About the role

This role is responsible for owning the performance, reliability, security, and operation of the company’s SQL and NoSQL database platforms.  The role operates within a database team who partners with application engineering, platform, and security teams to ensure databases are scalable, resilient, secure, and observable across all environments.

Responsibilities

Platform Performance & Scalability

• Own end‑to‑end performance of SQL and NoSQL databases across environments, including query optimization, indexing strategies, execution plan analysis, and tuning of database runtime parameters (e.g., PostgreSQL query plans, MongoDB indexes, DynamoDB access patterns).
• Proactively prevent performance regressions through representative load testing, performance analysis tooling, and CI/CD validation gates.
• Partner with application teams on schema design, data modeling, and workload‑driven performance improvements, including relational schemas, document models, and NoSQL access patterns.

Reliability, High Availability & Disaster Recovery

• Design, operate, and harden production‑grade SQL, NoSQL, and document database systems with strong replication, failover, backup/restore, and security controls.
• Define, implement, and validate backup and disaster recovery strategies, including routine restore testing and compliance with RPO/RTO objectives.

Observability & Operational Excellence

• Establish SLIs and SLOs for database health, including latency, error rates, contention, replication lag, storage growth, and cache efficiency across SQL & NoSQL databases.
• Deliver actionable dashboards and alerts and maintain operational runbooks alongside up‑to‑date documentation.
• Lead or participate in production incident response and post‑incident reviews related to database platforms.

Security, Governance & Automation

• Enforce database security best practices in partnership with InfoSec, including least privilege access, RBAC, auditing, encryption, secure secret handling, access reviews, and secure service‑to‑database authentication across SQL and NoSQL data stores.
• Codify database infrastructure and operations using Infrastructure as Code (Terraform) and CI/CD pipelines.
• Standardize baseline configurations, schema migration practices, and operational guardrails across relational, document, and NoSQL databases.

Qualifications

• Hands‑on experience operating production‑scale SQL and NoSQL databases, with strong troubleshooting skills under pressure.
• Experience with managed cloud database services, including SQL and NoSQL databases (e.g., AWS RDS/Aurora PostgreSQL, MongoDB Atlas, DocumentDB, DynamoDB).
• Deep expertise across the following areas like performance tuning, indexing, query optimization, vacuum/auto vacuum,bloat management, data modeling, backup/restore, capacity planning, scalability design, and cost/performance trade‑offs
• Experience with observability, alerting, and operational metrics for data platforms.
• Automation‑first mindset with hands‑on experience in Infrastructure as Code, Gitlab CI/CD pipelines, and repeatable operational runbooks.
• Experience with IAM‑based access controls, KMS/encryption, secrets management, and compliance‑driven governance controls.
• Proven experience developing and maintaining Terraform modules.
• Strong Linux fundamentals and scripting experience (Bash and/or Python).
• Experience with Docker and Kubernetes for database‑adjacent workloads.

Employees in this role will work fully remote. Every department has different needs, and some positions will be designated in-office jobs, based on their function.

Benefits

iCapital offers a comprehensive benefits package that includes a total compensation program consisting of competitive salary, annual performance bonus, and equity for all full-time employees; healthcare with 100% employer-paid health and dental insurance; and generous paid time off (PTO).

For additional information on iCapital Network, please visit https://www.icapitalnetwork.com/about-us  Twitter: @icapitalnetwork | LinkedIn: https://www.linkedin.com/company/icapital-network-inc

About DataCamp

DataCamp's mission is to empower everyone with the data and AI skills essential for 21st-century success. By providing practical, engaging learning experiences, DataCamp equips learners and organizations of all sizes to harness the power of data and AI. As a trusted partner to over 17 million learners and 6,000+ companies, including 80% of the Fortune 1000, DataCamp is leading the charge in addressing the critical data and AI skills shortage.

About the role

We are looking for a Senior Application Security Engineer to join our Engineering team and own the security posture of our software and development practices. This is a hands-on role for someone with a strong software engineering background who is genuinely passionate about security - not a traditional infosec role, but one that sits at the intersection of engineering and security.

You will be our primary security expert embedded in the Engineering organization, acting as the first responder on security topics - from bug bounty programs and penetration testing to vulnerability management and security risk tracking. You will work closely with our engineering teams to embed security guardrails into our development workflows, including our growing AI-assisted and Agentic development practices.

We are ISO 27001 certified and take our compliance obligations seriously. You will play a key role in ensuring our controls remain in place, evolving our security awareness program, and continuously improving the tools and practices that keep us ahead of the curve.

About you

At DataCamp, we seek individuals who embody our core values of data-driven decision-making, action, transparency, ownership, and customer focus. You thrive in a fast-paced, high-performing environment and are driven by a passion for making a meaningful impact. You're adaptable, embracing change and ambiguity with enthusiasm. Your initiative and entrepreneurial spirit push you beyond just meeting targets—you aim to understand the "why" behind our goals and take ownership to drive the business forward. You’re a collaborative team player who values transparency and always seeks to improve and innovate. If this sounds like you, we encourage you to apply!

Responsibilities

• Own vulnerability management end-to-end: triage, prioritize, track, and drive remediation across the engineering organization
• Act as the first responder from Engineering on security topics, including bug bounty programs, penetration testing engagements, and security incidents
• Maintain and evolve our application security tooling (JFrog X-Ray, SonarCloud, OWASP ZAP) and integrate security checks into CI/CD pipelines
• Partner with engineering teams to embed security guardrails into development workflows - including AI-assisted and Agentic development practices
• Drive adoption of secure coding standards and OWASP best practices across the engineering organization (OWASP Top 10 for Web and API)
• Support and evolve our ISO 27001 compliance program, ensuring controls are in place, monitored, and continuously improved
• Run and evolve our annual security awareness training for developers
• Track and communicate security risks to engineering leadership and relevant stakeholders
• Evaluate and adopt new security tools and practices as the threat landscape and our technology evolve

Qualifications

• 6+ years of software engineering or application security experience, with a strong coding background - you can read, write, and review code across multiple languages
• Strong TypeScript/Node.js experience; good knowledge of Ruby on Rails, React, Kubernetes, and AWS
• Deep understanding of application security concepts: OWASP Top 10 (Web and API), vulnerability management, secure SDLC, and threat modeling
• Hands-on experience with application security tooling such as SAST, DAST, and SCA - experience with JFrog X-Ray, SonarCloud, or OWASP ZAP is a plus
• Experience coordinating or participating in bug bounty programs and penetration testing engagements
• Experience working within ISO 27001 or similar compliance frameworks - experience with compliance monitoring tools (e.g., Vanta) is a plus
• Experience integrating security practices into CI/CD pipelines and developer workflows
• Able to take a security initiative from problem identification through to implementation - you drive things to completion and don't wait to be pushed
• Already working with AI-assisted development tools (e.g., Claude Code, Cursor) in your day-to-day workflow, with solid understanding of AI Engineering concepts and Agentic systems - including the security implications they introduce
• Strong communication skills - you can explain complex security topics to engineers and non-technical stakeholders alike
• Comfortable working across engineering teams without direct authority - you communicate security risks clearly and pragmatically, without blocking delivery

Why Datacamp? 

Joining DataCamp means becoming part of a dynamic, creative, and international start-up. Here are just a few of the reasons why you’ll love being on our team:

• Exciting challenges: Face new technical challenges daily, keeping your work engaging and rewarding.
• Competitive compensation: We offer a competitive salary with attractive benefits.
• Flexibility: Benefit from flexible working hours because the future is flexible! 
• Continuous learning: Access a yearly learning budget for conferences & training to support your professional growth.
• Global retreats: Participate in international company retreats, fostering a global team spirit.
• Equipment: Yearly refreshment of your IT Equipment budget for your home working setup.
• Amazing team: Collaborate with a truly exceptional team—seriously, we’re awesome!

Your wellbeing, our mission. Join a company shaping a healthier world.

GET TO KNOW US

At Wellhub we're revolutionizing workplace wellness. Our platform connects employees worldwide to the best partners for fitness, mindfulness, therapy, nutrition, and sleep—all in one simple subscription. Headquartered in NYC with team members in 11 countries, we’re on a mission to make every company a wellness company.

We believe work should be fulfilling, inspiring, and balanced. Here, you’ll find a team that values wellbeing, collaboration, and different perspectives, where passion and creativity push boundaries to create real impact. Your contributions will help shape a healthier, more balanced world for you and millions of people globally. 

Join us in redefining the future of wellbeing!

THE OPPORTUNITY

We are hiring a Director of Security Engineering for our Information Security team in Portugal! This is a Remote – Portugal position, meaning you can work from anywhere within the country. Please note that this role is only open to candidates in Brazil. 

The Information Security team is responsible for protecting our subscription-based product serving millions of users. As a Director of Security Engineering, you will be the technical leader driving application security, DevSecOps practices, and security engineering across our 10 product verticals. This is a unique opportunity to build security capabilities in a high-growth environment. You will help construct the technical security strategy, architect security solutions, lead threat modeling, and establish secure development practices across all engineering teams. The role requires deep technical expertise in application security, cloud security, and modern DevSecOps practices.In this capacity, you will serve as the primary architect for our security engineering roadmap, ensuring that protection is integrated at every stage. You will oversee the deployment of automated security tooling, mentor senior engineers in advanced vulnerability research, and partner with product leaders to balance rapid feature delivery with robust risk mitigation. Your leadership will be pivotal in scaling our security posture to meet the demands of a global, multi-vertical ecosystem while fostering a culture of shared security responsibility.

YOUR IMPACT 

• Lead the technical security strategy for product and application security, defining architecture standards, security baselines, and secure coding guidelines aligned with OWASP ASVS, NIST SSDF, and BSIMM frameworks.
• Architect and implement a comprehensive DevSecOps pipeline, integrating SAST, DAST, SCA, and container scanning across all CI/CD pipelines serving 10 product verticals.
• Drive threat modeling practices across critical product flows, partnering with engineering leads to identify and mitigate security risks before they reach production.
• Design and implement a centralized security telemetry architecture, connecting application logs, WAF events, and fraud signals into a unified SIEM platform for real-time detection.
• Lead the technical evaluation, selection, and implementation of security tools (SAST/DAST, SIEM/SOAR, PAM, API Gateway security, container security scanners).
• Establish and mentor a team of 7-8 embedded DevSecOps engineers across product verticals, providing technical guidance and ensuring consistent security standards.
• Own the technical roadmap for reducing MTTD from >48h to <1h and fraud detection from D+1 to real-time through security engineering and automation.
• Live the mission: inspire and empower others by genuinely caring for your own wellbeing and your colleagues. Bring wellbeing to the forefront of work, and create a supportive environment where everyone feels comfortable taking care of themselves, taking time off, and finding work-life balance.

WHO YOU ARE 

• A seasoned security engineer with experience in application security, cloud security, or security engineering, with at least 4 years in a senior technical leadership role.
• Deep expertise in secure software development lifecycle (SSDLC), threat modeling (STRIDE, PASTA), and security architecture for distributed systems and microservices.
• Hands-on experience with security tooling: SAST (Checkmarx, Snyk, SonarQube), DAST (Burp Suite, OWASP ZAP), SCA, container scanning (Trivy, Prisma), and SIEM platforms (Elastic, Splunk, Sentinel).
• Extensive knowledge of cloud security (AWS and/or GCP), including IAM, VPC security, secrets management, and container orchestration security (Kubernetes/EKS).
• Experience building and scaling DevSecOps programs, integrating security into CI/CD pipelines, and mentoring engineering teams on secure coding practices.
• Proficiency in at least two programming languages (Python, Go, Java, or JavaScript) with the ability to review code, write security tooling, and automate security workflows.
• Familiarity with compliance frameworks (ISO 27001, PCI DSS, LGPD/GDPR) and how they translate into technical security controls.
• Effective communication skills (Portuguese and English) to translate complex technical security concepts into actionable guidance for engineering teams at all levels.
• We recognize that individuals approach job applications differently. We strongly encourage all aspiring applicants to go for it, even if they don't match the job description 100%.
• For this specific role, please note that prior experience in application security engineering and DevSecOps pipeline implementation is a mandatory requirement.

WHAT WE OFFER YOU

With thoughtful benefits, emotional wellbeing resources, and a culture that empowers you to take ownership of your role and your wellbeing, we create an environment where you can thrive in all dimensions of your life. Our benefits include:

WELLHUB:  Free Gold membership with access to onsite gyms and studios, digital fitness programs, and online wellness resources for meditation, nutrition, mental wellbeing support, and more! Add up to three family members to your plan, ensuring access to wellness for those who matter most to you. 

HEALTHCARE: Health insurance.

FLEXIBLE WORK: As a Flexible First company, we offer hybrid and remote options to give you the freedom to work in a way that suits you. The model for this specific role can be discussed with your recruiter and hiring manager. We offer all employees a one-time reimbursement to set up their home office equipment and a monthly work allowance to help cover the costs of working from home.

FLEXIBLE SCHEDULE:  Flexibility for us isn’t just about where we work—it also means being able to shape how and when we get things done. Together with their leaders, employees define schedules that align with their time zones, team needs, and personal routines.

PAID TIME OFF: We know how important it is to take time away from work to recharge. Employees receive a minimum of 25 days paid holiday per year with an additional day for each year of tenure (up to 5) in addition to annual holidays (including an extra holiday on your birthday!).

PARENTAL LEAVE: Welcoming a new child is one of the most special moments in your life. Take the time to be present and enjoy your growing family. We offer 100% paid parental leave to all new parents. Parents giving birth are eligible for an extended leave and a ramp-back period to return part-time while they get settled.  

CAREER GROWTH: Access world-class platforms, participate in interactive sessions,  build your personalized development roadmap, and explore internal opportunities. We focus on continuous learning and feedback to support your journey toward personal and professional success. 

CULTURE: You’ll join a team of passionate people who come together to break boundaries, support each other, and create a meaningful impact in workplace wellness. We win together, building trust through open communication and a culture where every perspective matters. Learn more about our shared culture and values here. 

And to get a glimpse of life at Wellhub… Follow us on Instagram @lifeatwellhub and LinkedIn!

Diversity, Equity, and Belonging at Wellhub

We aim to create a collaborative, supportive, and inclusive space where everyone knows they belong. At Wellhub, we welcome and celebrate your authentic self.

Wellhub is committed to creating a diverse work environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex, gender identity or expression, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status, or any other basis covered by appropriate law.

Our commitment to inclusion also extends to how we recognize and reward our people. We’re proud to be Syndio Fair Pay Certified, reflecting our ongoing dedication to equitable and fair pay practices across our global team. Read more about it here.

Questions on how we treat your personal data? See our Aviso de Privacidade para Candidatos. 

#LI-REMOTE

#LI-CM1

What You'll Do

• Manage the day-to-day operations of the Security Operations Center (SOC), including triaging, investigating, and resolving security incidents.
• Collaborate with other security teams to develop and implement security monitoring policies and procedures.
• Develop and maintain a comprehensive understanding of the organization's infrastructure, applications, and security controls.
• Ensure that security incidents are properly documented and reported in a timely manner.
• Manage relationships with external vendors and service providers that support the SOC.

What You'll Need

• MSc degree in Computer Science, Engineering, or a related field.
• 3-5 years of experience in a Security Operations Center environment, with at least 2+ years in a security engineering role.
• Hands-on experience with security monitoring technologies including EDR, Zscaler (ZPA/ZIA/ZDX), and Palo Alto firewalls.
• Strong understanding of EDR and WAF solutions, as well as Zscaler and Palo Alto firewall technologies.
• Knowledge of network protocols and infrastructure.
• Excellent analytical and problem-solving skills.
• Basic knowledge of Python programming or automation.
• Ability to communicate complex technical issues to non-technical stakeholders.
• Strong interpersonal skills as well as excellent written and verbal communication skills.

Preferred Qualifications

• Experience working in a global or multi-region security operations environment.
• Familiarity with SIEM platforms and log management tools.
• Exposure to threat intelligence and vulnerability management practices.
• Relevant security certifications (e.g., CompTIA Security+, CEH, GCIA, or similar).

Scopely is looking for a Principal Security Engineer to join our Information Security team in Spain/Portugal on a hybrid basis.

Our security team is dedicated to ensuring the security of our top games. This involves collaborating closely with game studios to develop and implement comprehensive security strategies throughout the game design and development lifecycle.

In addition, this role will drive the application of AI to transform how security is delivered across Product Security, Security Operations, and Security Engineering, improving efficiency, scalability, and impact.

What You Will Do

Game & Product Security Leadership

• Partner with game studios to develop comprehensive security strategies for game design and development
• Conduct threat modeling, vulnerability assessments, and security audits across all phases of game development
• Design and implement security controls and countermeasures to mitigate risks and ensure compliance with company policies, standards, and industry norms
• Collaborate with game teams to advocate for secure coding practices and integrate security at every level of the software development lifecycle
• Coordinate and participate in penetration tests and game feature security assessments
• Provide expert-level technical guidance to game teams to assist in securing games and backend infrastructure
• Translate business priorities, technical constraints, and threat intelligence into actionable security roadmaps

AI-Driven Security Transformation & Automation

• Identify and implement opportunities to apply AI to:
• Vulnerability triage, prioritization, and remediation
• Security operations workflows (alert analysis, investigation, response)
• Product security processes (code analysis, findings analysis, pentesting support)
• Build AI-driven workflows, tools, and agents to reduce manual effort and improve speed and accuracy
• Use AI to improve vulnerability management through triage support, risk classification, remediation guidance, and findings analysis
• Partner with Security Operations to improve detection, triage,investigation and response through automation and AI-assisted analysis
• Integrate AI capabilities into existing security platforms (e.g., Wiz, SIEM, Jira, IAM systems)
• Develop reusable AI-enabled components that scale across teams and studios
• Establish practical guardrails for the safe and effective use of AI in security, including data handling, quality control, and human review
• Define success metrics for AI-enabled workflows, including productivity gains, response times, remediation throughput, and signal quality

Security Engineering & Platform Enablement

• Design and implement scalable security solutions across cloud and backend systems
• Work closely with information security domain owners to ensure games adhere to all relevant security policies, standards, and regulatory requirements
• Develop and maintain comprehensive documentation on security architectures, processes, and decisions for technical and non-technical stakeholders
• Improve security engineering efficiency through automation and tooling
• Stay updated with the latest security technologies, trends, threats, and AI capabilities, continuously improving security practices

Stakeholder Engagement & Leadership

• Frequently interact with game studio leaders to understand their roadmaps, risk posture, and how information security can enable them to execute their vision securely
• Develop security-related roadmaps in partnership with game teams
• Regularly report to Information Security and Studio management on the threat landscape and security posture of games
• Act as a thought leader using both qualitative and quantitative risk assessment frameworks
• Lead and/or assist in security incidents and investigations

What We're Looking For

• 8+ years of experience in Product Security, software development, or cybersecurity
• Proven track record in securing large-scale software applications and systems
• Strong experience building automation and security tooling
• Hands-on experience applying AI/LLMs to operational workflows, including designing, evaluating, and safely deploying AI-assisted systems is highly desirable
• Ability to effectively communicate business risk and technical information clearly to both technical and non-technical audiences

Technical Expertise

• Expertise in modern programming languages such as Python and C#
• Strong understanding of:
• Application and product security
• Vulnerability management and pentesting methodologies
• API and backend security
• Experience with mobile application penetration testing, including traffic interception, runtime analysis and API security.
• Experience with modern development ecosystems, CI/CD pipelines, APIs, and developer platforms.
• Strong, hands-on experience with cloud computing environments including:
• AWS shared responsibility model
• IAM and access control
• Network security in the cloud
• Strong understanding of securing cloud workloads including configuration, deployment, and auditing
• Deep knowledge of Linux security practices

Additional Strengths

• Demonstrated ability to think like both an attacker and defender
• Experience architecting for and managing high-scale, high-velocity workloads in AWS preferred
• Familiarity with security frameworks (e.g., OWASP, NIST Cybersecurity Framework) and compliance regulations (e.g., GDPR, CCPA, ISO 27001)
• Excellent analytical, problem-solving, and decision-making skills
• Exceptional communication and leadership skills, with the ability to influence across teams

Bonus Points

• Experience applying AI to security, automation, or developer workflows
• Previous experience at a game company
• Familiarity with:
• RAG architectures
• Vector databases (e.g., pgvector)
• AI-assisted code analysis or pentesting

Please ensure that the résumé/CV you attach is written in English.

Responsibilities

We're looking for a hands-on Platform/Observability Engineer to join our infrastructure team. You'll own and evolve our observability stack - from logging pipelines and tracing to metrics and alerting - across a multi-datacenter, Kubernetes-based environment. This is a production-first role: you'll be expected to ship, iterate, and improve systems under real delivery pressure, not just design them on paper.
You'll work closely with other infra and product engineering teams to improve observability coverage, reduce operational toil, and help the broader organization adopt better practices.
Tech Stack Highlights: OpenTelemetry · Kafka · Vector · VictoriaMetrics · EKS · Kubernetes · Logging pipelines · Distributed tracing · SPM· AWS

• Designing, deploying, and maintaining production observability stacks (logs, metrics, traces)

• Scaling observability infrastructure across multiple data centers and Kubernetes clusters

• Owning logging pipeline architecture and refactoring efforts

• Improving distributed tracing coverage and driving adoption across engineering teams

• Managing EKS upgrades, node exporters, agents, and collectors

• Automating operational tasks to reduce toil and improve system stability

• Contributing to compliance and audit readiness (access controls, data handling, pipeline integrity)

• Evaluating and adopting new observability tooling - knowing what's worth pursuing and what isn't

Requirements

Core technical experience:

• 8+ years of industry experience

• Solid hands-on production experience with observability systems

• Strong plus - familiarity with OpenTelemetry, Kafka, Vector, and VictoriaMetrics (vmagent, alerting rules)

• Experience with logging pipelines: design, deployment, and refactoring

• Understanding of distributed tracing and SPM (Service Performance Monitoring) built on top of tracing

• Experience with Kubernetes cluster lifecycle management (EKS preferred)

• Practical knowledge of storage trade-offs for observability data at scale

Nice to have  

• Experience using AI to automate infrastructure or observability tasks (e.g., automated RCA, PR generation, deployment workflows)

• Familiarity with AI-assisted tooling selection and workflow integration

• Experience with MCP (custom or open-source implementations)

• Background in cloud account or environment migrations

• Experience preparing infrastructure for compliance/audit processes

• Understanding network architecture, troubleshooting and incident resolution skills in Production environment, writing Post-mortems.

• Experience with containers and Kubernetes (installation and configuration of operators). 

• Basic knowledge of one or more high-level programming languages, such as Python, Golang, Java

Soft Skills / Personal Characteristics

• Good communication and collaboration skills in international technological companies.

• Interest in modern big distributed storage technologies, architectures.

• Good Spoken English to participate in product-related, architectural and technical discussions.

• Proper balance between being hands-on and deeper analytical approaches

(REQ ID: 2640)

What is The Role

elastic.co is how Elastic talks to the world — it's where potential customers first encounter our products and where existing ones come to learn more. As a Software Engineer II on the Web Engineering team you'll own meaningful parts of that experience: building the features, systems, and infrastructure that keep the site fast, reliable, and effective at scale. The ideal candidate should have experience with front-end technologies plus an interest in CI/CD.

You'll work closely with stakeholders across the company to ship features that improve the site's quality and performance in a distributed, async-first environment.

What You Will Be Doing

• Develop and maintain the front-end stack from component design to deployment pipeline, and ship production code end-to-end.
• Instrument client-side performance (Core Web Vitals, error tracking, real-user monitoring) alongside backend logging, metrics, tracing, alerting, and dashboards.
• Partner with product managers, designers, and other developers to build, test, and release features for elastic.co.
• Write clean, maintainable, and well-documented code.
• Participate in code reviews for your team.
• Diagnose and resolve production issues spanning client regressions to backend failures, and participate in an on-call rotation for an always-on service.

What You Bring

• 3+ years working in a frontend-focused role with proven TypeScript and React depth across component architecture, performance, and state management.
• Working proficiency in at least one of Node.js, Python, or Go.
• Experience owning CI/CD pipelines (GitHub Actions, Jenkins, or equivalent) end-to-end, including front-end build tooling, bundle optimization, and deployment automation without a dedicated ops team.
• A track record of building for high availability, security, and scalability at real production scale.
• Ability to work autonomously in a globally distributed team.

What Is The Role : 

Developers and community matter. Our users and contributors have helped ensure that the Elastic Stack (including Elasticsearch, Kibana, Beats, and Logstash) is more than just code — they are open source projects that people love to use.

We’re looking for someone who can connect with our global audience through creative, educational, and visually engaging content. You don’t need to be a Senior Engineer — but you should have a strong technical foundation, curiosity to learn, and the skills to tell compelling stories about technology.

Your work will combine writing, visuals, and video — with no waiting on others to get it done. From drafting a Twitter thread in the morning to publishing an infographic and editing a short video in the afternoon, you’ll take ideas from concept to launch, end to end.

