SecOps Engineer

We are looking for a hands-on Security Operations Engineer to own and evolve our security posture across infrastructure, endpoints, and internal systems. You will be the primary driver of day-to-day security operations — from managing protective tooling to responding to incidents and coordinating audits. This is a high-ownership role with direct impact on how the company detects, responds to, and prevents security threats.

Responsibilities:

• Security Systems Management Own the configuration, maintenance, and continuous improvement of security tooling across the organization — including DLP (Data Loss Prevention), MDM (Mobile Device Management), SIEM, and endpoint protection platforms. Ensure policies are enforced, coverage is complete, and tooling stays current with evolving threats and business needs.

• Incident Management Act as the first responder for security incidents: triage alerts, investigate root causes, coordinate containment and remediation, and produce clear post-mortem reports. Build and refine runbooks and playbooks to reduce response time and improve team readiness over time.

• Infrastructure Security Partner with DevOps and Engineering teams to embed security across cloud infrastructure, Kubernetes workloads, CI/CD pipelines, and network layers. Conduct regular reviews of IAM policies, secrets management, network segmentation, and access controls to identify and close gaps before they become incidents.

• Audit & Penetration Testing Coordinate internal and external security audits, manage relationships with pentest vendors, and track remediation of findings through to closure. Conduct ongoing vulnerability assessments and support compliance activities (SOC 2, ISO 27001, PCI DSS, or equivalent) by maintaining evidence and responding to auditor requests.

Requirements

Security Systems & Tooling

• Hands-on experience administering DLP platforms (Forcepoint, Symantec DLP, Teramind, Nightfall, or similar) — policy authoring, tuning, and alert management

• MDM administration experience: Jamf, Kandji, Microsoft Intune, or equivalent — device enrollment, compliance policies, remote wipe, certificate management

• Familiarity with PAM solutions (CyberArk, HashiCorp Vault, BeyondTrust) and secrets lifecycle management

• Email security tooling: DMARC/DKIM/SPF configuration, anti-phishing platforms (Proofpoint, Mimecast)

Infrastructure & Cloud Security

• Network security fundamentals: firewall rule management, IDS/IPS configuration, zero-trust access models, VPN and ZTNA (Cloudflare Access, Tailscale, Zscaler)

• Infrastructure-as-Code security scanning: Checkov, tfsec, KICS for Terraform/Helm/Kubernetes manifests

Incident Response & Threat Intelligence

• Structured incident response methodology: NIST SP 800-61, PICERL, or equivalent framework

• Digital forensics basics: memory and disk image acquisition, log preservation and chain of custody, timeline reconstruction

• Threat intelligence platforms and feeds: MISP, OpenCTI, VirusTotal, Shodan — IOC enrichment and threat correlation

• Practical knowledge of MITRE ATT&CK framework for detection mapping and adversary emulation

Audit & Vulnerability Management

• Vulnerability scanning and management: Nessus, Qualys, Wiz, Orca Security — prioritization, SLA tracking, and remediation coordination

• Pentest coordination: scoping, managing NDA/RoE, validating findings, tracking remediation through to closure

• Web application security fundamentals: OWASP Top 10, common API vulnerabilities, ability to validate findings from external researchers

Nice to Have

• Experience in fintech, crypto, or another regulated industry

• Relevant certifications: OSCP, CEH, GCIA, GCIH, GWAPT, Security+, CISSP, AWS Security Specialty, or CKS (Certified Kubernetes Security Specialist)

• Compliance frameworks: SOC 2 Type II, ISO 27001, PCI DSS — evidence collection, control mapping, auditor interaction

• Exposure to blockchain-specific security considerations: smart contract audit basics, wallet security, on-chain threat monitoring

• Experience operating or hardening Web3-facing infrastructure

• SIEM deployment and tuning: Splunk, Elastic SIEM, Microsoft Sentinel, or similar — writing detection rules, building dashboards, reducing false positive rates

• Bug bounty program management: HackerOne, Bugcrowd, or equivalent — triage, researcher communication, severity classification

Benefits

• Learning support - courses, English classes, and conferences (up to 100% reimbursement)

• Unique loyalty program - receive corporate digital miners and earn passive income with no investment

• Team culture: retreats in international locations (for example, company apartments in Cyprus).

• Memorable events with wow prizes - we celebrate big occasions in a big way

• “Employee of the Month” award - we recognize and reward our top performers

• Paid leave: up to 28 vacation days +  8 company holidays + 5 personal days per year

• New career tracks - real opportunities to grow into expert or top management roles

• Work-life fit - flexible hours and remote work. You don’t need to chase balance - here, work is a part of life, not the opposite. We aim to make work inspiring, not exhausting. For us, results matter most.