Назад
Company hidden
2 дня назад

Security Engineer (DevSecOps)

Формат работы
remote (только Cyprus)/hybrid
Тип работы
fulltime
Грейд
middle/senior
Английский
b2
Страна
Cyprus
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Security Engineer (DevSecOps): Building and maintaining technical security controls and compliance evidence for a regulated fintech and crypto platform with an accent on infrastructure security, vulnerability management, and CI/CD pipeline integrity. Focus on bridging the gap between CISO requirements and engineering implementation through a specify-implement-verify model.

Location: Must be based in or able to work from Cyprus (Hybrid/Remote-friendly)

Company

A group of regulated fintech and cryptocurrency companies focused on building secure, foundation-first financial infrastructure.

What you will do

  • Act as the primary security-engineering liaison, translating CISO requirements into actionable engineering tasks.
  • Produce audit-ready technical compliance evidence for frameworks like PCI DSS, ISO 27001, and SOC 2.
  • Execute offensive security validation, including vulnerability scanning and reproduction of pen test findings.
  • Manage CI/CD security gates, defining thresholds for SAST, dependency scanning, and container security.
  • Assess and harden cloud and edge infrastructure, including direct management of WAF and CDN security rules.
  • Co-build and maintain detection logic for a Kubernetes-native monitoring platform.

Requirements

  • Strong background in DevOps and infrastructure including AWS, Kubernetes, CI/CD, and Linux.
  • Hands-on experience with offensive security tools such as Burp Suite, Metasploit, Nmap, or Nessus.
  • Proficiency in Bash scripting for automation and security tooling.
  • Ability to translate complex compliance requirements into clear, technical engineering specifications.
  • Must be based in Cyprus or able to work from this location.

Nice to have

  • 2+ years of experience in security engineering or vulnerability management.
  • Offensive security certifications like OSCP, eJPT, or PNPT.
  • Experience with audit evidence production for PCI DSS, ISO 27001, or SOC 2.
  • Knowledge of Python for security automation.
  • Background in fintech, payments, or cryptocurrency.

Culture & Benefits

  • Founding security hire role with direct influence over the security roadmap and CISO collaboration.
  • Exposure to a modern, AI-assisted security stack and Kubernetes-native monitoring.
  • Opportunity to work across the full breadth of security domains including offensive, defensive, and compliance.
  • Dedicated GRC support to handle non-technical audit paperwork.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →