Cloud Security Specialist

Monitor and secure cloud environments, primarily on Azure and Google Cloud Platform (GCP), leveraging their built-in security tools and mechanisms and implement custom tools and controls for self-hosted components based on IaaS.
Implement and manage security measures for containerized platforms using Kubernetes and Docker, focusing on microservices-based architectures.
Design, implement, and maintain DevSecOps solutions in CI/CD pipelines, integrating tools for: code security analysis; vulnerability management and software composition analysis (SCA); security testing for applications and infrastructure.
Collaborate with DevOps and development teams to embed “security by design” principles throughout the product development lifecycle.
Conduct security audits, including regular penetration tests and vulnerability scans, for both applications and infrastructure.
Analyze security incidents, perform root cause investigations, and implement remediation strategies.
Develop, implement, and maintain security policies and standards based on best practices (e.g., ISO 27001, NIST CSF, CIS Benchmarks).
Provide education and training for teams on application and infrastructure security.

At least 3 years of experience in IT security, with a focus on cloud-native environments.
In-depth knowledge of Kubernetes security (e.g., RBAC, network policies, pod security standards) and hands-on experience managing microservices architectures.
Proven experience implementing DevSecOps solutions, including: securing CI/CD pipelines (e.g., GitLab CI/CD, ArgoCD); using tools for code security and vulnerability scanning; automating security processes for application risk management.
Proven experience implementing DevSecOps solutions, including: strong expertise in Azure and Google Cloud Platform (GCP) security features and tools (e.g., Azure Security Center, Google Cloud Security Command Center).
Strong understanding of security threats and attack techniques relevant to containerized and cloud-native environments.
Proficiency with scripting languages (e.g., Python, Bash) to automate security processes.
Familiarity with monitoring and logging tools (e.g., Elastic Stack, Prometheus, Grafana).
Knowledge of security frameworks and best practices (e.g., OWASP SAMM, NIST CSF) and compliance regulations (e.g., GDPR).
Preferred certifications: CKS (Certified Kubernetes Security Specialist), CISSP, Azure/GCP Security Specialty, CEH, or similar.
Fluency in Polish (C2) and English (C1).

Chance to grow in both engineering and inter-personal aspects.
Have a significant impact on our IT support area and the opportunity to implement improvements.
Being a member of a team of people that focuses on relationships and a good atmosphere.
A chance to take part in building strategic and ambitious Big Data-related products used by international top clients from various fields.
An opportunity to work in a fast-growing company in the field of AI and marketing automation.
Possibility to have a real impact on promoting and raising awareness of Synerise solutions among potential customers, business partners, and the industry community.
Freedom to act.
Flat structure with ample ownership opportunities.

Hexjobs Insights