As a Staff (techlead-level) Infrastructure Engineer, you will lead the design, implementation, and evolution of our cloud infrastructure platforms that power SentinelOne’s products at scale. You will drive complex, cross‑functional initiatives end‑to‑end, set technical direction for Kubernetes and cloud infrastructure (70+ K8s clusters, tens of thousands of nodes, multi‑region AWS (EKS) and GCP (GKE), multi‑account setup), and raise the bar for reliability, performance, and security. You will act as a go‑to expert and mentor for other engineers, helping them develop, deliver, and operate services efficiently on top of our platform.

What Will You Do?

Primary responsibilities include: 

• Own, design, build, and evolve systems and large, impactful initiatives (complex, ambiguous problems) across Kubernetes and cloud infrastructure that allow our engineers to deliver features safely, quickly, and reliably – such as the cloud infrastructure platform we’re building.
• Maintain and enhance large‑scale Kubernetes infrastructure, troubleshoot and resolve complex issues in the platform and related cloud services, including performance, scalability, and reliability, as well as H-A, observability, security, and cost-efficiency challenges.
• Ensure our Kubernetes infra and surrounding ecosystem are fully automated using IaC (Terraform, incl. writing, maintaining and improving modules & tooling) and GitOps (ArgoCD) and adhere to best practices in security and compliance. You will also define & evolve standards and patterns across teams and guide others in adopting these practices.
• Support Engineering teams as a trusted partner, helping them adopt and utilize the platform effectively (repeatable, self‑service infrastructure), and influence roadmaps with infrastructure & reliability considerations.
• Own and continuously improve key metrics around performance, throughput, reliability, and failure rates, including capacity planning and deployment strategies.
• Contribute to and sometimes lead incident response efforts, post‑incident reviews, and systemic improvements to prevent recurrence.
• As Staff Engineer, you will be expected to mentor and coach other engineers, fostering a culture of knowledge sharing, continuous learning, and high‑quality engineering practices.

What Skills and Knowledge Will You Bring?

Ideal candidates will have:

• Multiple years of hands-on Kubernetes administrator experience, including maintenance, configuration, and operations in large-scale production environments - such as dozens of clusters, hundreds of nodes, multi‑region, or multi‑account setups.
• Experience with managed offerings like EKS and/or GKE. KOPS and others are a plus.
• Strong experience with ingress controllers configuration and troubleshooting (like Traefik or Gloo) and production experience maintaining standard add-ons (like cert‑manager, Karpenter, Keda, Cilium, CoreDNS etc).
• Deep, practical experience with GitOps tooling and workflows, ideally ArgoCD and/or Flux; with CI/CD pipelines, ideally GitHub Actions, including designing and operating workflows for infrastructure and application delivery.
• Strong experience with Terraform or Terragrunt, including designing and maintaining reusable modules and shared infrastructure components.
• Ability to design automation and tooling to streamline day-to-day operations such as cluster lifecycle, upgrades, and policy enforcement. 
• Highly preferred: proficiency in Python or Golang, with the ability to automate operations, build small tools or services, and review code for quality and reliability.
• Strong AWS and/or GCP infrastructure knowledge across core services, networking, security, IAM, and cost optimization.
• Solid understanding of SRE principles, including SLAs, SLOs, and SLIs, and how to design systems to meet them.
• Incident response experience, including participation in on‑call rotations and leading or contributing to incident reviews.
• Experience leading technical projects from start to finish - you will take full ownership of  work, catch issues early and create solutions that help different teams and services work better together. Strong ability to handle context-switching.
• Experience mentoring and coaching engineers, driving improvements in engineering practices, and fostering a collaborative, learning‑oriented environment.
• Experience using AI tools in day-to-day engineering work and a solid understanding of FinOps practices for managing and optimizing cloud costs.

Why SentinelOne?

AI is redefining how the world operates and rewriting the rules of security in real time, and SentinelOne was built for this moment. From day one, we architected an AI-native platform designed to operate at machine speed, not as an add-on to legacy systems but as the foundation itself. If you want to build where innovation and impact move together, this is that place.

