Cloud Security Specialist

We successfully deliver an all-in-one tool - Synerise (YouTube link). An ever-evolving behavioral data platform, enhanced by AI to generate outstanding ROI in more than 30 markets for industry leaders in Retail, Banking, eCommerce, Automotive, Insurance, and Telco, processing more than 150 billion transactions annually. However, we don't limit ourselves solely to this solution. We're building BaseModel (website link) - a foundation model for behavioral data embedded within a novel platform for enterprise Data Science teams, that is another step on our path to create innovation in AI and demonstrate its potential for the business world.

‍

Having such great solutions, we are looking for a highly motivated Cloud Security Specialist to join our brave and brilliant Synerise Team. See if you fit our diverse and dynamic environment, where we constantly evolve together with the growth of our clients.

‍

What will you do on a daily basis?

• Monitor and secure cloud environments, primarily on Azure and Google Cloud Platform (GCP), leveraging their built-in security tools and mechanisms and implement custom tools and controls for self-hosted components based on IaaS.
• Implement and manage security measures for containerized platforms using Kubernetes and Docker, focusing on microservices-based architectures.
• Design, implement, and maintain DevSecOps solutions in CI/CD pipelines, integrating tools for: code security analysis; vulnerability management and software composition analysis (SCA); security testing for applications and infrastructure.
• Collaborate with DevOps and development teams to embed “security by design” principles throughout the product development lifecycle.
• Conduct security audits, including regular penetration tests and vulnerability scans, for both applications and infrastructure.
• Analyze security incidents, perform root cause investigations, and implement remediation strategies.
• Develop, implement, and maintain security policies and standards based on best practices (e.g., ISO 27001, NIST CSF, CIS Benchmarks).
• Provide education and training for teams on application and infrastructure security.

‍

What will make us a perfect match?

• At least 3 years of experience in IT security, with a focus on cloud-native environments.
• In-depth knowledge of Kubernetes security (e.g., RBAC, network policies, pod security standards) and hands-on experience managing microservices architectures.
• Proven experience implementing DevSecOps solutions, including: securing CI/CD pipelines (e.g., GitLab CI/CD, ArgoCD); using tools for code security and vulnerability scanning; automating security processes for application risk management.
• Proven experience implementing DevSecOps solutions, including: strong expertise in Azure and Google Cloud Platform (GCP) security features and tools (e.g., Azure Security Center, Google Cloud Security Command Center).
• Strong understanding of security threats and attack techniques relevant to containerized and cloud-native environments.
• Proficiency with scripting languages (e.g., Python, Bash) to automate security processes.
• Familiarity with monitoring and logging tools (e.g., Elastic Stack, Prometheus, Grafana).
• Knowledge of security frameworks and best practices (e.g., OWASP SAMM, NIST CSF) and compliance regulations (e.g., GDPR).
• Preferred certifications: CKS (Certified Kubernetes Security Specialist), CISSP, Azure/GCP Security Specialty, CEH, or similar.\

What can we provide for you?

• Chance to grow in both engineering and inter-personal aspects.
• Have a significant impact on our IT support area and the opportunity to implement improvements.
• Being a member of a team of people that focuses on relationships and a good atmosphere.
• A chance to take part in building strategic and ambitious Big Data-related products used by international top clients from various fields.
• An opportunity to work in a fast-growing company in the field of AI and marketing automation.
• Possibility to have a real impact on promoting and raising awareness of Synerise solutions among potential customers, business partners, and the industry community.
• Freedom to act.
• Flat structure with ample ownership opportunities.