Senior Infrastructure Security Engineer

You'll be responsible for auditing and hardening cloud and bare-metal systems, securing CI/CD pipelines, and designing robust security controls for our Kubernetes-based environments. This role requires deep technical expertise in cloud security (AWS), infrastructure as code, and vulnerability management, as well as the ability to collaborate on architectural decisions and drive security improvements across infrastructure layers.

Responsibilities:

• Perform regular security audits across cloud, bare-metal, CI/CD, auth systems, and logging infrastructure.
• Support external security audits and penetration tests; manage remediation of findings and misconfigurations.
• Contribute to architectural design of infrastructure services, providing security expertise throughout the lifecycle.
• Build and maintain vulnerability scanning processes using commercial and open-source tools; support remediation efforts.
• Maintain and evolve the internal security infrastructure using AWS, Kubernetes, and modern DevOps practices.

• 3+ years of hands-on experience in infrastructure security, including vulnerability management across cloud and on-prem environments.
• Proficiency with cloud platforms (especially AWS) and Kubernetes, including applying security best practices and managing secure infrastructure.
• Strong knowledge of IaC tools (Terraform, Terragrunt, Ansible) and CI/CD pipeline security, using tools like GitHub Actions or GitLab CI.
• Automation skills using scripting languages such as Python or Bash, with experience building tools and scripts to improve security operations.
• Familiarity with security compliance and monitoring, including secret management (e.g., Vault), SIEM tools, and standards like ISO 27001 or PCI DSS.

• Stable salary, official employment.
• Health insurance.
• Hybrid work mode and flexible schedule.
• Relocation package offered for candidates from other regions.
• Access to professional counseling services including psychological, financial, and legal support.
• Discount club membership.
• Diverse internal training programs.
• Partially or fully paid additional training courses.
• All necessary work equipment.