Security Engineer

Flip is a complex social platform developed at a great scale with service-oriented architecture. We’ve created a code ecosystem with over 130 auto‑scalable microservices behind the API gateway integrated with a unified logging layer and common monitoring. We have more than 130 microservices created in accordance with microservices best practices. Those homogeneous Node.js microservices rely on the Nest framework. Such an approach allows us to build a microservice that is production‑ready in 15 minutes. We use HA/HPA systems which are scalable depending on user traffic. Our go‑to database solutions are MongoDB, Scylla, and SQL.

• Fully remote job
• 20 days of paid holiday
• 400 PLN each month to spend on +750 perks via Worksmile
• Working hours from 8:00 / 9:00 AM CEST to 4:00 / 5:00 PM CEST
• Integration events
• Informal atmosphere
• Non-corporate communication across teams
• An international environment in which English is spoken

• Databases: MongoDB / AWS RDS / ScyllaDB
• Development: RabbitMQ / Kafka
• Microservices based on: K8s
• Monitoring & APM: DataDog
• Logs: ELK Kibana
• CI/CD system: GitLab
• Infrastructure as a Code: Terraform & Ansible
• Our main cloud: AWS

• Commercial experience in a technical role such as Application Security Engineer, Security Engineer
• Experience in configuring and managing security-related systems like Intrusion Detection Systems (IDS), Web Application Firewalls (WAF), Security Information and Event Management (SIEM)
• Experience in hardening cloud systems and infrastructure managed in Amazon Web Service and Kubernetes
• Experience in security practices for mobile applications, and secure communication with a backend system through API
• Experience with planning, researching and developing security policies, standards and procedures

• Manage and resolve security incidents and improvements
• Lead the implementation of security standards & necessary controls to protect our platform
• Work closely with application development, product and software QA Teams to implement software security
• Align security policies with DevOps team

• One of certification: Cloud Security Alliance, CIS, CISSP, CEH, OSCP, CISA, CISM, CIA
• Experience with authentication protocols like OIDC, OAuth, and SAML
• Experience working in a start-up environment
• “Can-do” attitude with readiness for new challenges
• Engagement and aproactive, positive attitude
• Openness to learning and mastering diverse technologies and techniques, along with a desire for continuous learning

Please include: "I hereby give consent for my personal data included in my application to be processed for the purposes of the recruitment process under the Personal Data Protection Act as of 29 August 1997, consolidated text: Journal of Laws 2016, item 922 as amended." in your resume.