Назад
Company hidden
2 дня назад

Security Engineer (Cybersecurity)

Формат работы
onsite
Тип работы
fulltime
Английский
b2
Страна
Azerbaijan
Вакансия из списка Hirify.GlobalВакансия из Hirify RU Global, списка компаний с восточно-европейскими корнями
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Security Engineer (Cybersecurity): Building and hardening application and infrastructure security for a global payment platform with an accent on AppSec reviews and cloud environment security. Focus on conducting code reviews, implementing threat modeling, and strengthening GCP and Kubernetes configurations.

Location: On-site in Baku, Azerbaijan

Company

hirify.global is a global payment and business platform specifically designed for game developers.

What you will do

  • Perform application security reviews, including code reviews and running SAST/DAST tools.
  • Conduct threat modeling sessions for new features and architectural changes to identify risks early.
  • Harden cloud and container infrastructure using GCP, Kubernetes, and IAM configurations.
  • Triage penetration test findings and coordinate remediation with engineering teams.
  • Collaborate with developers on secure design patterns and architectural reviews.
  • Support incident response efforts, including investigation, documentation, and root-cause analysis.

Requirements

  • Foundational knowledge of AppSec, common vulnerability classes, and secure coding patterns.
  • Practical experience with GCP or similar cloud providers, including IAM and networking.
  • Ability to read and review code in Go, Python, or PHP.
  • Experience with security tooling such as SAST, DAST, or dependency scanning.
  • Strong written communication skills for creating asynchronous documentation and advisories.
  • Must be based in Baku for on-site work

Nice to have

  • Hands-on experience with Kubernetes or container security.
  • Infrastructure security background involving Linux, networking, and vSphere/ESX.
  • Technical familiarity with NIST CSF, PCI, SOC 2, or ISO 27001.
  • Experience in detection engineering or incident response.
  • Relevant certifications such as OSCP, GWAPT, or CKS.

Culture & Benefits

  • Opportunity to be an early hire in a new security team and shape the program's maturity.
  • Culture that values directness, intellectual honesty, and follow-through.
  • Collaborative environment focusing on helping teams build securely.
  • Exposure to a diverse global team operating across multiple time zones.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →