About this role
We are looking for a hands-on Security Operations Engineer to own and evolve our security posture across infrastructure, endpoints, and internal systems. You will be the primary driver of day-to-day security operations — from managing protective tooling to responding to incidents and coordinating audits. This is a high-ownership role with direct impact on how the company detects, responds to, and prevents security threats.
Responsibilities:Security Systems Management Own the configuration, maintenance, and continuous improvement of security tooling across the organization — including DLP (Data Loss Prevention), MDM (Mobile Device Management), SIEM, and endpoint protection platforms. Ensure policies are enforced, coverage is complete, and tooling stays current with evolving threats and business needs.Incident Management Act as the first responder for security incidents: triage alerts, investigate root causes, coordinate containment and remediation, and produce clear post-mortem reports. Build and refine runbooks and playbooks to reduce response time and improve team readiness over time.Infrastructure Security Partner with DevOps and Engineering teams to embed security across cloud infrastructure, Kubernetes workloads, CI/CD pipelines, and network layers. Conduct regular reviews of IAM policies, secrets management, network segmentation, and access controls to identify and close gaps before they become incidents.Audit & Penetration Testing Coordinate internal and external security audits, manage relationships with pentest vendors, and track remediation of findings through to closure. Conduct ongoing vulnerability assessments and support compliance activities (SOC 2, ISO 27001, PCI DSS, or equivalent) by maintaining evidence and responding to auditor requests.Requirements
Security Systems & Tooling
Hands-on experience administering DLP platforms (Forcepoint, Symantec DLP, Teramind, Nightfall, or similar) — policy authoring, tuning, and alert managementMDM administration experience: Jamf, Kandji, Microsoft Intune, or equivalent — device enrollment, compliance policies, remote wipe, certificate managementFamiliarity with PAM solutions (CyberArk, HashiCorp Vault, BeyondTrust) and secrets lifecycle managementEmail security tooling: DMARC/DKIM/SPF configuration, anti-phishing platforms (Proofpoint, Mimecast)Infrastructure & Cloud Security
Network security fundamentals: firewall rule management, IDS/IPS configuration, zero-trust access models, VPN and ZTNA (Cloudflare Access, Tailscale, Zscaler)Infrastructure-as-Code security scanning: Checkov, tfsec, KICS for Terraform/Helm/Kubernetes manifestsIncident Response & Threat Intelligence
Structured incident response methodology: NIST SP 800-61, PICERL, or equivalent frameworkDigital forensics basics: memory and disk image acquisition, log preservation and chain of custody, timeline reconstructionThreat intelligence platforms and feeds: MISP, OpenCTI, VirusTotal, Shodan — IOC enrichment and threat correlationPractical knowledge of MITRE ATT&CK framework for detection mapping and adversary emulationAudit & Vulnerability Management
Vulnerability scanning and management: Nessus, Qualys, Wiz, Orca Security — prioritization, SLA tracking, and remediation coordinationPentest coordination: scoping, managing NDA/RoE, validating findings, tracking remediation through to closureWeb application security fundamentals: OWASP Top 10, common API vulnerabilities, ability to validate findings from external researchers
Nice to Have
Experience in fintech, crypto, or another regulated industryRelevant certifications: OSCP, CEH, GCIA, GCIH, GWAPT, Security+, CISSP, AWS Security Specialty, or CKS (Certified Kubernetes Security Specialist)Compliance frameworks: SOC 2 Type II, ISO 27001, PCI DSS — evidence collection, control mapping, auditor interactionExposure to blockchain-specific security considerations: smart contract audit basics, wallet security, on-chain threat monitoringExperience operating or hardening Web3-facing infrastructureSIEM deployment and tuning: Splunk, Elastic SIEM, Microsoft Sentinel, or similar — writing detection rules, building dashboards, reducing false positive ratesBug bounty program management: HackerOne, Bugcrowd, or equivalent — triage, researcher communication, severity classificationBenefits
Learning support - courses, English classes, and conferences (up to 100% reimbursement)Unique loyalty program - receive corporate digital miners and earn passive income with no investmentTeam culture: retreats in international locations (for example, company apartments in Cyprus).Memorable events with wow prizes - we celebrate big occasions in a big way“Employee of the Month” award - we recognize and reward our top performersPaid leave: up to 20 vacation days + 8 company holidays + 5 personal days per yearNew career tracks - real opportunities to grow into expert or top management rolesWork-life fit - flexible hours and remote work. You don’t need to chase balance - here, work is a part of life, not the opposite. We aim to make work inspiring, not exhausting. For us, results matter most.