• 3+ years experience in information security;
• Experience with at least one industry-standard Security framework (OWASP SAMM v2, BSIMM, MS SDL);
• Experience implementing product security practices in a software organization;
• Experience with CI/CD and software deployment processes automation tools;
• Experience with vulnerability management and identification, including extensive OWASP knowledge;
• Upper-Intermediate English (B2+).

A big plus, but not required:

• Technical background in QA, DevOps, or Dev;
• Hands-on experience with AWS cloud, DevSecOps, and cloud security solutions;
• Experience working with Agile methodologies (Kanban, Scrum);
• Hands-on experience in different platforms – Linux, Windows;
• Familiar security standards and regulation (PCI, GDPR, HIPAA, ISO 27000\1).

• Work with the security initiative group, development, and operational teams on improving and implementing security practices;
• Contribute to the inclusion of security requirements into the product lifecycle management;
• Lead penetration testing activities conducted by third-party vendors and internal teams;
• Perform hands-on security threat modeling, risk assessment, and vulnerability remediation;
• Promote security-focused culture across the organization.

• Opportunity to work in a young multinational team of professionals;
• Paid lunch and vacations;
• Flexible full-time work from 10 am to 7 pm with one hour of lunch break (2—3 pm);
• English classes;
• Professional and management training;
• Office in the center with good transport connections.