PANDADOC POLAND SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ
16. 3. 2025
Informacje o stanowisku
technologies-expected :
AWS
Microsoft Azure
Google Cloud Platform
about-project :
We are looking for people that believe in the PandaDoc culture and are ready to develop secure, reliable, and scalable product solutions within our fast-growing business.
Are you adaptable, driven, and friendly? Do you thrive in a fast-paced work environment where collaboration is the norm? If the answer is yes, then you’re a Panda and we want you to join our team.
PandaDoc is looking for talented Security Engineers focused on Security Operations activities to join the Security team. SecOps engineers focused on enabling Product teams in streamlining incident management and vulnerability management processes.
As a cloud security engineer at PandaDoc, you will focus on securing our AWS infrastructure using AWS-native and third-party security tools. You will work closely with various engineering teams to identify cloud infrastructure vulnerabilities and implement new security controls to safeguard our environment.
Our stack:
Service-oriented architecture
Two main stacks: Java and Python
Message queues: NATS, Kafka, and RabbitMQ
Amazon Web Services: EKS, RDS, ElastiCache, etc.
Combination of AWS native and 3rd party security tools for infrastructure and application security
responsibilities :
Monitor and test information systems to identify vulnerabilities
Execute or manage remediation of identified vulnerabilities
Respond to security incidents and perform root cause analysis
Assess and understand PandaDoc’s current security framework and future architecture, providing recommendations for risk reduction
Design, implement, maintain, and evangelize automated security solutions
Work closely with DevOps and SRE teams to implement new security controls
Analyze and monitor relevant security threats and prevention measures based on industry trends and standards
Perform cloud services hardening, including reviewing roles and permissions for services and APIs
requirements-expected :
2+ years of cloud security experience implementing security controls and best practices in AWS, GCP, or Microsoft Azure
2+ years of experience with security management tools, including IDS/IPS, WAF, SIEM, vulnerability scanning, and penetration testing
Good understanding of Access Control and Identity Access Management principles (SAML 2.0, OAuth, JWT, etc)
Experience with implementing DevSecOps practices in SSDLC
Solid interpersonal, written, and verbal communication skills
Upper-Intermediate English level (B2+)
offered :
An honest, open culture that emphasizes feedback and promotes professional and personal development
An opportunity to work from anywhere — our team is distributed worldwide, from Minsk to Manila, from Florida to California
An annual personal budget for educational classes, conferences, etc. — anything to further your professional knowledge