Fully remote · CET timezone or close - Full-time · Reports to the CTO

About the role

You'll be our first dedicated information security hire. Right now security is a part-time job for engineering leadership and external vendor; we want it to be your full-time one. The work is hands-on: AWS, infrastructure as code, detection and response, auditors. As the company grows, the role grows into CISO.

We sell to financial institutions, and their security teams question everything we do, so you'll be the person with good answers.

Tasks

What you'll do

• Own security in our AWS environment: IAM and least privilege, network segmentation, encryption, logging and detection (GuardDuty, Security Hub, CloudTrail), fixing what you find.


• Build security into the development pipeline: secrets management, dependency and container scanning, code review for risky changes, threat modeling with...