Our client, Software Technology Ltd, is a software company specializing in trading technology solutions for regulated brokers and trading firms. The company provides Software-as-a-Service (SaaS) products that support electronic trading, brokerage operations, risk management, and financial data analysis. We are seeking an experienced Senior Security Engineer with a strong background in application, infrastructure, and cloud security to help protect and scale our trading technology platform.
Responsibilities * Ensure secure SDLC practices: threat modeling, SAST/DAST/IAST, code reviews, secret management; * Integrate security into CI/CD pipelines and support DevSecOps implementation; * Design API security and infrastructure controls, including VPN, WAF, DNS proxy, and DDoS protection; * Harden cloud environments (GCP) and Kubernetes clusters with policies, scanning, and access control; * Manage IAM/PAM lifecycles with SSO, MFA, RBAC, OIDC, and LDAP integrations; * Conduct vulnerability assessments, misconfiguration monitoring, and patch coordination; * Monitor security events, analyze logs/threat intel, and improve SIEM/EDR coverage; * Define security policies and procedures, and support internal/external audits; * Perform penetration testing and red teaming on applications and infrastructure; * Implement data protection measures: encryption, DLP, secure key storage, and privacy compliance.
Job requirements * 7+ years of professional experience in cybersecurity, with a strong focus on application, infrastructure, and/or cloud security; * Strong knowledge of application security principles and secure development practices (e.g., threat modeling, code review, DevSecOps); * Practical experience with cloud platforms, including identity, networking, and workload security; * Familiarity with Kubernetes security concepts, tools (e.g., OPA, Falco, Kyverno), and best practices; * Experience with authentication/authorization protocols and tools: SAML, OIDC, OAuth2, LDAP, MFA, SSO; * Understanding of common vulnerabilities and experience in vulnerability management and remediation; * Experience with penetration testing methodologies and tools; * Solid understanding of network protocols, firewalls, VPN, WAF, and API security mechanisms; * Hands-on experience with monitoring and detection tools; * Knowledge of security frameworks and standards; * Experience participating in or leading internal/external security audits and risk assessments; * Ability to write clear policies, procedures, and documentation; * English level: B2 or higher; * Experience with privacy regulations.
Would be a plus * High-Frequency Trading or other low-latency systems background; * Experience in FinTech is a plus; * Familiarity with Cloudflare services and configuration is a plus.
Company offers * Care from Day One — medical insurance immediately upon starting work, including dental care, massage and professional psychological support because your well-being matters * Work-Life Balance — 25 days of paid vacation + 30 days of sick leave, so you can recover without unnecessary stress * Investment in your energy — partial reimbursement for any sports activities that empowers you. * Growth — partial coverage for English or Ukrainian language courses + a fixed budget for professional development. Choose what suits you best! * Knowledge Library — books in the office and access to the Kuka online library to learn, grow, and find inspiration. * Modern Office in Larnaca — a stylish space for inspiration: open areas, cozy lounges, and functional meeting rooms — all for your comfort. * Island Relaxation 14 days a year — enjoy a getaway at the corporate villa in Cyprus.