We invest in our Sentinels with comprehensive, competitive benefits designed to support you and your family:

• Salary starting from 5000 EUR/month. Annual bonus based on company performance, paid in two installments. The final base salary may be adjusted based on the individual skills and experience of the selected candidate.
• Enjoy flexible working hours and the option to work remotely from anywhere in Slovakia. We offer access to major co-working spaces for those who prefer an office environment. In Czechia, you can also work from our modern offices in Prague or Brno.
• Stock & Bonuses: Grant of Restricted Stock Units with a 4-year vesting plan, annual performance-based bonuses, and an employee stock purchase plan.
• Time Off & Well-being: Flexible Time Off, on top of the standard 5 weeks vacation, flexible paid sick days, fully paid Short Term Sick/Nursing Leave, 16-week parental leave, grandparent leave, and additional company holidays.
• Insurance & Wellbeing: Pension Insurance Contribution, Premium life insurance, Paid Multisport Benefit Card and a Global Employee Assistance Program.
• Work Perks: Monthly meal and well-being allowance, high-end MacBook/Windows laptop, work-from-home support, and Multisport card paid by SentinelOne.
• Growth & Community: LinkedIn Learning, internal mentoring, educational support, generous referral bonuses, and optional company events (sports, BBQs, charity).

We are seeking an experienced Staff Platform Engineer / Software Engineer who will serve as a technical leader with dozens of engineering teams. You are someone who enjoys bridging the gap between software engineering and systems architecture, and not just managing infra, but building Internal Developer Platform (IDP) on Kubernetes, and APIs that enable scalability, efficiency, productivity, and developer joy. You are a "doer" who can pivot from writing high-quality production code to influencing the architectural direction of our CI/CD pipelines and service catalogs (e.g., Backstage), as well as be the next frontier of Generative AI integration.

Our Developer Experience (DevEx) organization’s mission is to partner with SentinelOne engineering teams to accelerate the velocity of software delivery through continuous innovation and standardization. We are building a platform that serves nearly 1,000 engineers to release services and features to our customers, making it easy to move from POC to production safely and quickly. We're also transforming our CI/CD from a traditional pipeline into an AI-driven engine - you will help us build a platform where AI proactively helps developers write & ship code, generates high-coverage test suites on the fly, and performs the first pass of PR reviews with human-level context. 

What Will You Do?

• Partner with Engineers, Build & Automate: The engineering teams are our primary customers - you will be working with them to understand their pain points and find long term solutions.
  • You will be building the IDP as the "Golden Path", and tools that improve the quality of life and streamlining the development process for the teams, so that they can build without having to worry about the underlying infrastructure.
  • You will be also building scalable solutions in collaboration with other infrastructure teams.
• Modernize the Stack: Collaborate with architects to evaluate and implement modern tools (e.g., ArgoCD, GitHub Actions) and deployment strategies (Canary, Blue/Green).
• Lead the AI-Driven CI/CD Shift: Architect and implement AI-powered workflows that assist in code generation, automated testing, and intelligent PR analysis to eliminate developer friction.
• Operational Ownership: Identify causes of toil across engineering orgs and eliminate them through automation, enhancing overall system reliability and developer satisfaction.
• Cross-Functional Influence: Partner with Product, Security, and Finance teams to align technical roadmaps with business value and customer needs. You will influence strategy and ensure our platform is as lean as it is powerful.
• Impact: You will participate in the full software development lifecycle, including requirements analysis, architecture design, coding, testing, and deployment.
• Deal with global scale: Our security SW products protect 15,000 enterprise and government clients across the globe, incl. 4 of Fortune 10, and process 9+ Petabytes of data daily and 3+ Trillion security events across multiple AWS/GCP regions and GovCloud, supported by a large Kubernetes control plane with 80+clusters and tens of thousands of nodes.

Our stack: Go, Python; Kubernetes, Docker, AWS, GCP, FedRAMP; GitHub Actions, ArgoCD; GitHub Enterprise; depending on the requirements of the service for communication, we use Kafka, REST API, GraphQL, gRPC, etc.; Postgres, MongoDB, Redis, ClickHouse; Prometheus/Thanos, Grafana

What Skills and Knowledge Will You Bring?

• Demonstrated proficiency in Go or Python. Experience in the full SDLC, from requirements to production-ready code
• Experience with AWS and/or GCP. Knowledge of Kubernetes or similar orchestration systems
• Experience with CI/CD tooling at scale (e.g., GitHub Actions, ArgoCD, Jenkins etc.) and GitOps approach
• Strong experience with Terraform, Pulumi, or similar IaC frameworks
• Familiarity with DevEx fundamentals, including Service Catalogs (Backstage), REST APIs, or gRPC
• Familiarity with both SQL (Postgres) and NoSQL (MongoDB, ClickHouse, or Redis)
• You are passionate about (and ideally have experience in) integrating LLMs and AI agents into the developer workflow to drive productivity
• Excellent problem-solving skills, strong ownership and accountability, with proven experience driving large, impactful projects
• Strong communication skills and ability to articulate technical concepts and influence engineering direction across teams, departments, and stakeholders in multiple time zones

Why SentinelOne?

AI is redefining how the world operates and rewriting the rules of security in real time, and SentinelOne was built for this moment. From day one, we architected an AI-native platform designed to operate at machine speed, not as an add-on to legacy systems but as the foundation itself. If you want to build where innovation and impact move together, this is that place.

We invest in our Sentinels with comprehensive, competitive benefits designed to support you and your family:

• Salary starting from 5000 EUR/month. Annual bonus based on company performance, paid in two installments. The final base salary may be adjusted based on the individual skills and experience of the selected candidate.
• Enjoy flexible working hours and the option to work remotely from anywhere in Slovakia. We offer access to major co-working spaces for those who prefer an office environment. In Czechia, you can also work from our modern offices in Prague or Brno.
• Stock & Bonuses: Grant of Restricted Stock Units with a 4-year vesting plan, annual performance-based bonuses, and an employee stock purchase plan.
• Time Off & Well-being: Flexible Time Off, on top of the standard 5 weeks vacation, flexible paid sick days, fully paid Short Term Sick/Nursing Leave, 16-week parental leave, grandparent leave, and additional company holidays.
• Insurance & Wellbeing: Pension Insurance Contribution, Premium life insurance, Paid Multisport Benefit Card and a Global Employee Assistance Program.
• Work Perks: Monthly meal and well-being allowance, high-end MacBook/Windows laptop, work-from-home support, and Multisport card paid by SentinelOne.
• Growth & Community: LinkedIn Learning, internal mentoring, educational support, generous referral bonuses, and optional company events (sports, BBQs, charity).

Be part of an inclusive, innovative workplace that values belonging, flexibility, and growth!

We are seeking an experienced Staff Software Engineer / Platform Engineer who will serve as a technical leader with dozens of engineering teams. You are someone who enjoys bridging the gap between software engineering and systems architecture, and not just managing infra, but building Internal Developer Platform (IDP) on Kubernetes, and APIs that enable scalability, efficiency, productivity, and developer joy. You are a "doer" who can pivot from writing high-quality production code to influencing the architectural direction of our CI/CD pipelines and service catalogs (e.g., Backstage), as well as be the next frontier of Generative AI integration.

Our Developer Experience (DevEx) organization’s mission is to partner with SentinelOne engineering teams to accelerate the velocity of software delivery through continuous innovation and standardization. We are building a platform that serves nearly 1,000 engineers to release services and features to our customers, making it easy to move from POC to production safely and quickly. We're also transforming our CI/CD from a traditional pipeline into an AI-driven engine - you will help us build a platform where AI proactively helps developers write & ship code, generates high-coverage test suites on the fly, and performs the first pass of PR reviews with human-level context. 

What Will You Do?

• Partner with Engineers, Build & Automate: The engineering teams are our primary customers - you will be working with them to understand their pain points and find long term solutions.
  • You will be building the IDP as the "Golden Path", and tools that improve the quality of life and streamlining the development process for the teams, so that they can build without having to worry about the underlying infrastructure.
  • You will be also building scalable solutions in collaboration with other infrastructure teams.
• Modernize the Stack: Collaborate with architects to evaluate and implement modern tools (e.g., ArgoCD, GitHub Actions) and deployment strategies (Canary, Blue/Green).
• Lead the AI-Driven CI/CD Shift: Architect and implement AI-powered workflows that assist in code generation, automated testing, and intelligent PR analysis to eliminate developer friction.
• Operational Ownership: Identify causes of toil across engineering orgs and eliminate them through automation, enhancing overall system reliability and developer satisfaction.
• Cross-Functional Influence: Partner with Product, Security, and Finance teams to align technical roadmaps with business value and customer needs. You will influence strategy and ensure our platform is as lean as it is powerful.
• Impact: You will participate in the full software development lifecycle, including requirements analysis, architecture design, coding, testing, and deployment.
• Deal with global scale: Our security SW products protect 15,000 enterprise and government clients across the globe, incl. 4 of Fortune 10, and process 9+ Petabytes of data daily and 3+ Trillion security events across multiple AWS/GCP regions and GovCloud, supported by a large Kubernetes control plane with 80+clusters and tens of thousands of nodes.

Our stack: Go, Python; Kubernetes, Docker, AWS, GCP, FedRAMP; GitHub Actions, ArgoCD; GitHub Enterprise; depending on the requirements of the service for communication, we use Kafka, REST API, GraphQL, gRPC, etc.; Postgres, MongoDB, Redis, ClickHouse; Prometheus/Thanos, Grafana

What Skills and Knowledge Will You Bring?

