Ensure secure SDLC practices: threat modeling, SAST/DAST/IAST, code reviews, secret management;
Integrate security into CI/CD pipelines and support DevSecOps implementation;
Design API security and infrastructure controls, including VPN, WAF, DNS proxy, and DDoS protection;
Harden cloud environments (GCP) and Kubernetes clusters with policies, scanning, and access control;
Manage IAM/PAM lifecycles with SSO, MFA, RBAC, OIDC, and LDAP integrations;
Conduct vulnerability assessments, misconfiguration monitoring, and patch coordination;
Monitor security events, analyze logs/threat intel, and improve SIEM/EDR coverage;
Define security policies and procedures, and support internal/external audits;
Perform penetration testing and red teaming on applications and infrastructure;
Implement data protection measures: encryption, DLP, secure key storage, and privacy compliance.

7+ years of professional experience in cybersecurity, with a strong focus on application, infrastructure, and/or cloud security;
Strong knowledge of application security principles and secure development practices (e.g., threat modeling, code review, DevSecOps);
Practical experience with cloud platforms, including identity, networking, and workload security;
Familiarity with Kubernetes security concepts, tools (e.g., OPA, Falco, Kyverno), and best practices;
Experience with authentication/authorization protocols and tools: SAML, OIDC, OAuth2, LDAP, MFA, SSO;
Understanding of common vulnerabilities and experience in vulnerability management and remediation;
Experience with penetration testing methodologies and tools;
Solid understanding of network protocols, firewalls, VPN, WAF, and API security mechanisms;
Hands-on experience with monitoring and detection tools;
Knowledge of security frameworks and standards;
Experience participating in or leading internal/external security audits and risk assessments;
Ability to write clear policies, procedures, and documentation;
English level: B2 or higher;
Experience with privacy regulations.

Care from Day One – medical insurance immediately upon starting work, including dental care, massage and professional psychological support because your well-being matters
Work-Life Balance – 25 days of paid vacation + 30 days of sick leave, so you can recover without unnecessary stress
Investment in your energy – partial reimbursement for any sports activities that empowers you.
Growth – partial coverage for English or Ukrainian language courses + a fixed budget for professional development. Choose what suits you best!
Knowledge Library – books in the office and access to the Kuka online library to learn, grow, and find inspiration.
Modern Office in Larnaca – a stylish space for inspiration: open areas, cozy lounges, and functional meeting rooms – all for your comfort.
Island Relaxation 14 days a year – enjoy a getaway at the corporate villa in Cyprus.

Senior Information Security Engineer