As the first Security Operations (SecOps) Engineer in the organization, you will play a pivotal role in building and leading the companys security operations from the ground up. Your primary responsibility will be to design, implement, and manage a comprehensive security operations framework that ensures the protection of the Kontakt.io systems, infrastructure, and data. This is a high-impact position, requiring hands-on technical expertise, strategic thinking, and the ability to collaborate across multiple departments to establish a security-first culture. You will act as the primary security leader in Kontakt.io, working closely with engineering teams to identify security risks, mitigate threats, and create long-term strategies to protect the organization from cyber threats.
responsibilities :
Conduct a comprehensive risk assessment to identify vulnerabilities, gaps, and key security challenges in the current infrastructure.
Create a multi-phase security roadmap, with short-term and long-term goals to improve the security posture of the company.
Design and implement security strategies for cloud environments to protect against sophisticated threats. Architect and implement security solutions that safeguard the company’s network, data, and cloud AWS infrastructure.
Design and implement security operations framework, including incident response, threat detection, and vulnerability management processes.
Establish monitoring and logging solutions for real-time detection of security events using SIEM tools.
Establish a DevSecOps culture by integrating security into the software development lifecycle and drive the adoption of secure coding practices and participate in DevSecOps initiatives, integrating security into CI/CD pipelines.
Collaborate with engineering, DevOps, and IT teams to ensure secure design, implementation, and operations of systems and applications.
Lead the investigation, containment, and remediation of the security incidents.
Continuously evaluate the security infrastructure and recommend improvements or new tools as threats evolve.
Perform regular security assessments, penetration tests, and red team exercises to measure and improve defenses.
Developing and conducting training programs for employees on information security and data protection policies.
Raising awareness about threats related to cyberattacks, phishing, social engineering, and other risks.
requirements-expected :
Experience in cybersecurity, with proven experience in security operations and incident response.
Hands-on experience with security tools, including firewalls, SIEM, IDS/IPS, endpoint protection, and cloud security solutions (AWS)
Experience building security policies and frameworks from scratch in fast-paced or startup environments.
Deep expertise in cybersecurity principles, threat hunting, and incident response.
Advanced knowledge of networking, encryption, and authentication protocols.
Excellent communication and interpersonal skills, capable of working with both technical and non-technical teams to drive security initiatives.
Strong strategic thinking skills to anticipate threats and design proactive solutions.
offered :
B2B contract or an employment contract.
Competitive salary and stock option plan.
Work with cutting-edge technologies.
100% remote or hybrid work (office in Krakow).
Linux or macOS laptop, depending on your preference.