• Demonstrated proficiency in Go or Python. Experience in the full SDLC, from requirements to production-ready code
• Experience with AWS and/or GCP. Knowledge of Kubernetes or similar orchestration systems
• Experience with CI/CD tooling at scale (e.g., GitHub Actions, ArgoCD, Jenkins etc.) and GitOps approach
• Strong experience with Terraform, Pulumi, or similar IaC frameworks
• Familiarity with DevEx fundamentals, including Service Catalogs (Backstage), REST APIs, or gRPC
• Familiarity with both SQL (Postgres) and NoSQL (MongoDB, ClickHouse, or Redis)
• You are passionate about (and ideally have experience in) integrating LLMs and AI agents into the developer workflow to drive productivity
• Excellent problem-solving skills, strong ownership and accountability, with proven experience driving large, impactful projects
• Strong communication skills and ability to articulate technical concepts and influence engineering direction across teams, departments, and stakeholders in multiple time zones

Why SentinelOne?

AI is redefining how the world operates and rewriting the rules of security in real time, and SentinelOne was built for this moment. From day one, we architected an AI-native platform designed to operate at machine speed, not as an add-on to legacy systems but as the foundation itself. If you want to build where innovation and impact move together, this is that place.

We invest in our Sentinels with comprehensive, competitive benefits designed to support you and your family:

• Salary starting from 5000 EUR/month. Annual bonus based on company performance, paid in two installments. The final base salary may be adjusted based on the individual skills and experience of the selected candidate.
• Enjoy flexible working hours and the option to work remotely from anywhere in Slovakia. We offer access to major co-working spaces for those who prefer an office environment. In Czechia, you can also work from our modern offices in Prague or Brno.
• Stock & Bonuses: Grant of Restricted Stock Units with a 4-year vesting plan, annual performance-based bonuses, and an employee stock purchase plan.
• Time Off & Well-being: Flexible Time Off, on top of the standard 5 weeks vacation, flexible paid sick days, fully paid Short Term Sick/Nursing Leave, 16-week parental leave, grandparent leave, and additional company holidays.
• Insurance & Wellbeing: Pension Insurance Contribution, Premium life insurance, Paid Multisport Benefit Card and a Global Employee Assistance Program.
• Work Perks: Monthly meal and well-being allowance, high-end MacBook/Windows laptop, work-from-home support, and Multisport card paid by SentinelOne.
• Growth & Community: LinkedIn Learning, internal mentoring, educational support, generous referral bonuses, and optional company events (sports, BBQs, charity).

Be part of an inclusive, innovative workplace that values belonging, flexibility, and growth!

As a Windows Low Level Engineer - Endpoint security, you will design and develop advanced security features for SentinelOne’s Windows endpoint protection platform, operating across both user-mode and kernel-mode environments. You will build and optimize mission-critical components including anti-tampering protections, network sensors, and agent infrastructure while solving complex performance and stability challenges at massive scale. By researching Windows internals and debugging deep system issues, you will collaborate with distributed engineering teams to deliver high-impact security capabilities protecting millions of devices worldwide.

We are seeking a highly skilled and experienced Software Engineer with a strong background in low-level C++ programming and a deep understanding of Windows OS, to help us in developing our Endpoint Protection product, the core part of our business, and to join one of our Platform group teams. (We're currently growing multiple teams and are open to new colleagues with a wide variety of backgrounds within Windows development!).

The Platform group teams are in charge of some of our most complex low-level areas, such as:

• Windows agent’s Anti-Tampering (self-protection from malware attempting to harm the agent), network sensors, device control, and other kernel-side features involving both research and development,
• usermode security & agent infrastructures - e.g. installers, logging, services such as communication layer & interfaces for our Windows agent, for improving the quality, performance & stability of the agent and making the user experience smoother.

By joining our group, you will collaborate with talented engineers who are leading a feature through the whole development lifecycle. Your work will have an impact on millions of endpoints in one of the mainstream areas of the EPP/EDR agent of SentinelOne - a product recognized 5x-in-a-row as Gartner MQ Leader, scoring highly in many MITRE Att&ck assessments, valued by users in Gartner Peer Insights and more.

What will you do?

• As a new member of one of our distributed development teams, you will work in both user-mode & kernel-mode, and deal with a large variety of fields.
• You will have the chance to design, develop primarily in modern C++ (23), test and debug the most complicated real-world problems (often unseen before). In order to successfully deal with this challenge, you will continuously enrich your knowledge and experience with Windows OS internals & Kernel, Endpoint Protection, and Endpoint Detection & Response eco-system.
• Our teams design and execute significant new features, as well as rewrite and reimplement the existing ones from scratch. You will also deal with extraordinary performance & optimization challenges, given the scale of our cybersecurity SW (handling hundreds of billions of events every day).
• Your work will influence the security of tens of millions of Windows devices, that we protect at enterprise & government customers across the globe (incl. 4 of Fortune 10 and hundreds of Global 2000).
• You’ll also be encouraged to share knowledge within both Platform teams and the broader Windows group.

What skills & knowledge should you bring?

• Multiple years of experience as a software engineer in the area of lowlevel programming using modern C++ (or using C and a willingness to learn modern C++)
• Hands-on experience and in-depth understanding of Windows OS design & internals, Windows low-level development, with debugging of Windows applications and familiarity with related standard debugging and profiling tools
• Previous experience working on a production-grade product with a wide-scale deployment
• Great communication skills and the ability to work both independently and with peers from different time zones, problem-solving and out-of-the-box thinking
• Attention to detail and high coding standards
• An advantage: experience with Windows Kernel and Windows Drivers development, experience in security-oriented development, with reversing or malware analysis

Why Us? 

Join a cutting-edge company where you'll take on extraordinary challenges alongside top industry talent. Enjoy flexible working hours and the option to work remotely from anywhere in Slovakia. We offer access to major co-working spaces for those who prefer an office environment. In Czechia, you can also work from our modern offices in Prague or Brno.

Salary starting from 5000 EUR/month
Annual bonus based on company performance, paid in two instalments
The final base salary may be adjusted based on the individual skills and experience of the selected candidate.

Competitive Benefits Package:

• Stock & Bonuses: Grant of Restricted Stock Units with a 4-year vesting plan, annual performance-based bonuses, and an employee stock purchase plan.
• Time Off & Well-being: Flexible Time Off, on top of the standard 5 weeks vacation, flexible paid sick days, fully paid Short Term Sick/Nursing Leave, 16-week parental leave, grandparent leave, and additional company holidays.
• Insurance & Wellbeing: Pension Insurance Contribution, Premium life insurance, and a Global Employee Assistance Program.
• Work Perks: Monthly meal and well-being allowance, high-end MacBook/Windows laptop, work-from-home support, and in-office refreshments.
• Growth & Community: LinkedIn Learning, internal mentoring, educational support, generous referral bonuses, and optional company events (sports, BBQs, charity).

Be part of an inclusive, innovative workplace that values belonging, flexibility, and growth!

We want you to join us full-time as a Staff Backend Engineer. You will work remotely first (from Central & Eastern Europe), but we are more than happy to meet you in our nice offices in Bratislava, Brno or Prague. For candidates at the P4 / Staff Software Engineer level, starting monthly compensation begins at 4 400 € gross, with the final offer tailored for each candidate based on their skills and experience. Stock options and a comprehensive benefits package are also included.

The Pulsar team builds platform and admin services that all Bloomreach SaaS products rely on. In your first year, you’ll develop features used by thousands of customers and deliver fast, consistent, and high-energy (but low-drama) product releases. We all work remotely from the US, India, and Europe.

Examples of our services:  

• Central services to publish Model Context Protocol APIs for external AI agents
• Multi-product customer provisioning and licensing orchestration
• Integrated user management, authentication, and authorization
• High-availability, centralized configuration management
• Tools for new customer integration & product tuning

Why you’ll love your work

• Technical Variety: Cloud-native services with diverse tech stacks offer learning and experimentation.
• Impact: Our services are used by customers and teams across the company – engineers, product managers, services consultants, and even executives.
• Autonomy: Senior engineers design, build, and deploy complete projects and are experts in our services.
• Teamwork: Your teammates are also high performers and will support you with learning our systems, brainstorming & design review, and running high-reliability production deployments.

Your typical day

Your day begins with review of a teammate’s GitLab merge request. It has already been reviewed by Claude, but you’ll think deeply about the business problem, alternative solutions, and future needs. 

Then you spend a few undisturbed hours “in the flow,” working on a technical design doc for a new project. Once you’ve completed a draft, you send it to another teammate for feedback, then decide to jump on a Zoom call to talk it over and refine it.

After lunch, you join the team for a quick standup via Zoom to discuss current work and the plan for the next few days. You mention that you’re finishing up a small improvement to improve the logging and alerting for one of our components that requires high uptime. A teammate offers to review your changes. It has some complex behavior, so you walk through it together and make a few improvements.

