Назад
Company hidden
6 часов назад

DevSecOps Engineer (Cloud Security, AWS)

Формат работы
remote (только Poland)/hybrid
Тип работы
fulltime
Грейд
middle
Английский
b2
Страна
Poland
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

DevSecOps Engineer (Cloud Security, AWS): Protecting the hirify.global Experiences platform by blending proactive security engineering with reactive incident response with an accent on AWS infrastructure security and automated defenses. Focus on monitoring threats, automating SecOps tasks using Python or Go, and remediating vulnerabilities in collaboration with engineering teams.

Location: Poland, remote. We are able to offer only permanent contracts (umowa o pracę).

Company

hirify.global Group connects people to travel experiences through a portfolio of brands including hirify.global, Viator, and TheFork.

What you will do

  • Monitor and investigate security alerts from AWS infrastructure, application logs, and tools such as WAF and SIEM.
  • Respond to security incidents affecting the Experiences application, including data breaches and infrastructure compromises.
  • Build and automate security monitoring and alerting capabilities using Python or Go.
  • Configure, tune, and manage security tools like AWS GuardDuty, Security Hub, and WAF.
  • Operationalize findings from SAST, DAST, and SCA tools and conduct threat modeling for new features.
  • Collaborate with engineering teams to provide guidance on secure coding practices and architecture.

Requirements

  • Hands-on experience securing production environments in AWS using GuardDuty, Security Hub, WAF, and CloudTrail.
  • Strong understanding of core AWS services including VPC networking, EC2, RDS, S3, Lambda, and EKS.
  • Proficiency with Terraform for managing and securing cloud infrastructure.
  • Proven experience with the full lifecycle of security incidents, from detection to post-mortem.
  • Proficiency in at least one scripting language (Python, Go, or Bash) for automation.
  • Solid understanding of OWASP Top 10 and web application security fundamentals.

Nice to have

  • Demonstrated ability to use AI tools to improve efficiency and decision-making.
  • Ability to operate effectively with a global-first mindset in a distributed team.

Culture & Benefits

  • Remote-friendly approach with the flexibility to work remotely or join on-site.
  • Competitive compensation packages including base salary and annual bonuses.
  • Work-life balance focus with flexible schedules.
  • Annual lifestyle benefit for travel, wellness, or personal use.
  • Additional perks including donation matching, tuition assistance, and travel discounts.
  • Comprehensive health benefits and employee assistance programs.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →