InfoSec Engineer

Summary

Join LoopMe, a leading outcomes-based platform revolutionizing digital advertising, as an experienced InfoSec Mid-Level Specialist. Enhance our security posture and safeguard our systems and data. Leverage your expertise in information security, cloud environments (GCP), and modern data processing technologies (Kubernetes, PostgreSQL, ClickHouse, Envoy, Kafka). You will develop and implement security policies, perform risk assessments, and respond to security incidents. Ensure compliance with security standards and provide cybersecurity awareness training. Contribute to secure architecture and participate in security budget discussions. This role requires hands-on experience in InfoSec/DevSecOps and a strong understanding of security principles and tools.

Requirements

• Experience in information security or related fields (both formal education and practical hands-on experience are considered)
• 2+ years of hands-on experience in InfoSec/DevSecOps roles, preferably in a cloud environment (GCP, AWS, Azure)
• Strong understanding of network protocols (TCP/IP, DNS, HTTP/S, VPN)
• Hands-on experience securing infrastructure based on GCP, Kubernetes, ClickHouse, Kafka, PostgreSQL
• Familiarity with SIEM systems, vulnerability management tools, IAM/SSO/MFA solutions (e.g., Okta, Azure AD)
• Incident response and forensics experience (IR, investigations)
• Solid understanding of security standards and frameworks: ISO/IEC 27001, NIST, OWASP, DevSecOps principles
• Strong understanding of security principles, protocols, and standards (e.g., encryption, authentication, access control)
• Experience with security tools and technologies for monitoring and incident response
• Proficiency in securing Kubernetes, PostgreSQL, ClickHouse, Envoy, Kafka, and related technologies
• Experience with security tooling in cloud platforms (GCP, AWS, Azure)
• Scripting skills in Bash, Python, or PowerShell for automation

Responsibilities

• Develop and implement information security policies and protection procedures
• Perform risk assessments, security audits, and threat analysis
• Monitor and respond to security incidents and conduct investigations
• Implement and maintain security tools such as SIEM, DLP, WAF and others
• Integrate DevSecOps practices into development workflows (Secure SDLC, code reviews)
• Ensure compliance with security standards (ISO/IEC 27001, NIST, OWASP, CIS Controls)
• Provide cybersecurity awareness training to employees
• Support secure architecture for platforms including GCP, Kubernetes, ClickHouse, Kafka, PostgreSQL, and Envoy
• Conducting proof-of-concept for new security integrations and actively participating in security budget discussions with product stakeholders and upper management

Preferred Qualifications

• Relevant certifications (e.g., CISSP, CISM, CompTIA Security+, GCP Security Engineer) are a plus
• Excellent communication skills and ability to collaborate effectively with technical and non-technical stakeholders

Benefits

• Competitive compensation package
• Flexible working schedule and the hybrid type of work
• Annual performance bonus
• One month of workation (you can work from any part of the world for one month)