InfoSec (DevSecOps) Engineer

LoopMe, the leading outcomes-based platform, closes the loop on digital advertising. By leveraging our patented AI technology to optimize media delivery in real-time, we drive measurable uplift for business outcomes across brand lift, purchase intent, consideration, foot traffic, and sales.

We seek an experienced InfoSec Mid-Level Specialist to enhance our security posture and ensure our systems and data's confidentiality, integrity, and availability. The ideal candidate will have a strong background in information security, familiarity with cloud environments like GCP, and experience securing modern data processing technologies such as Kubernetes, PostgreSQL, ClickHouse, Envoy, and Kafka.

Responsibilities:

Develop and implement information security policies and protection procedures
Perform risk assessments, security audits, and threat analysis
Monitor and respond to security incidents and conduct investigations
Implement and maintain security tools such as SIEM, DLP, WAF and others
Integrate DevSecOps practices into development workflows (Secure SDLC, code reviews)
Ensure compliance with security standards (ISO/IEC 27001, NIST, OWASP, CIS Controls)
Provide cybersecurity awareness training to employees
Support secure architecture for platforms including GCP, Kubernetes, ClickHouse, Kafka, PostgreSQL, and Envoy
Conducting proof-of-concept for new security integrations and actively participating in security budget discussions with product stakeholders and upper management

Requirements:

Education & Experience:

Experience in information security or related fields (both formal education and practical hands-on experience are considered)
2+ years of hands-on experience in InfoSec/DevSecOps roles, preferably in a cloud environment (GCP, AWS, Azure)

Technical Skills:

Strong understanding of network protocols (TCP/IP, DNS, HTTP/S, VPN)
Hands-on experience securing infrastructure based on GCP, Kubernetes, ClickHouse, Kafka, PostgreSQL
Familiarity with SIEM systems, vulnerability management tools, IAM/SSO/MFA solutions (e.g., Okta, Azure AD)
Incident response and forensics experience (IR, investigations). Solid understanding of security standards and frameworks: ISO/IEC 27001, NIST, OWASP, DevSecOps principles
Strong understanding of security principles, protocols, and standards (e.g., encryption, authentication, access control)
Experience with security tools and technologies for monitoring and incident response
Proficiency in securing Kubernetes, PostgreSQL, ClickHouse, Envoy, Kafka, and related technologies

Tools & Technologies:

Experience with security tooling in cloud platforms (GCP, AWS, Azure)
Scripting skills in Bash, Python, or PowerShell for automation

Nice-to-Have Qualifications:

Relevant certifications (e.g., CISSP, CISM, CompTIA Security+, GCP Security Engineer) are a plus
Excellent communication skills and ability to collaborate effectively with technical and non-technical stakeholders

Benefits:

Competitive compensation package
Flexible working schedule and the hybrid type of work
Annual performance bonus
One month of workation (you can work from any part of the world for one month)

InfoSec (DevSecOps) Engineer

Key Skills

Related Jobs

Senior Java Developer - DSP (PurchaseLoop)

Backend Developer - Host Experience (all genders)

DevOps Engineer (all genders)

Related Jobs

Senior Java Developer - DSP (PurchaseLoop)

Backend Developer - Host Experience (all genders)

DevOps Engineer (all genders)

Cookie Settings