We’re a compact but powerful security team supporting every corner of the
company — from infrastructure and engineering to compliance and daily
operations. Our goal is to help developers build secure software, respond to
incidents, manage vulnerabilities, and monitor security signals — all while
keeping things practical and collaborative.
This isn’t a Red Team role, though there will be moments where you’ll step into
that mindset. You’ll be working alongside Mateusz, our SecOps Engineer, stepping
in as our next “Swiss Army knife” — someone hands-on and comfortable working
across different layers of security. Since we’re a SaaS product company, the
day-to-day varies: one day might involve validating a vulnerability report, and
the next could have you triaging alerts from various systems or helping someone
work through MDM issues.
YOU WILL BE RESPONSIBLE FOR:
* Support and enhance security operations — log analysis, IDS monitoring (e.g.
Falco), lightweight forensics, and incident response.
* Develop and maintain internal security tools with a focus on automation.
* Review and triage vulnerabilities — validate, assist with remediation, and
support developers.
* Provide security assistance for internal platforms (e.g. Kandji, Github) and
development teams.
* Contribute to documentation and compliance efforts (e.g. Vanta), including
client questionnaires.
* Help embed security into the SDLC and development workflows.
,
OUR IDEAL CANDIDATE HAS:
* A bachelor’s degree in computer science, information technology, or a related
field.
* 4–6 years of experience in information security.
* The ability to write code in Python, Go, or JavaScript.
* Hands-on experience with Linux and macOS.
* Hands-on experience with security tools: IDS/IPS, Vulnerability Scanners.
* Familiarity with GCP infrastructure and tools like CI/CD pipelines, Vanta,
Kandji, and Falco.
* An understanding of advanced web application concepts to help our developers
address the security challenges they face on their road to
perfection. Knowledge of cloud security concerns.
* The ability to evaluate and understand vulnerabilities — both from scanners
and manual research.
* Skills in the field of Async communication, negotiating, and persuasion.
* Interest or hands-on experience in Purple Team areas.
* Very good knowledge of written and spoken English.
,
NICE TO HAVE:
* Some compliance experience or willingness to learn.
* Exposure to container security (Docker, GKE, Harbor).
* An understanding of current legislation related to data privacy would be a
plus.
* Understanding of risk management and the ability to explain it to
non-security folks.
,
WHY YOU’LL LOVE WORKING WITH US:
* Tangible impact: Your work will directly influence the security of a growing
SaaS business — what you do here truly matters.
* Close-knit collaboration: Partner with engineering, infrastructure, and
compliance teams in a hands-on, down-to-earth way.
* Agile and adaptive: We move quickly, work asynchronously, and prioritize
practical solutions over rigid processes.
* Room to grow: You’ll take ownership of your work, explore areas of interest,
and bring your own ideas to life.
* Purpose-driven: Help safeguard systems that support real people, in a company
that takes security seriously.
You don’t need to have all the answers — but you should be ready to learn, take
initiative, and thrive in a fast-moving, practical environment.
No on-call duties, no 24/7 SOC shifts. Just meaningful challenges, a
collaborative team, and real impact.
Curious what we’re up to these days? Well, it’s top secret 😉. But if you’re
interested, there’s one condition — you’ll have to join us first.