Soon, the new unit tests are green. With a few keystrokes, you create a merge request, spin up a dev instance, and deploy your change. After some quick smoke tests, you and your teammate decide to merge the change. Your improvement will be deployed in production with the release in a few days.

Next, you respond to a Slack request for advice on integrating with the authorization API. You draft a short tech design doc that links the API spec, code examples, and optimization tips. You discuss it on the team channel, and your manager forwards it to another team that’s also starting a new service.

Your day ends with a chat with a product manager about questions that came up while drafting the tech design. With their feedback, you refine the proposal to deliver the core feature more quickly, while the product manager will work with customers and decide how much more to invest. Tomorrow, you’ll break down the tasks in Jira and decide what you’ll complete yourself and what you’ll ask teammates to complete….

Our tech stack(s)

• Languages & Frameworks: Java / Spring, Python, Go – occasionally TypeScript, Angular, React
• Data: Postgres, MySQL, MongoDB, Redis, Kafka
• Cloud: AWS & GCP (RDS, Redshift, Pub/Sub, BigTable, DataFlow, etc), Docker & Kubernetes (via EKS & GKE)
• Tools: Jira, Gitlab CI/CD, Prometheus, Grafana, OpenSearch

Our expectations

• Flexible intelligence: Stretch your technical skills in a distributed cloud environment, making changes across systems built with various tech stacks to meet challenging requirements.
• Drive: Rapidly ship product improvements that affect thousands of users in a low-drama and high-trust way. 
• Security & Reliability: Balance risks and benefits of change with discipline and agility.
• Communication: Organize technical work and maintain trust/respect across multiple teams, geographic regions, and departments.
• Knowledge Sharing: Proactively share expertise, guide less experienced team members, and document work for long-term sustainability.

The ideal candidate’s experience

• Active user of AI coding tools such as Cursor and Claude Code
• Developed backend services with Python using a variety of data systems (5+ years)
• Understands web security principles (OWASP), Authentication, and Authorization practices
• Designed APIs for a SaaS product
• Operated services in production on public cloud infrastructure
• Some experience with Java / Spring or Go
• Exposure to web frontend development (Angular / React)

#LI-KP1

The Senior Staff Security Infrastructure Engineer owns current and target-state data architectures and reporting while also designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls; deploying, securing, configuring, and operating SIEM and other security resources; identifying, triaging, and remediating infrastructure and web vulnerabilities; leading incident triage and external-researcher engagement; and mentoring junior staff.

You can work in one of our Central Europe offices (Bratislava, Brno, Prague) or from home in Central and Eastern Europe on a full-time basis.

Role summary and core responsibilities 

6+ years of relevant experience; candidates must demonstrate proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management; practical IaC and scripting for automation; strong cross-functional and external communication; and experience mentoring junior staff.

Technical Skills:

• Hands-on cloud security for AWS and GCP: design secure architectures, perform threat modeling, apply platform-native controls, and build/validate secure IaC.
• SIEM ownership and detection engineering: deploy, configure, tune, and maintain SIEM; author and test detection rules and playbooks; integrate data sources; and operate with SLA-driven alerting and incident workflows.
• Vulnerability and incident lifecycle ownership: identify, triage, and remediate infrastructure and web vulnerabilities 
• Drive CVE lifecycle management and patching:  perform root cause analysis and measure MTTR and remediation rates.
• Network, web, and endpoint protections: design and manage firewalls, WAFs, cloud network controls, URL/web filtering, with demonstrable operational experience.
• Secure automation and tooling: author automation for detection, alert enrichment, and remediation; build or extend security tooling using scripting or languages such as Python, Go, or Bash.
• Infrastructure as code and secure CI pipelines: implement guardrails and policy-as-code in CI/CD pipelines, perform static IaC scanning, and enforce security baselines before deployment.
• Detection, telemetry, and observability: define logging and telemetry requirements, ensure coverage for critical assets, and validate detection efficacy and alert fidelity.
• Security standards, playbooks, and enforcement: develop, document, and operationalize organization-wide security standards, runbooks, and playbooks; partner with engineering pillars to ensure adoption.
• Threat-informed defensive engineering: apply threat modeling and adversary-focused testing to guide controls, detection, and resilient designs.
• Cross-functional and external communication: communicate clearly with engineering teams, leadership, external researchers, and customers; lead vulnerability disclosure and researcher engagement.
• Mentorship and prioritization: mentor junior engineers, prioritize security projects based on risk and business impact, and drive continuous improvement of infrastructure security posture.
• Familiarity with frameworks and common weaknesses: working knowledge of CIS/NIST, common security libraries and controls, and typical flaws exploited in infrastructure and web applications.

