We’re a compact but powerful security team supporting every corner of the company — from infrastructure and engineering to compliance and daily operations. Our goal is to help developers build secure software, respond to incidents, manage vulnerabilities, and monitor security signals — all while keeping things practical and collaborative.

This isn’t a Red Team role, though there will be moments where you’ll step into that mindset. You’ll be working alongside Mateusz, our SecOps Engineer, stepping in as our next “Swiss Army knife” — someone hands-on and comfortable working across different layers of security. Since we’re a SaaS product company, the day-to-day varies: one day might involve validating a vulnerability report, and the next could have you triaging alerts from various systems or helping someone work through MDM issues.

You will be responsible for:

• Support and enhance security operations — log analysis, IDS monitoring (e.g. Falco), lightweight forensics, and incident response.
• Develop and maintain internal security tools with a focus on automation.
• Review and triage vulnerabilities — validate, assist with remediation, and support developers.
• Provide security assistance for internal platforms (e.g. Kandji, Github) and development teams.
• Contribute to documentation and compliance efforts (e.g. Vanta), including client questionnaires.
• Help embed security into the SDLC and development workflows.

Our ideal candidate has:

• A bachelor’s degree in computer science, information technology, or a related field.
• 4–6 years of experience in information security.
• The ability to write code in Python, Go, or JavaScript.
• Hands-on experience with Linux and macOS.
• Hands-on experience with security tools: IDS/IPS, Vulnerability Scanners.
• Familiarity with GCP infrastructure and tools like CI/CD pipelines, Vanta, Kandji, and Falco.
• An understanding of advanced web application concepts to help our developers address the security challenges they face on their road to perfection. Knowledge of cloud security concerns.
• The ability to evaluate and understand vulnerabilities — both from scanners and manual research.
• Skills in the field of Async communication, negotiating, and persuasion.
• Interest or hands-on experience in Purple Team areas.
• Very good knowledge of written and spoken English.

Nice to have:

• Some compliance experience or willingness to learn.
• Exposure to container security (Docker, GKE, Harbor).
• An understanding of current legislation related to data privacy would be a plus.
• Understanding of risk management and the ability to explain it to non-security folks.

Why You’ll Love Working With Us:

• Tangible impact: Your work will directly influence the security of a growing SaaS business — what you do here truly matters.
• Close-knit collaboration: Partner with engineering, infrastructure, and compliance teams in a hands-on, down-to-earth way.
• Agile and adaptive: We move quickly, work asynchronously, and prioritize practical solutions over rigid processes.
• Room to grow: You’ll take ownership of your work, explore areas of interest, and bring your own ideas to life.
• Purpose-driven: Help safeguard systems that support real people, in a company that takes security seriously.

You don’t need to have all the answers — but you should be ready to learn, take initiative, and thrive in a fast-moving, practical environment.

No on-call duties, no 24/7 SOC shifts. Just meaningful challenges, a collaborative team, and real impact.

Curious what we’re up to these days? Well, it’s top secret 😉. But if you’re interested, there’s one condition — you’ll have to join us first.