What You Will Be Doing:

• Create engaging technical content for social media, blogs, and YouTube, covering Search, AI, and Elasticsearch in ways that are approachable and inspiring. Topics range from foundational and evergreen topics to today's LLM release.
• Write short-form content (Twitter threads, LinkedIn posts) that distills complex concepts into clear, shareable insights.
• Produce simple, high-quality videos and infographics yourself — from scripting and recording to editing and publishing.
• Explore new trends in Search, AI, and developer tools, and translate them into content our audience cares about.
• Build demos and examples to support your content or share the highlights of the latest research papers.
• Add a creative spark to Elastic’s content to keep our community engaged and draw in new audiences.

What You Bring : 

• Solid technical background and experience in an engineering role.
• Demonstrated ability to create a variety of content formats: blog posts, social media threads, videos, infographics.
• Comfortable working independently and seeing projects through from idea to publication without waiting on others.
• Curiosity and adaptability to quickly pick up new tools and topics.
• A collaborative mindset and willingness to share ideas, in a fully distributed team.
• Strong written and spoken communication skills in English.

What Is The Role:

As part of the Platform Engineering department, the Traffic team is crafting, building, and improving the multi-cloud platform at scale for Elastic Cloud Hosted and Serverless. We grow and mature our distributed network services and solutions for multiple cloud service provider platforms. We are built on Kubernetes, Go/Scala, and custom orchestration architectures. In your daily life with us, you will participate in coding, innovating technical designs, crafting solutions, improving resilience, and prioritizing security, bug fixes, and features. For example, Debugging Azure Networking for Elastic Cloud Serverless is part of our efforts, and we want your experience to contribute to a truly exceptional customer experience!

What You Will Be Doing:

• Taking an engineering approach in leading technical initiatives for automating network engineering efforts to guarantee the reliability of the global Elastic infrastructure. .
• Growing our global Platform infrastructure to meet the increasing scaling demands by developing and maintaining software, codebases, tooling and automations.
• Collaborating in an environment with an inclusive approach, and focusing on operational perfection which uplifts others.
• Preventing repeated customer impact in response to major incidents and prioritised problem management. Our on call rotation is spread well, and we address complex customer concerns too.

What You Bring:

• 10+ years in Software Engineering with product success in delivering Cloud network solutions. You collaborate with engineers as an authority in identifying, implementing and delivering solutions. Experience in public cloud, Go and managed Kubernetes services is advantageous.
• Success and lessons of experiences from striving for 'progress not perfection' in the name of Platform reliability. We want to hear about your customer first approach in solving operational problems for both today and the future.
• Passion for developing solutions that involve inclusive communication methods to grow and strengthen partner and team relationships. Examples of working in distributed teams or working remotely is desirable.

Bonus Points:

You don't need to have all of these items, but these represent the types of work you will do as a Software Engineer at Elastic.

• You have designed and built a SaaS product in a public cloud ideally built using Infrastructure-as-Code tooling such as Crossplane or Terraform
• You have built Kubernetes-at-scale infrastructure, ideally across multiple cloud providers, and the vital automation to support it.
• You have written product features or functions in Golang or other programming languages.
• You have worked with containerized services (such as Docker.)
• You have proven results in leading and improving cross-team engineering initiatives.
• You have experience in system administration with professional skills in Linux on distributed systems at scale.
• You have diagnosed or designed, implemented and created solutions with the Elastic Stack.
• You are experienced in a self-organizing and sharing in a globally distributed team environment.
• You strengthen team members in bringing out the best of each other by uplifting others with coaching and mentoring.

What is The Role

Elastic is building Agent Builder, a conversational platform that connects production agents to real customer business data in Elasticsearch. As a Principal Engineer, you will set technical direction and drive the Kibana backend architecture for the agentic platform: streaming APIs, secure tool execution, session and memory persistence, retrieval and citations contracts, and evaluation telemetry. Your influence will extend beyond a single feature, shaping service boundaries, reliability posture, and standards that other solutions build on.

What You Will Be Doing

• Own the architecture for chat back-end services (Node/TypeScript), defining service boundaries, data contracts, and scalability targets
• Lead cross-team design reviews; author ADRs and RFCs that become reference standards for AI-chat and ingestion work.
• Build and harden event-driven pipelines that capture chat telemetry, evaluation traces, and LLM feedback loops; expose them via self-service analytics endpoints.
• Champion reliability—define error budgets, introduce testing strategy, and steer incident-response playbooks for conversational workloads.
• Mentor senior and Junior engineers; grow their system-design skills and foster a high-trust, low-ego culture.
• Partner with Product, Design, and Data Science to translate ambiguous goals (e.g., “multi-step reasoning with tool calling”) into incremental, testable action items.
• Represent Elastic in open-source AI communities (LangGraph/LangChain, MCP/A2A) through design proposals, blog posts, and conference talks.

What You Bring

• We appreciate articulate and “low ego” people who want to grow as part of a team.
• 10 + years building distributed, production SaaS services—at least 5 years leading large-scale Node/TypeScript or similar back-end stacks.
• Deep expertise in distributed systems fundamentals—shard routing, consensus, eventual consistency, back-pressure, and circuit-breaker patterns.
• Demonstrated success designing high-throughput, low-latency APIs (gRPC / REST / WebSocket)—including streaming responses and resumable sessions.
• Hands-on experience with observability: OpenTelemetry, log/metric pipelines, synthetic checks, and SLO dashboards.
• Exposure to LLM tooling (LangChain/LangGraph, OpenAI function calls, vector-search, RAG orchestration) and enthusiasm for advancing GenAI architectures.
• Clear, persuasive written communication—your ADRs and RFCs set the standard others emulate.
• Nice-to-have: contribution history to Kibana or other large SPAs; ability to prototype front-end dashboards when it unblocks back-end work.

If this sounds interesting, we would love to hear from you! Please include whatever info you believe is relevant: resume, GitHub profile, code samples, blog posts and writing samples, links to personal projects, etc.

Position Overview

We are seeking a highly skilled DevOps/Cloud Platform Engineer to join our engineering organization and help drive the next generation of our infrastructure and CICD platform capabilities. In this role, you will be an integral part of our CICD release process, responsible for designing, operating, and optimizing CICD runners and environments, maintaining cloud infrastructure, and creating internal developer platforms that support fast, reliable, and secure software delivery. You will work closely with engineering, QA, data, and product teams to ensure our systems are scalable, resilient, and easy to use.

The ideal candidate brings a strong blend of CICD knowledge, cloud infrastructure expertise, DevOps mindset, and hands-on development skills. You will automate wherever possible, use Infrastructure as Code to maintain consistency, and leverage modern DevOps tooling, including AI-assisted automation to enhance operational efficiency and developer productivity.

This is an operations role for someone who thrives in solving complex technical problems, improving processes, and building platforms that accelerate engineering velocity.

What you'll do:

• Develop, enhance, and maintain CI/CD self-hosted infrastructure using modern DevOps tooling (GitHub Actions Runners stack, ArgoCD, FluxCD etc.).

• Automate infrastructure provisioning, configuration management, monitoring, and operational workflows using IaC and scripting languages.

• Own the deployment, maintenance, and lifecycle management of systems supporting engineering (Kubernetes clusters, container registries, artifact systems, and internal developer platforms) leveraging deep expertise in Kubernetes, container runtimes, and the broader cloud-native ecosystem (Helm, Kustomize, etc.).

• Troubleshoot complex infrastructure and application issues, driving root-cause analysis and developing long-term remediation solutions

• Design, build, and maintain cloud infrastructure across major cloud providers (AWS, GCP, Azure), and develop/support deployments of applications, services, and monitoring with a strong focus on scalability, reliability, and cost optimization.

• Develop internal tooling and automation using Terraform, Python, Go, or similar languages to streamline operational tasks and improve developer productivity.

• Implement and manage security best practices across cloud environments, including identity management, secrets handling, audit logging, and network controls.

• Leverage AI/ML tools to automate repetitive DevOps tasks, operational workflows.

Your Experience:

• 4-8+ years of experience in DevOps, Cloud Engineering, Systems Administration, or similar infrastructure-focused roles.

• Familiar with GIT and comfortable with at least one systems programming language (C/C++, golang) and one scripting language (python, bash).

• Proficiency with Infrastructure as Code (Terraform, Pulumi, or CloudFormation) and configuration management (Ansible, Chef, or SaltStack).

• Working knowledge of at least one of observability stacks (Prometheus, Grafana, ELK/OpenSearch, Datadog, etc.) and operational troubleshooting.

• Strong hands on experience with Kubernetes management in production environments

• Experience designing, developing, and/or troubleshooting distributed systems.

• Comfort with shells on *nix family systems.

• B.S. degree or equivalent experience in Engineering, Computer Science or a related field.

Preferred Qualifications:

• Hands-on experience building CI/CD pipelines from a user perspective (GitHub Workflows, GitLab pipelines, etc)

• Certifications from cloud service providers (AWS DevOps, GCP Devops Eng, etc)

• Natural curiosity or drive to learn about new or adjacent technologies.

• Experience applying AI/ML tools (GitHub Copilot, cloud AI services, LLM-based automations, anomaly detection tooling, etc.) to streamline DevOps and infrastructure workflows is a strong plus.

• Hands-on experience implementing AI-enhanced threat detection systems.

About us:

SingleStore delivers the cloud-native database with the speed and scale to power the world’s data-intensive applications. With a distributed SQL database that introduces simplicity to your data architecture by unifying transactions and analytics, SingleStore empowers digital leaders to deliver exceptional, real-time data experiences to their customers. SingleStore is venture-backed and headquartered in San Francisco with offices in Sunnyvale, Raleigh, Seattle, Boston, London, Lisbon, Bangalore, Dublin and Kyiv.

Consistent with our commitment to diversity & inclusion, we value individuals with the ability to work on diverse teams and with a diverse range of people.

To all recruitment agencies: SingleStore does not accept agency resumes. Please do not forward resumes to SingleStore employees. SingleStore is not responsible for any fees related to unsolicited resumes and will not pay fees to any third-party agency or company that does not have a signed agreement with the Company.

SingleStore values individuals for their unique skills and experiences, and we’re proud to offer roles in a variety of locations across the United States. Salary is based on permissible, non-discriminatory factors such as skills, experience, and geographic location, and is just one part of our total compensation and benefits package. 

For candidates residing in California, please see our California Recruitment Privacy Notice. For candidates residing in the EEA, UK, and Switzerland, please see our EEA, UK, and Swiss Recruitment Privacy Notice.

Role Overview:

Netskope is seeking a high-caliber Privacy Engineering Staff Engineer to bridge the gap between legal compliance, data protection technology, and core product engineering. This is a dual-impact role: you will be responsible for the technical "Privacy by Design" controls for the Netskope platform while serving as a strategic deputy to the Global Privacy & Data Protection Officer (DPO).

As the Strategic Deputy to the Global Privacy & Data Protection Officer (DPO), you move beyond task completion to achieve high-level organizational influence.

• Global Compliance Strategy: Support the execution of a multi-jurisdictional privacy program that anticipates the rapid evolution of global data protection laws.
• Board & Audit Influence: Translate complex technical privacy risks into compelling, quantifiable narratives for the Audit Committee and Board of Directors.
• Risk Governance: Oversee the operational maturity of our privacy program within LogicGate, ensuring a closed-loop system of accountability, audit readiness, and incident response.
• DPIA & Rights Leadership: Act as the technical authority for high-risk Data Protection Impact Assessments (DPIAs) and ensure our Data Subject Rights (DSAR) engine operates at optimal efficiency.

You will be the lead privacy architect ensuring that Netskope’s innovation is inherently respectful of data.

• Component Design Review: Lead the privacy-first technical review of every new component within the Netskope platform, engaging with engineering at the "whiteboard phase" to eliminate risks before they reach production.
• PET Implementation: Direct the integration of Privacy Enhancing Technologies (PETs) such as differential privacy, homomorphic encryption, and k-anonymity into the Netskope product suite.
• AI Governance Leadership: Hold a seat on the AI Governance Committee whilst supporting the AI Ambassador program to ensure that AI innovations are built on a foundation of responsible data use.
• Technical Data Defense: Enhance DLP, DSPM, and AI/ML-driven security within our AWS and corporate environments to set the "Gold Standard" for internal data protection.

Key Responsibilities

Product Privacy Engineering & PETs

• Architectural Oversight: Review all new component designs within the Netskope platform to ensure structural compliance with "Privacy by Design" principles.
• PET Integration: Lead the design and implementation of Privacy Enhancing Technologies (PETs) such as differential privacy, homomorphic encryption, or k-anonymity within Netskope product features.
• Early Engagement: Act as a dedicated privacy consultant to product engineering teams during the ideation phase to identify and mitigate privacy risks before code is written.

Deputy Data Protection Officer (DPO) Functions

• Regulatory Support: Support the DPO in managing multi-jurisdictional compliance as the number of global privacy laws continues to rise.
• DPIA Leadership: Conduct and oversee Data Protection Impact Assessments (DPIAs) for high-risk processing activities, ensuring they meet the standard of global regulations.
• Privacy Leadership: Engagement with Netskope customers and partners on privacy and data protection concerns. Provide executive leadership to CISO, Legal and Privacy teams for some of the largest and most prestigious organizations in the world.

Technical Data Protection & AI Governance

• Advanced Controls: Utilize DLP (Data Loss Prevention) and DSPM (Data Security Posture Management) to secure the corporate data lifecycle.
• AI/ML Security: Implement data protection strategies specifically for AI/ML workloads, managing risks associated with training data and model inference.
• AI Advocacy: Serve on the AI Governance Committee and support the AI Ambassador program, fostering a culture of responsible AI use across the organization.

Platform Management

• LogicGate Administration: Manage and optimize the privacy module within LogicGate to track risks, audits, and compliance tasks.
• Netskope Corp Tenant: Take administrative responsibility of the Netskope corporate tenant’s privacy controls, ensuring our own use of the platform is a "Gold Standard" for customers.

Technical Requirements

• AWS Cloud Expertise:
• Cloud-Native Data Protection
• Infrastructure Security
• DSPM Integration.
• Software Engineering Fundamentals.
• API
• Data Architecture Knowledge
• AI/ML

Leadership Competencies & Soft Skills

• Strategic Influence: Ability to translate complex technical privacy risks into business-level impacts for the Audit Committee and Executive Leadership.
• Collaborative Engineering: Proven track record of building "security-first and privacy-first" cultures within engineering teams without slowing down the development lifecycle.
• Ethical Leadership: Strong judgment and integrity, particularly when serving on the AI Governance Committee to balance innovation with ethical data use.
• Stakeholder Management: Excellent communication skills to manage relationships with third-party vendors, legal counsel, and regulators.

Candidate Profile & Qualifications

• Experience: 5+ years in senior technical roles, preferably with a background in security engineering, privacy engineering, or data governance.

#LI-CS1

The Security Team keeps Feedzai products and systems secure. We work on risk reduction and security issue mitigation as we continue to move forward and grow. We maintain compliance and security best practices aligned with industry standards, as we work in a very regulated environment and do develop our own software and services. The Security Team is involved from the beginning of production to meet and exceed our client expectations and be the top SME in the industry. We run our own Security Operations Center services and incident response with state of the art tools. We are dynamic, tenacious, and driven by our passion for fighting financial fraud and crime with our socially responsible products. Join Us!

You:

We are looking for a Senior Security Compliance Engineer. You will be responsible for making sure that both our software & our infrastructure is safe, helping to protect our customers. 

Your Day to Day:

• Ensure compliance with core applicable standards and regulations (PCI DSS, ISO/IEC 27001 and 27701, SOC 2, NIST, GDPR) & participate in the audit processes;
• Support clients, vendors, and regulatory audits, assessments, and information security requests;
• Review, implement and oversight the effectiveness of Feedzai's security framework as well as ensuring their effectiveness;
• Perform security risk assessments and provide prioritized remediation recommendations;
• Develop, review, and maintain policies, processes, and standards and implement procedures, controls, and other measures to ensure compliance with internal and legal regulations and requirements.

You have & You Know-How

• Knowledge of compliance and regulatory frameworks (PCI DSS, ISO/IEC 27001, SOC 2, NIST, CIS, GDPR, etc.);
• Understanding of cloud security concepts (e.g.: Amazon Web Services (AWS) IAM, GCP or Azure security principles, etc.) and integrating security controls through DevOps and Infrastructure as a Service (IaaS) techniques;
• Excellent communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
• Knowledge of container orchestration systems such as Kubernetes is welcomed.
• Experience working with Generative AI (GenAI) tools is a plus.

 #LI-Remote #LI-MG3

The Security Team keeps Feedzai products and systems secure. We work on risk reduction and security issue mitigation as we continue to move forward and grow. We maintain compliance and security best practices aligned with industry standards, as we work in a very regulated environment and do develop our own software and services. The Security Team is involved from the beginning of production to meet and exceed our client expectations and be the top SME in the industry. We run our own Security Operations Center services and incident response with state of the art tools. We are dynamic, tenacious, and driven by our passion for fighting financial fraud and crime with our socially responsible products. Join Us!

You

You’ll be working with a team that's responsible for the security across all ongoing initiatives, products, processes and applications at Feedzai. This will be a very senior role within this team, someone able to work across teams and coach other more junior team members also.

Your day–to–day

• Design and architect robust security controls with 'secure by default' principles, ensuring long-term maintainability and systemic incident resilience across the organization;
• Review technical designs to identify security weaknesses and provide assistance on how to address them;
• Provide subject matter expertise on security across ongoing initiatives to the organization;
• Lead the technical execution of multi-team security initiatives, influencing cross-team priorities and aligning technical roadmaps with direct business impact;
• Work closely with other functional areas and/or departments in the identification of requirements and designing of solutions;
• Produce high-quality narratives and investment cases supported by facts and data, translating complex security challenges into comprehensive business language for company-wide stakeholders;
• Perform internal and external penetration tests, ensuring timeliness and accuracy of reports;
• Assist in the support of compliance with core applicable standards and regulations (PCI DSS, ISO/IEC 27001, SOC 2, NIST, CIS, GDPR) and participate in the audit processes.

Your Have & You Know-How

• Willingness to learn and to stay up-to-date with the state of the art;
• Break things attitude, so that we can improve (hacker-type of attitude);
• Expert knowledge across web, application, hardware & network security;
• Solid understanding of encryption, key management & distribution;
• Extensive knowledge and experience with cloud service providers such as AWS, Azure, or GCP;
• Extensive knowledge with Kubernetes security;
• Knowledge of PCI DSS, ISO/IEC 27001, NIST, CIS, and GDPR standards and regulations preferred;
• Strong business and financial acumen, with the ability to understand the economic implications (cost efficiency, operational burden, time-to-value) of security engineering decisions;
• 4+ years of relevant professional experience;
• Demonstrated experience developing, deploying, and monitoring secure systems;
• Demonstrated experience implementing AI-driven approaches to optimize security workflows and leading the adoption of new AI technologies;
• Global experience in leading and supporting cross-functional projects, interacting effectively with all levels of the company;
• Track record of managing projects with quality, detail, and consistency;
• Background in engineering with a deep passion for making all things secure;
• Excellent communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.

 #LI-Remote #LI-MG3

As PandaDoc continues to scale, we’re expanding our security team and looking for an Application Security Engineer to help shape and strengthen our security foundations. In this role, you’ll take ownership of key security initiatives across our application, working closely with engineering to embed security into every stage of development. You’ll contribute to building a proactive, automation-driven security culture while addressing both current risks and emerging challenges, including AI security.

In this role, you will:

• Monitor and test information systems to identify vulnerabilities
• Execute or manage the remediation of identified vulnerabilities
• Respond to security incidents and perform root cause analysis
• Assess and understand PandaDoc’s current security framework and future architecture, providing recommendations for risk reduction
• Design, implement, maintain, and evangelize automated security solutions
• Work closely with engineering teams to implement new security controls
• Analyze and monitor relevant security threats and prevention measures based on industry trends and standards
• Perform cloud services hardening, including reviewing roles and permissions for services and APIs
• Help address emergent threats in AI security as PandaDoc deploys AI in its product and for internal use

Our stack:

• Service-oriented architecture
• Two main stacks: Java and Python
• Amazon Web Services: EKS, RDS, ElastiCache, etc.
• A combination of AWS native and 3rd party security tools for infrastructure and application security  (WAF, CNAPP, SCA/SAST, DAST, AWS GuardDuty, etc.)

About you:

• 2+ years of cloud security experience implementing security controls and best practices in AWS, GCP, or Microsoft Azure
• 2+ years of experience with security management tools, including IPS/IDS, WAF, vulnerability scanning, and penetration testing
• Good understanding of Access Control and Identity Access Management principles (SAML 2.0, OAuth, JWT, etc) 
• Experience with implementing DevSecOps practices in SSDLC
• Solid interpersonal, written, and verbal communication skills
• Upper-Intermediate English level (B2+)

Company Overview: 

PandaDoc empowers more than 60,000 growing organizations to thrive by taking the work out of document workflow. PandaDoc provides an all-in-one document workflow automation platform that helps fast scaling teams accelerate the ability to create, manage, and sign digital documents including proposals, quotes, contracts, and more.  For more information, please visit https://www.pandadoc.com.

Company Culture: 

We're known for our work-life balance, kind co-workers, & creative virtual team-bonding events. And although our Pandas are located across the globe, we stay connected with the help of technology and ensure that everyone on our team feels, well, like a team.

Pandas work best when they're happy. We retain our talent by upholding our values of integrity & transparency, and selling a product that changes the lives of our customers. 

Check out our LinkedIn to learn more.

Benefits:

• A competitive salary. If you are located in Poland, the salary range is 222000 to 334000 PLN annually.
• An honest, open culture that emphasizes feedback and promotes professional and personal development
• An opportunity to work from anywhere — our team is distributed worldwide, from Lisbon to Manila, from Florida to California
• 6 self care days
• And much more!

PandaDoc is an Equal Opportunity Employer. We are committed to equal treatment of all employees without regard to race, national origin, religion, gender, age, sexual orientation, veteran status, physical or mental disability or other basis protected by law.

EXTERNAL RECRUITERS

Approval Requirement

The use of external recruiters/staffing agencies requires prior approval from our HR Team. The HR Team at PandaDoc requests that external recruiters/staffing agencies not to contact PandaDoc employees directly in an attempt to present candidates. Complying with this request will be a factor in determining future professional relationships with PandaDoc.

We invite a Security Engineer. This is a full-time, office-based role (no remote/hybrid) in one of our hubs:

• Belgrade, Serbia
• Lisbon, Portugal
• Sofia, Bulgaria
• Warsaw, Poland

The final location will depend on business needs and the feasibility of relocation from your current spot.

✅ Requirements: 
Must-Have:
✔️ 5 years of experience in IT infrastructure administration or information security roles. 
✔️ Advanced administration of macOS, Windows, and Linux operating systems, including secure configuration, system hardening, access control management, and troubleshooting at the OS level. 
✔️ Understanding of networking fundamentals, including IP networking, routing, switching, and network protocol behaviour relevant to security analysis. 
✔️ Basic knowledge of regulatory requirements and standards such as ISO27001, ISO27701, PCI DSS, GDPR, and others. 
✔️ Administration and configuration of EDR/XDR platforms, including policy management, detection rule tuning, incident investigation, and endpoint threat response. 
✔️ Configuration and administration of enterprise VPN solutions, including secure remote access management, authentication policies, and network access control. 
✔️ Administration and tuning of DLP systems, including policy development, data classification integration, and monitoring of data exfiltration risks. 

Nice-to-Have:
✔️ Proficiency in working with any kind of simple scripts: bash, PowerShell or Python, etc.. 
✔️ Understanding of the basic principles of virtualisation platform functionality. 
✔️ Experience in complex implementation or support projects of enterprise information security solutions (any solution classes from the list): MDM, SIEM, DLP, PAM, NGFW, Endpoint Security. Etc..
✔️ Experience with deployment and administration of IDS/IPS solutions, including rule tuning and network threat detection. 
✔️ Experience with PaloAlto, Digital Guardian, OpenVPN security solutions. 

✅ Responsibilities:
System Administration:
✔️ Manage security systems: DLP, XDR, Network VPN gateway.
✔️ Implement and maintain security control policies to enhance security.
✔️ Keep security system infrastructure updated and patched. 
✔️ Integrate security systems with new IT solutions and assets.
✔️ Debug issues related to the security systems software - cooperate closely with vendor support. 

Monitoring and Analysis:
✔️ Continuously monitor network activity, systems load. 
✔️ Monitor and review vendor notifications about Saas security system maintenance, critical vulnerabilities, new releases and features. 
✔️ Identify and analyze potential threats and vulnerabilities in the security systems.

Incident Response: 
✔️ Respond to security incidents and provide 2-3 levels of support for the SOC team, coordinating incident response efforts. 
✔️ Escalate incidents to other teams as necessary. 

Reporting, Documentation, and Continuous Improvement: 
✔️ Prepare tech documentation after implementation of new security controls, system configurations. 
✔️ Create basic instructions for security software for end users. 
✔️ Suggest improvements to security system configuration and incident mitigation. 
✔️ Participate in post-incident reviews and propose enhancements. 

We invite a Security Engineer. This is a full-time, office-based role (no remote/hybrid) in one of our hubs:

• Belgrade, Serbia
• Lisbon, Portugal
• Sofia, Bulgaria
• Warsaw, Poland

The final location will depend on business needs and the feasibility of relocation from your current spot.

