Platform & Security Engineer

Are you passionate about cloud platform engineering with a strong focus on security, and ready to make a real impact in a highly autonomous team of cloud engineers and SecOps specialists?

We are looking for a dedicated and skilled Platform & Security Engineer to join our team. Your primary purpose will be to protect our organization's information and operational assets by embedding security practices directly into platform engineering.

You will be instrumental in our evolution from traditional cloud SecOps toward true platform engineering. Bring your developer mindset to SecOps to help us build paved paths, automate complex workflows, and lay the secure foundation for upcoming AI initiatives. In this role, you will be hands-on in providing a stable, secure, and resilient infrastructure foundation that our product and engineering teams can confidently build upon.

Your Responsibilities in Our Team

As a key player in a tight-knit team of specialists, your contributions will directly impact our cloud landscape and security posture. Your core responsibilities will include:

• Developer-Driven SecOps: Leverage your programming background to transition manual security and infrastructure processes into automated, self-service APIs and internal tooling, speaking the same language as our product engineers.

• Platform Operations: Design, implement, and operate cloud infrastructure (primarily AWS) as a secure, reliable platform, enabling self-service for engineering teams to deploy and run applications.

• Infrastructure Hardening: Apply defense-in-depth and zero-trust principles, implementing layered security controls across network, compute, identity, and data tiers.

• Security Standards & Governance: Develop, document, and enforce security standards, guidelines, and hardening baselines for software development (SDLC) and platform operations, driving adoption across the organization.

• Incident Response: Detect, triage, manage, and respond to cyber security incidents, owning the process from initial signal through resolution and post-mortem.

• Hands-on Security Engineering: Actively address vulnerabilities, implement security features (WAF rules, SIEM monitors, access policies), and improve overall platform resilience.

• Continuous Threat Review: Conduct ongoing reviews of security tooling (such as our CNAPP Wiz), processes, and controls in response to new threats, architecture changes, and internal risk assessments.

• Harness Engineering: Extend and improve our tooling that supports the Agent-Harnesses to safeguard AI-assisted development workflows across the SDLC.

• Stakeholder Collaboration: Coordinate, communicate, and align seamlessly with key stakeholders including the CTO, CISO, Engineering Managers, Tech Leads, and cross-functional product teams.

Typical Projects You Will Tackle:

• Building custom internal integrations and automation scripts using Go and TypeScript to streamline platform operations.

• Laying the secure cloud boundaries, API gateways, and guardrails required for engineering teams to safely experiment with and integrate AI models.

• Cloud infrastructure setup, migration, and hardening (AWS networking, IAM, ECS, storage).

• Zero-trust architecture and identity/access management (IAM) across platform and SaaS tooling.

• SIEM and detection coverage (rulebook design, alert tuning, gap analysis).

• Secrets management, certificate lifecycle automation, and WAF/DDoS perimeter security.

• Developer security enablement via secure defaults, pipeline integrations, harness improvements and guardrails.

Your Profile

• Developer Empathy: You understand the Go and TypeScript ecosystems from a developer’s perspective. You know how to secure software supply chains and integrate security seamlessly into CI/CD pipelines without slowing the product teams down.

• Manager-of-one: You are highly self-sufficient, taking full ownership of tasks and projects without requiring close supervision.

• Good Communicator: You can explain complex technical details clearly and collaborate effectively with diverse teams and stakeholders.

• Eager to Learn: You have a passion for learning new technologies and are always curious to dive into unknown territory.

• Excited About Tech: You love tackling challenging technical problems, have a genuine passion for tech, and are sufficiently nerdy (and "nerd-snipeable"!).

• Reliable & Quality-Aware: You deliver on time while paying close attention to detail and maintaining high standards in your work.

Your Tech Stack & Tools

• Daily (High Proficiency): Terraform/OpenTofu, Shell-scripting, and core AWS services (VPC/Networking, EC2, ELB, Route53, IAM, RDS, CloudFront, Lambda, S3, CloudTrail, CloudWatch Logs, StepFunctions).

• Weekly (Familiarity & Automation): Go, TypeScript, GitHub Actions, Docker, Kubernetes (K8s), GitOps, Datadog (Cloud-Native Observability), and Wiz (CNAPP).

• Monthly (Occasional Use): Python, Java/Kotlin, Helm, Maven, Gradle, Spring framework, RabbitMQ.

Your Benefits With Us

• Benefits package – private medical care and a sports card to support your health and well-being

• Access to Udemy Business – boost your skills with thousands of high-quality online courses

• Flexible work model – work fully remotely or combine it with on-site collaboration at our modern office in Warsaw

• Employment options tailored to you – pick the contract type that best fits your needs

• Flexible Working Hours – adjust your schedule to fit your lifestyle

• Unique experience in the Fitness and SaaS industry – join a market-leading company in a dynamic, fast-growing industry

• International team – work alongside talented colleagues from around the world in a diverse and inclusive environment

• Unforgettable company events – take part in engaging team-building activities and memorable celebrations