Expectations
Infrastructure & Cloud Security
- Development and enhancement of security controls for cloud and infrastructure
- Management of network security: WAF, DDoS protection, firewall, mTLS
- Reduction of the attack surface at the infrastructure and service levels
Product & API Security
- Analysis and enhancement of API security and service interactions
- Conducting black-box testing and identifying vulnerabilities at the product level
- Participation in securing backend architecture and service communication
- Working with vulnerabilities and prioritizing them from a business risk perspective
Offensive Security & Testing
- Conducting and coordinating vulnerability assessments and pentests
- Working with bug bounty programs and responsible disclosure
- Identifying weak points through offensive security practices
- Testing system resilience against various types of attacks
- Experience in roles such as Security Engineer / Infrastructure Security / Platform Security
- Strong hands-on experience in cloud / infrastructure security
- Practical experience with Kubernetes security
- Deep understanding of network security (WAF, DDoS, firewall, mTLS)
- Experience with Linux hardening and understanding of attack surface
- Experience with GCP and/or AWS IAM (least privilege, service accounts, audit logs)
- Automation skills (Python / Bash / Go or any other language)
- Experience with Terraform (infrastructure / security as code)
- Experience conducting vulnerability assessments / pentests
- Ability to view systems from an attacker’s perspective and translate this into engineering solutions
- Independence and maturity in making technical decisions
- Experience in product / application security
- Experience with bug bounty programs
- Experience conducting black-box testing
- Experience in high-load product companies
- Understanding of abuse / anti-cheat / product security aspects in game development
- Experience working with corporate systems and access management (Google Workspace, etc.)
- Broad technical scope: infrastructure, product, internal services
- Opportunity to influence architectural decisions and engineering approaches
- Work at the intersection of offensive and defensive security
- Real impact on product resilience and security
- Strong engineering culture and close collaboration with development teams
Benefits
Our project is actively growing, as well as the team that creates it. We invest in the growth of each specialist and regularly review salaries based on performance. Moreover, we have a promotion system that allows specialists to showcase their talents in more responsible positions.
Hybrid work format in Almaty or Belgrade with flexible working hours and the option to take days off without unnecessary bureaucracy.
We offer sick days without salary loss, assistance in difficult life situations, no bureaucratic nightmares and processes for the sake of processes.
Employment process
You apply for an open role via our careers portal. We carefully review your CV and any additional materials you provide.
If your experience matches our needs, we’ll invite you for an initial conversation with a recruiter. It’s a chance to get to know each other, talk about your motivation and expectations, and share more about the role and company.
You may be asked to take part in one or more technical interviews with the team. In some cases, we might also send you a test assignment to better understand your practical skills.
A closing conversation with a hiring manager or team lead. We’ll discuss the outcomes of the previous stages, cover any remaining questions, and align on expectations.
If everything goes well — we’ll extend a job offer. Once the details are confirmed, we’ll guide you through the onboarding process and welcome you to the team.