🛠 Tech Stack

💼 About This Role

You'll build and integrate security practices into SDLC, CI/CD, and infrastructure for a platform with 30+ AI-first products and 100M+ users. Your core impact is protecting the SDLC, automating application security, and creating anti-phishing programs. You'll be the first security hire with potential to grow into Head of Security.

🎯 What You'll Do

• Implement Secure SDLC practices across development processes.
• Integrate SAST/DAST/SCA scanners into CI/CD pipelines.
• Identify, analyze, and track remediation of application vulnerabilities.
• Automate phishing defense and security controls.
• Conduct security training and raise team awareness.

📋 Requirements

• 2+ years in Security/DevSecOps/AppSec
• Experience implementing Secure SDLC or DevSecOps practices
• Hands-on experience with SAST/DAST/SCA or container scanning
• Integration of security checks into CI/CD (GitHub Actions, GitLab CI, Jenkins)

✨ Nice to Have

• Experience building AppSec/DevSecOps from scratch
• Threat modeling or security architecture review
• AWS/GCP/Azure and Kubernetes/container security

🎁 Benefits & Perks

• 🌍 Fully remote with office access in Kyiv or Warsaw
• 📚 Annual budget for conferences and education (50% covered)
• 🏖️ 40 paid days off including sick leave
• 💰 Flexible benefits (medical, therapy, sports, dental up to 50%)
• 🧘 Online yoga twice a week

📨 Hiring Process

Intro with recruiter, technical interview, interview with CTO, final interview.