Skills and qualifications:

• AWS Certified Security 
• Google Professional Cloud Security Engineer
• Splunk Certified Admin or Splunk Certified Enterprise Security Admin
• CISSP (Certified Information Systems Security Professional)
• Certified Cloud Security Professional (CCSP)
• Cloud Security Alliance CCSK

#LI-HO1

The Senior Staff Security Infrastructure Engineer owns current and target-state data architectures and reporting while also designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls; deploying, securing, configuring, and operating SIEM and other security resources; identifying, triaging, and remediating infrastructure and web vulnerabilities; leading incident triage and external-researcher engagement; and mentoring junior staff.

Your salary starts from €5000 gross per month with restricted stock units and other benefits included. You can work in one of our Central Europe offices (Bratislava, Brno, Prague) or from home in Central and Eastern Europe on a full-time basis.

Role summary and core responsibilities 

6+ years of relevant experience; candidates must demonstrate proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management; practical IaC and scripting for automation; strong cross-functional and external communication; and experience mentoring junior staff.

Technical Skills:

• Hands-on cloud security for AWS and GCP: design secure architectures, perform threat modeling, apply platform-native controls, and build/validate secure IaC.
• SIEM ownership and detection engineering: deploy, configure, tune, and maintain SIEM; author and test detection rules and playbooks; integrate data sources; and operate with SLA-driven alerting and incident workflows.
• Vulnerability and incident lifecycle ownership: identify, triage, and remediate infrastructure and web vulnerabilities 
• Drive CVE lifecycle management and patching:  perform root cause analysis and measure MTTR and remediation rates.
• Network, web, and endpoint protections: design and manage firewalls, WAFs, cloud network controls, URL/web filtering, with demonstrable operational experience.
• Secure automation and tooling: author automation for detection, alert enrichment, and remediation; build or extend security tooling using scripting or languages such as Python, Go, or Bash.
• Infrastructure as code and secure CI pipelines: implement guardrails and policy-as-code in CI/CD pipelines, perform static IaC scanning, and enforce security baselines before deployment.
• Detection, telemetry, and observability: define logging and telemetry requirements, ensure coverage for critical assets, and validate detection efficacy and alert fidelity.
• Security standards, playbooks, and enforcement: develop, document, and operationalize organization-wide security standards, runbooks, and playbooks; partner with engineering pillars to ensure adoption.
• Threat-informed defensive engineering: apply threat modeling and adversary-focused testing to guide controls, detection, and resilient designs.
• Cross-functional and external communication: communicate clearly with engineering teams, leadership, external researchers, and customers; lead vulnerability disclosure and researcher engagement.
• Mentorship and prioritization: mentor junior engineers, prioritize security projects based on risk and business impact, and drive continuous improvement of infrastructure security posture.
• Familiarity with frameworks and common weaknesses: working knowledge of CIS/NIST, common security libraries and controls, and typical flaws exploited in infrastructure and web applications.

Skills and qualifications:

• AWS Certified Security 
• Google Professional Cloud Security Engineer
• Splunk Certified Admin or Splunk Certified Enterprise Security Admin
• CISSP (Certified Information Systems Security Professional)
• Certified Cloud Security Professional (CCSP)
• Cloud Security Alliance CCSK

#LI-HO1

The Staff Security Engineer owns current and target-state data architectures and reporting while also designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls; deploying, securing, configuring, and operating SIEM and other security resources; identifying, triaging, and remediating infrastructure and web vulnerabilities; leading incident triage and external-researcher engagement; and mentoring junior staff. 

You can work in one of our Central Europe offices (Bratislava, Brno, Prague) or from home in Central and Eastern Europe on a full-time basis.

Role summary and core responsibilities 

6+ years of relevant experience; candidates must demonstrate proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management; practical IaC and scripting for automation; strong cross-functional and external communication; and experience mentoring junior staff.

Technical Skills:

• Hands-on cloud security for AWS and GCP: design secure architectures, perform threat modeling, apply platform-native controls, and build/validate secure IaC.
• SIEM ownership and detection engineering: deploy, configure, tune, and maintain SIEM; author and test detection rules and playbooks; integrate data sources; and operate with SLA-driven alerting and incident workflows.
• Vulnerability and incident lifecycle ownership: identify, triage, and remediate infrastructure and web vulnerabilities 
• Drive CVE lifecycle management and patching:  perform root cause analysis and measure MTTR and remediation rates.
• Network, web, and endpoint protections: design and manage firewalls, WAFs, cloud network controls, URL/web filtering, with demonstrable operational experience.
• Secure automation and tooling: author automation for detection, alert enrichment, and remediation; build or extend security tooling using scripting or languages such as Python, Go, or Bash.
• Infrastructure as code and secure CI pipelines: implement guardrails and policy-as-code in CI/CD pipelines, perform static IaC scanning, and enforce security baselines before deployment.
• Detection, telemetry, and observability: define logging and telemetry requirements, ensure coverage for critical assets, and validate detection efficacy and alert fidelity.
• Security standards, playbooks, and enforcement: develop, document, and operationalize organization-wide security standards, runbooks, and playbooks; partner with engineering pillars to ensure adoption.
• Threat-informed defensive engineering: apply threat modeling and adversary-focused testing to guide controls, detection, and resilient designs.
• Cross-functional and external communication: communicate clearly with engineering teams, leadership, external researchers, and customers; lead vulnerability disclosure and researcher engagement.
• Mentorship and prioritization: mentor junior engineers, prioritize security projects based on risk and business impact, and drive continuous improvement of infrastructure security posture.
• Familiarity with frameworks and common weaknesses: working knowledge of CIS/NIST, common security libraries and controls, and typical flaws exploited in infrastructure and web applications.

Skills and qualifications:

• AWS Certified Security 
• Google Professional Cloud Security Engineer
• Splunk Certified Admin or Splunk Certified Enterprise Security Admin
• CISSP (Certified Information Systems Security Professional)
• Certified Cloud Security Professional (CCSP)
• Cloud Security Alliance CCSK

#LI-HO1

The Staff Security Engineer owns current and target-state data architectures and reporting while also designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls; deploying, securing, configuring, and operating SIEM and other security resources; identifying, triaging, and remediating infrastructure and web vulnerabilities; leading incident triage and external-researcher engagement; and mentoring junior staff. 

Your salary starts from €4000 gross per month with restricted stock units and other benefits included. You can work in one of our Central Europe offices (Bratislava, Brno, Prague) or from home in Central and Eastern Europe on a full-time basis.

Role summary and core responsibilities 

6+ years of relevant experience; candidates must demonstrate proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management; practical IaC and scripting for automation; strong cross-functional and external communication; and experience mentoring junior staff.

Technical Skills:

• Hands-on cloud security for AWS and GCP: design secure architectures, perform threat modeling, apply platform-native controls, and build/validate secure IaC.
• SIEM ownership and detection engineering: deploy, configure, tune, and maintain SIEM; author and test detection rules and playbooks; integrate data sources; and operate with SLA-driven alerting and incident workflows.
• Vulnerability and incident lifecycle ownership: identify, triage, and remediate infrastructure and web vulnerabilities 
• Drive CVE lifecycle management and patching:  perform root cause analysis and measure MTTR and remediation rates.
• Network, web, and endpoint protections: design and manage firewalls, WAFs, cloud network controls, URL/web filtering, with demonstrable operational experience.
• Secure automation and tooling: author automation for detection, alert enrichment, and remediation; build or extend security tooling using scripting or languages such as Python, Go, or Bash.
• Infrastructure as code and secure CI pipelines: implement guardrails and policy-as-code in CI/CD pipelines, perform static IaC scanning, and enforce security baselines before deployment.
• Detection, telemetry, and observability: define logging and telemetry requirements, ensure coverage for critical assets, and validate detection efficacy and alert fidelity.
• Security standards, playbooks, and enforcement: develop, document, and operationalize organization-wide security standards, runbooks, and playbooks; partner with engineering pillars to ensure adoption.
• Threat-informed defensive engineering: apply threat modeling and adversary-focused testing to guide controls, detection, and resilient designs.
• Cross-functional and external communication: communicate clearly with engineering teams, leadership, external researchers, and customers; lead vulnerability disclosure and researcher engagement.
• Mentorship and prioritization: mentor junior engineers, prioritize security projects based on risk and business impact, and drive continuous improvement of infrastructure security posture.
• Familiarity with frameworks and common weaknesses: working knowledge of CIS/NIST, common security libraries and controls, and typical flaws exploited in infrastructure and web applications.

Skills and qualifications:

• AWS Certified Security 
• Google Professional Cloud Security Engineer
• Splunk Certified Admin or Splunk Certified Enterprise Security Admin
• CISSP (Certified Information Systems Security Professional)
• Certified Cloud Security Professional (CCSP)
• Cloud Security Alliance CCSK