✅ Requirements: 
Must-Have:
✔️ 5 years of experience in IT infrastructure administration or information security roles. 
✔️ Advanced administration of macOS, Windows, and Linux operating systems, including secure configuration, system hardening, access control management, and troubleshooting at the OS level. 
✔️ Understanding of networking fundamentals, including IP networking, routing, switching, and network protocol behaviour relevant to security analysis. 
✔️ Basic knowledge of regulatory requirements and standards such as ISO27001, ISO27701, PCI DSS, GDPR, and others. 
✔️ Administration and configuration of EDR/XDR platforms, including policy management, detection rule tuning, incident investigation, and endpoint threat response. 
✔️ Configuration and administration of enterprise VPN solutions, including secure remote access management, authentication policies, and network access control. 
✔️ Administration and tuning of DLP systems, including policy development, data classification integration, and monitoring of data exfiltration risks. 

Nice-to-Have:
✔️ Proficiency in working with any kind of simple scripts: bash, PowerShell or Python, etc.. 
✔️ Understanding of the basic principles of virtualisation platform functionality. 
✔️ Experience in complex implementation or support projects of enterprise information security solutions (any solution classes from the list): MDM, SIEM, DLP, PAM, NGFW, Endpoint Security. Etc..
✔️ Experience with deployment and administration of IDS/IPS solutions, including rule tuning and network threat detection. 
✔️ Experience with PaloAlto, Digital Guardian, OpenVPN security solutions. 

✅ Responsibilities:
System Administration:
✔️ Manage security systems: DLP, XDR, Network VPN gateway.
✔️ Implement and maintain security control policies to enhance security.
✔️ Keep security system infrastructure updated and patched. 
✔️ Integrate security systems with new IT solutions and assets.
✔️ Debug issues related to the security systems software - cooperate closely with vendor support. 

Monitoring and Analysis:
✔️ Continuously monitor network activity, systems load. 
✔️ Monitor and review vendor notifications about Saas security system maintenance, critical vulnerabilities, new releases and features. 
✔️ Identify and analyze potential threats and vulnerabilities in the security systems.

Incident Response: 
✔️ Respond to security incidents and provide 2-3 levels of support for the SOC team, coordinating incident response efforts. 
✔️ Escalate incidents to other teams as necessary. 

Reporting, Documentation, and Continuous Improvement: 
✔️ Prepare tech documentation after implementation of new security controls, system configurations. 
✔️ Create basic instructions for security software for end users. 
✔️ Suggest improvements to security system configuration and incident mitigation. 
✔️ Participate in post-incident reviews and propose enhancements. 

We invite a Security Engineer. This is a full-time, office-based role (no remote/hybrid) in one of our hubs:

• Belgrade, Serbia
• Lisbon, Portugal
• Sofia, Bulgaria
• Warsaw, Poland

The final location will depend on business needs and the feasibility of relocation from your current spot.

✅ Requirements: 
Must-Have:
✔️ 5 years of experience in IT infrastructure administration or information security roles. 
✔️ Advanced administration of macOS, Windows, and Linux operating systems, including secure configuration, system hardening, access control management, and troubleshooting at the OS level. 
✔️ Understanding of networking fundamentals, including IP networking, routing, switching, and network protocol behaviour relevant to security analysis. 
✔️ Basic knowledge of regulatory requirements and standards such as ISO27001, ISO27701, PCI DSS, GDPR, and others. 
✔️ Administration and configuration of EDR/XDR platforms, including policy management, detection rule tuning, incident investigation, and endpoint threat response. 
✔️ Configuration and administration of enterprise VPN solutions, including secure remote access management, authentication policies, and network access control. 
✔️ Administration and tuning of DLP systems, including policy development, data classification integration, and monitoring of data exfiltration risks. 

Nice-to-Have:
✔️ Proficiency in working with any kind of simple scripts: bash, PowerShell or Python, etc.. 
✔️ Understanding of the basic principles of virtualisation platform functionality. 
✔️ Experience in complex implementation or support projects of enterprise information security solutions (any solution classes from the list): MDM, SIEM, DLP, PAM, NGFW, Endpoint Security. Etc..
✔️ Experience with deployment and administration of IDS/IPS solutions, including rule tuning and network threat detection. 
✔️ Experience with PaloAlto, Digital Guardian, OpenVPN security solutions. 

✅ Responsibilities:
System Administration:
✔️ Manage security systems: DLP, XDR, Network VPN gateway.
✔️ Implement and maintain security control policies to enhance security.
✔️ Keep security system infrastructure updated and patched. 
✔️ Integrate security systems with new IT solutions and assets.
✔️ Debug issues related to the security systems software - cooperate closely with vendor support. 

Monitoring and Analysis:
✔️ Continuously monitor network activity, systems load. 
✔️ Monitor and review vendor notifications about Saas security system maintenance, critical vulnerabilities, new releases and features. 
✔️ Identify and analyze potential threats and vulnerabilities in the security systems.

Incident Response: 
✔️ Respond to security incidents and provide 2-3 levels of support for the SOC team, coordinating incident response efforts. 
✔️ Escalate incidents to other teams as necessary. 

Reporting, Documentation, and Continuous Improvement: 
✔️ Prepare tech documentation after implementation of new security controls, system configurations. 
✔️ Create basic instructions for security software for end users. 
✔️ Suggest improvements to security system configuration and incident mitigation. 
✔️ Participate in post-incident reviews and propose enhancements. 

We invite a Senior Application Security Engineer to join our team.

🌎 Global Remote Mobility: Available for Senior roles in selected jurisdictions.

✅ Responsibilities:
✔️ Demonstrated ability to collaborate with other teams to achieve complex objectives.
✔️ Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.
✔️ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.
✔️ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.
✔️ Define required policies, controls, and capabilities for the protection of products and environments.
✔️ Build and validate declarative threat models automation.
✔️ Participate in engineering teams’ product planning cycles and committees.
✔️ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.
✔️ Serve as a trusted cyber security advisor to product and application teams.

✅ Minimum Requirements:
✔️ Experience integrating security scanning/tooling into the development pipeline.
✔️ Experience in analysing and securing microservices and applications developed using JavaScript and Typescript.
✔️ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).
✔️ Hands-on development experience in Python/shell scripting.
✔️ Strong understanding of supply chain security, software integrity, and secure software delivery.
✔️ Experience with Docker and mesh technologies (such as ISTIO).
✔️ Experience with architecture and security reviews, threat modelling, and application risk is highly desired.
✔️ Experience working with Agile methodologies.
✔️ Knowledge of privacy laws and regulations, such as GDPR desired.
✔️ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.

✅ PREFERRED QUALIFICATIONS:
✔️ In-depth experience with architecting secure services on Kubernetes.
✔️ Extensive experience with architecting secure services on AWS or on-prem data centers.
✔️ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH, are highly desirable.

✅ We offer excellent benefits, including but not limited to:
🚀 Career growth opportunities in an international and dynamic environment; 
📚 Opportunity to develop language skills with partial compensation for language courses; 
🎁 Special gifts for birthdays, weddings, and newborns; 
🏝️ 20 working days of paid annual vacation, plus 6 paid sick leaves; 
🍲 Office snacks and refreshments;
🏋️‍♂️ Sports package to support a healthy lifestyle;
🩺 Comprehensive medical insurance; 
📍 Comfortable office with great facilities in a prime location; 
 🎉 Exciting corporate events, team-building activities, and international company parties.

We invite a Senior Application Security Engineer to join our team.

🌎 Global Remote Mobility: Available for Senior roles in selected jurisdictions.

✅ Responsibilities:
✔️ Demonstrated ability to collaborate with other teams to achieve complex objectives.
✔️ Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.
✔️ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.
✔️ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.
✔️ Define required policies, controls, and capabilities for the protection of products and environments.
✔️ Build and validate declarative threat models automation.
✔️ Participate in engineering teams’ product planning cycles and committees.
✔️ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.
✔️ Serve as a trusted cyber security advisor to product and application teams.

✅ Minimum Requirements:
✔️ Experience integrating security scanning/tooling into the development pipeline.
✔️ Experience in analysing and securing microservices and applications developed using JavaScript and Typescript.
✔️ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).
✔️ Hands-on development experience in Python/shell scripting.
✔️ Strong understanding of supply chain security, software integrity, and secure software delivery.
✔️ Experience with Docker and mesh technologies (such as ISTIO).
✔️ Experience with architecture and security reviews, threat modelling, and application risk is highly desired.
✔️ Experience working with Agile methodologies.
✔️ Knowledge of privacy laws and regulations, such as GDPR desired.
✔️ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.

✅ PREFERRED QUALIFICATIONS:
✔️ In-depth experience with architecting secure services on Kubernetes.
✔️ Extensive experience with architecting secure services on AWS or on-prem data centers.
✔️ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH, are highly desirable.

✅ We offer excellent benefits, including but not limited to:
💻 Learning and development opportunities and interesting, challenging tasks.
✈️ Relocation package (tickets, staying in a hotel for up to 2 weeks, and visa relocation support for our employees and their family members).
📚 Opportunity to develop language skills, with partial compensation for the cost of English and Portuguese language classes (for localization purposes). 
🎾 Partial compensation for tennis and padel lessons. 
🏀 Urban Sport membership benefit (the most diverse sports and wellness offering in Europe, with more than 50+ activities). 
🏥 Private medical coverage, including inpatient, outpatient, dental care, annual check-ups, and maternity support. 
🏝 Time for proper rest, with 24 non-business days per year and an additional 6 paid sick days. 
🚌 Transport compensation - 200 euros net per month. 
📈 Competitive remuneration level with annual review. 
🤝 Teambuilding activities. 

We invite a Senior Application Security Engineer to join our team.

🌎 Global Remote Mobility: Available for Senior roles in selected jurisdictions.

✅ Responsibilities:
✔️ Demonstrated ability to collaborate with other teams to achieve complex objectives.
✔️ Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.
✔️ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.
✔️ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.
✔️ Define required policies, controls, and capabilities for the protection of products and environments.
✔️ Build and validate declarative threat models automation.
✔️ Participate in engineering teams’ product planning cycles and committees.
✔️ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.
✔️ Serve as a trusted cyber security advisor to product and application teams.

✅ Minimum Requirements:
✔️ Experience integrating security scanning/tooling into the development pipeline.
✔️ Experience in analysing and securing microservices and applications developed using JavaScript and Typescript.
✔️ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).
✔️ Hands-on development experience in Python/shell scripting.
✔️ Strong understanding of supply chain security, software integrity, and secure software delivery.
✔️ Experience with Docker and mesh technologies (such as ISTIO).
✔️ Experience with architecture and security reviews, threat modelling, and application risk is highly desired.
✔️ Experience working with Agile methodologies.
✔️ Knowledge of privacy laws and regulations, such as GDPR desired.
✔️ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.

✅ PREFERRED QUALIFICATIONS:
✔️ In-depth experience with architecting secure services on Kubernetes.
✔️ Extensive experience with architecting secure services on AWS or on-prem data centers.
✔️ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH, are highly desirable.

✅ We offer excellent benefits, including but not limited to:
🚀 Career growth opportunities in an international and dynamic environment;
📚 Opportunity to develop language skills with partial compensation for language courses;
🎁 Special gifts for birthdays, weddings, and newborns;
🏝️ 20 working days of paid annual vacation, 6 paid sick leaves;
🍲 Office snacks and refreshments;
🏋️‍♂️ Sports package to support a healthy lifestyle;
🩺 Comprehensive medical insurance for you and your partner;
📍 Comfortable office with great facilities in a prime location;
 🎉 Exciting corporate events, team-building activities, and international company parties.

We invite a Senior Application Security Engineer to join our team.

🌎 Global Remote Mobility: Available for Senior roles in selected jurisdictions.

✅ Responsibilities:
✔️ Demonstrated ability to collaborate with other teams to achieve complex objectives.
✔️ Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.
✔️ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.
✔️ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.
✔️ Define required policies, controls, and capabilities for the protection of products and environments.
✔️ Build and validate declarative threat models automation.
✔️ Participate in engineering teams’ product planning cycles and committees.
✔️ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.
✔️ Serve as a trusted cyber security advisor to product and application teams.

✅ Minimum Requirements:
✔️ Experience integrating security scanning/tooling into the development pipeline.
✔️ Experience in analysing and securing microservices and applications developed using JavaScript and Typescript.
✔️ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).
✔️ Hands-on development experience in Python/shell scripting.
✔️ Strong understanding of supply chain security, software integrity, and secure software delivery.
✔️ Experience with Docker and mesh technologies (such as ISTIO).
✔️ Experience with architecture and security reviews, threat modelling, and application risk is highly desired.
✔️ Experience working with Agile methodologies.
✔️ Knowledge of privacy laws and regulations, such as GDPR desired.
✔️ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.

✅ PREFERRED QUALIFICATIONS:
✔️ In-depth experience with architecting secure services on Kubernetes.
✔️ Extensive experience with architecting secure services on AWS or on-prem data centers.
✔️ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH, are highly desirable.

✅ We offer excellent benefits, including but not limited to:
🏝 24 vacation days annually 
🤒 6 sick days without a medical certificate 
🏥 Premium Health Insurance (coverage up to 5,000 EUR annually) 
🎉 Special occasion gifts: birthday, wedding, newborn 
📚 Learning & Development budget (for conferences, courses and certifications) 
🌍 Corporate events: international parties, team buildings, activities 
📈 Career growth opportunities in a fast-growing company 
✈️ Relocation package for international candidates 
🏋️ Sports package (FitPass membership) 
🗣️ Language classes: Serbian & English (company-covered)

LastPass is looking for a Staff Cloud Security Engineer:

In this role, you will collaborate closely with our DevOps, CI/CD engineers, and Architecture team to implement and maintain security best practices across our infrastructure.

About the Team:

If you are passionate about complex problem solving and motivated by scale, then this is the role for you!

Who will you work with?

What are some of the exciting challenges you will be working on?

What does it take to work at LastPass?

It's great, but not required:

LastPass is looking for a Staff Cloud Security Engineer:

In this role, you will collaborate closely with our DevOps, CI/CD engineers, and Architecture team to implement and maintain security best practices across our infrastructure.

About the Team:

If you are passionate about complex problem solving and motivated by scale, then this is the role for you!

Who will you work with?

What are some of the exciting challenges you will be working on?

What does it take to work at LastPass?

It's great, but not required:

LastPass is looking for a Staff Cloud Security Engineer:

In this role, you will collaborate closely with our DevOps, CI/CD engineers, and Architecture team to implement and maintain security best practices across our infrastructure.

About the Team:

If you are passionate about complex problem solving and motivated by scale, then this is the role for you!

Who will you work with?

What are some of the exciting challenges you will be working on?

What does it take to work at LastPass?

It's great, but not required:

LastPass is looking for a Staff Cloud Security Engineer:

In this role, you will collaborate closely with our DevOps, CI/CD engineers, and Architecture team to implement and maintain security best practices across our infrastructure.

About the Team:

If you are passionate about complex problem solving and motivated by scale, then this is the role for you!

Who will you work with?

What are some of the exciting challenges you will be working on?

What does it take to work at LastPass?

It's great, but not required:

The role

As a Product Security Engineer, you will enable development teams to take ownership of the security and privacy of their product by collaborating to set requirements and standards, performing design reviews and vulnerability assessments, and helping build security controls. You will also work closely with the dedicated Security Operations and Security Engineering teams. 

You will be someone who has experience securing a cloud-native environment, and, in particular, in embedding security and privacy standards in engineering functions. You should also be comfortable automating security and privacy engineering and performing various security assessments.

What excites you 

• Developing high-quality code for extensive tasks, showcasing proficiency in leading systems and architecture design independently. 
• Leading the design and documentation processes for complex tasks, breaking them down into manageable segments for team collaboration while also handling the most challenging portions.
• Contributing significantly to the company-wide systems architecture, impacting the organisation's technological landscape.
• Providing guidance to developers and architects on secure coding methodologies, architectural design, and security best practices, fostering a culture of excellence within the team.
• Overseeing the vulnerability management program, conducting routine assessments, prioritising resolutions, and tracking progress towards securing systems.
• Demonstrating advanced proficiency in security testing, ensuring comprehensive evaluations of system, application, and network security postures.
• Creating and maintaining robust security policies, procedures, and guidelines for effective programme management.

What excites us  

• Experience in cloud-based application and infrastructure security - especially, DevSecOps
• Background in threat modelling and security architecture/secure design
• Awareness of or exposure to security and privacy standards, such as ISO27001, SOC1, CyberEssentials, GDPR, or similar
• Nice to have: Cybersecurity certifications, such as CISSP, CEH, Professional Cloud Security Engineer, or similar
• Technical experience in working with cloud computing providers such as GCP or AWS
• Technical leadership qualities -  setting direction alongside the managers and supporting the security team in technical development. 

Base salary range: €40,000 to €60,000 gross annually

Base salary ranges are based on role, job level, location, and market data.  Please note that whilst we strive to offer competitive compensation, our approach is to pay between the minimum and the mid-point of the pay range until performance can be assessed in role. Offers will take into account level of experience, interview assessment, budgets and parity between you and fellow employees at GoCardless doing similar work.