls are usable in practice

Requirements:

• Strong experience with CI/CD systems (GitHub Actions, GitLab CI, Jenkins, etc.)
• Infrastructure as Code (Terraform or similar)
• Cloud platforms (AWS, GCP, Azure)
• Container and Kubernetes security concepts (Falco, Trivy, etc.)
• Logging, auditability, and change tracking
• Understanding of vulnerability management fundamentals (CVEs, scanners, remediation, validation)
• Runtime security and drift detection
• Secret scanning and prevention
• Experience building internal security tooling
• Exposure to compliance frameworks (PCI DSS, SOC 2, ISO 27001)
• Developing experience (Python, Go, etc.)