2 дня назад
Security Engineer (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
Текст:
TL;DR
Security Engineer (Cybersecurity): Building and hardening application and infrastructure security for a global payment platform with an accent on AppSec reviews and cloud environment security. Focus on conducting code reviews, implementing threat modeling, and strengthening GCP and Kubernetes configurations.
Location: On-site in Baku, Azerbaijan
Company
is a global payment and business platform specifically designed for game developers.
What you will do
- Perform application security reviews, including code reviews and running SAST/DAST tools.
- Conduct threat modeling sessions for new features and architectural changes to identify risks early.
- Harden cloud and container infrastructure using GCP, Kubernetes, and IAM configurations.
- Triage penetration test findings and coordinate remediation with engineering teams.
- Collaborate with developers on secure design patterns and architectural reviews.
- Support incident response efforts, including investigation, documentation, and root-cause analysis.
Requirements
- Foundational knowledge of AppSec, common vulnerability classes, and secure coding patterns.
- Practical experience with GCP or similar cloud providers, including IAM and networking.
- Ability to read and review code in Go, Python, or PHP.
- Experience with security tooling such as SAST, DAST, or dependency scanning.
- Strong written communication skills for creating asynchronous documentation and advisories.
- Must be based in Baku for on-site work
Nice to have
- Hands-on experience with Kubernetes or container security.
- Infrastructure security background involving Linux, networking, and vSphere/ESX.
- Technical familiarity with NIST CSF, PCI, SOC 2, or ISO 27001.
- Experience in detection engineering or incident response.
- Relevant certifications such as OSCP, GWAPT, or CKS.
Culture & Benefits
- Opportunity to be an early hire in a new security team and shape the program's maturity.
- Culture that values directness, intellectual honesty, and follow-through.
- Collaborative environment focusing on helping teams build securely.
- Exposure to a diverse global team operating across multiple time zones.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →