Senior Security Engineer (Cloud Security)
Вакансия из Hirify Global, списка международных tech-компанийДля мэтча и отклика нужен Plus
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Senior Security Engineer (Cloud Security): Building and securing application and cloud-native infrastructure for an AI-powered health coaching app with an accent on application security, AWS/Kubernetes hardening, and compliance. Focus on implementing security guardrails as code, securing Istio service mesh, and ensuring HIPAA/SOC 2 compliance.
Location: Must be based in Europe, Poland, Cyprus, Georgia, Portugal, Serbia, Armenia, or Spain. Hybrid option available in Limassol, Cyprus.
Company
is an AI-powered health coaching app focused on empowering adults to achieve sustainable weight loss and a healthier lifestyle.
What you will do
- Own and improve application security across the SDLC, including secure design reviews, threat modeling, and CI/CD-integrated SAST/SCA.
- Harden AWS and Kubernetes/EKS environments focusing on IAM, network segmentation, and runtime security controls.
- Secure the Istio service mesh, managing mTLS, authorization policies, and service-to-service security patterns.
- Develop security guardrails as code using policy-as-code, reusable templates, and self-service tooling.
- Enhance software supply-chain security via image signing, SBOMs, and secure build/release practices.
- Implement and operate technical controls to maintain HIPAA and SOC 2 compliance.
Requirements
- 5+ years of experience in security engineering, cloud security, or AppSec.
- Hands-on production experience with AWS, Kubernetes/EKS, and Istio security.
- Strong coding ability in Go or Python for building automation and integrations.
- Experience with Terraform, ArgoCD, GitOps, and Kubernetes policy tools (Kyverno, OPA, Cilium).
- Proven experience working within regulated environments such as HIPAA, SOC 2, or ISO 27001.
- English: Strong written and spoken proficiency required.
Nice to have
- Experience with supply-chain tools like Cosign and sigstore.
- Background in offensive security, penetration testing, or bug bounty programs.
Culture & Benefits
- Competitive salary package and stock options.
- 21 days of annual leave plus bank holidays.
- Provision of all necessary work equipment.
- Flexible work arrangements: Hybrid in Limassol or Remote for candidates residing outside Cyprus.
- A data-driven culture that values ownership, impact, and challenging conventional thinking.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →