Ciklum is looking for a Senior Security Engineer to join our team full-time in Ukraine.

We are a custom product engineering company that supports both multinational organizations and scaling startups to solve their most complex business challenges. With a global team of over 4,000 highly skilled developers, consultants, analysts and product owners, we engineer technology that redefines industries and shapes the way people live.

About the role:

As a Senior Security Engineer, become a part of a cross-functional development team engineering experiences of tomorrow. We are seeking a highly skilled and motivated Senior Security & Penetration Tester. In this role, you will be responsible for identifying and mitigating security vulnerabilities in a project in a biomedicine area. You will proactively test our applications including infrastructure, ensuring our digital assets are secure against emerging threats. This position requires a deep technical expertise in security assessment with a focus on software architecture analysis and robust data protection strategies.

Responsibilities:

• Advanced Penetration Testing: Plan and execute comprehensive black-box and/or grey box penetration tests against a wide range of targets, including web applications and APIs
• Architectural Security Review: Conduct in-depth security assessments of system and application architecture, from design to deployment. Collaborate with development and solutions architecture teams to embed security into the entire software development lifecycle (SDLC)
• Source Code Analysis: Perform source code reviews to identify complex security vulnerabilities, business logic flaws, and potential weaknesses related to data security
• Data Protection & Compliance: Assess the effectiveness of data protection controls for sensitive intellectual property and patient data
• Threat Modeling: Develop and refine threat models for critical systems, identifying potential attack vectors and designing effective countermeasures
• Reporting & Communication: Prepare and present clear, concise technical reports and non-technical summaries for a variety of audiences, from engineers to executive leadership

Requirements:

• Experience: 5+ years of direct experience in application security, penetration testing, and vulnerability assessment
• Technical Proficiency:
• Expert-level knowledge of web application and API security, including a deep understanding of the OWASP Top 10 and SANS Top 25
• Proficiency with industry-standard penetration testing tools (e.g., Burp Suite Pro, Metasploit, Nmap, Wireshark, etc.)
• Strong proficiency in scripting and programming, with an emphasis on Python for task automation and testing
• Demonstrated experience performing security code reviews
• Solid understanding of network protocols, cryptography, and authentication/authorization mechanisms
• Communication: Good written and verbal communication skills, with the ability to articulate complex technical issues to both technical and non-technical stakeholders

Desirable:

• Industry Experience: Previous experience working within the biopharmaceutical, healthcare, or another highly regulated industry
• Certifications: Possession of relevant professional certifications such as OSCP, OSWE, GWAPT, GPEN, or CISSP is highly desirable
• Regulatory Knowledge: Familiarity with the security requirements of GxP, HIPAA, and GDPR

What`s in it for you?

• Strong community: Work alongside top professionals in a friendly, open-door environment
• Growth focus: Take on large-scale projects with a global impact and expand your expertise
• Tailored learning: Boost your skills with internal events (meetups, conferences, workshops), Udemy access, language courses, and company-paid certifications
• Endless opportunities: Explore diverse domains through internal mobility, finding the best fit to gain hands-on experience with cutting-edge technologies
• Flexibility: Enjoy radical flexibility – work remotely or from an office, your choice
• Care: We’ve got you covered with company-paid medical insurance, mental health support, and financial & legal consultations

About us:

At Ciklum, we are always exploring innovations, empowering each other to achieve more, and engineering solutions that matter. With us, you’ll work with cutting-edge technologies, contribute to impactful projects, and be part of a One Team culture that values collaboration and progress.

As one of Ukraine’s largest IT companies and a top employer recognized by Forbes, we’ve spent over 20 years delivering meaningful tech solutions. We proudly support diverse talent and military veterans, recognizing their unique skills and perspectives they bring to shaping the future.

Want to learn more about us? Follow us on Instagram, Facebook, LinkedIn.

Explore, empower, engineer with Ciklum!

Interested already? We would love to get to know you! Submit your application. We can’t wait to see you at Ciklum.