|
Описание: |
Our client, Software Technology Ltd, is a software company specializing in trading technology solutions for regulated brokers and trading firms. The company provides Software-as-a-Service (SaaS) products that support electronic trading, brokerage operations, risk management, and financial data analysis. We are seeking an experienced Senior Security Engineer with a strong background in application, infrastructure, and cloud security to help protect and scale our trading technology platform.
Responsibilities
* Ensure secure SDLC practices: threat modeling, SAST/DAST/IAST, code reviews, secret management;
* Integrate security into CI/CD pipelines and support DevSecOps implementation;
* Design API security and infrastructure controls, including VPN, WAF, DNS proxy, and DDoS protection;
* Harden cloud environments (GCP) and Kubernetes clusters with policies, scanning, and access control;
* Manage IAM/PAM lifecycles with SSO, MFA, RBAC, OIDC, and LDAP integrations;
* Conduct vulnerability assessments, misconfiguration monitoring, and patch coordination;
* Monitor security events, analyze logs/threat intel, and improve SIEM/EDR coverage;
* Define security policies and procedures, and support internal/external audits;
* Perform penetration testing and red teaming on applications and infrastructure;
* Implement data protection measures: encryption, DLP, secure key storage, and privacy compliance.
Job requirements
* 7+ years of professional experience in cybersecurity, with a strong focus on application, infrastructure, and/or cloud security;
* Strong knowledge of application security principles and secure development practices (e.g., threat modeling, code review, DevSecOps);
* Practical experience with cloud platforms, including identity, networking, and workload security;
* Familiarity with Kubernetes security concepts, tools (e.g., OPA, Falco, Kyverno), and best practices;
* Experience with authentication/authorization protocols and tools: SAML, OIDC, OAuth2, LDAP, MFA, SSO;
* Understanding of common vulnerabilities and experience in vulnerability management and remediation;
* Experience with penetration testing methodologies and tools;
* Solid understanding of network protocols, firewalls, VPN, WAF, and API security mechanisms;
* Hands-on experience with monitoring and detection tools;
* Knowledge of security frameworks and standards;
* Experience participating in or leading internal/external security audits and risk assessments;
* Ability to write clear policies, procedures, and documentation;
* English level: B2 or higher;
* Experience with privacy regulations.
Would be a plus
* High-Frequency Trading or other low-latency systems background;
* Experience in FinTech is a plus;
* Familiarity with Cloudflare services and configuration is a plus.
Company offers
* Care from Day One — medical insurance immediately upon starting work, including dental care, massage and professional psychological support because your well-being matters
* Work-Life Balance — 25 days of paid vacation + 30 days of sick leave, so you can recover without unnecessary stress
* Investment in your energy — partial reimbursement for any sports activities that empowers you.
* Growth — partial coverage for English or Ukrainian language courses + a fixed budget for professional development. Choose what suits you best!
* Knowledge Library — books in the office and access to the Kuka online library to learn, grow, and find inspiration.
* Modern Office in Larnaca — a stylish space for inspiration: open areas, cozy lounges, and functional meeting rooms — all for your comfort.
* Island Relaxation 14 days a year — enjoy a getaway at the corporate villa in Cyprus.
Відгукнутись на вакансію |
