Security

PIN-UP Global is an international holding specializing in the development and implementation of advanced technologies, B2B solutions and innovative products for the iGaming industry. We provide certification and licensing of our products, providing customers and partners of the holding with high-quality and reliable solutions.

Requirements:

2+ years in cybersecurity or software development.
Experience with SAST/DAST/IAST tools (e.g., Semgrep, Snyk, Burp, OwaspZap).
Knowledge of secure development practices (OWASP Top 10, CWE/SANS Top 25).
Experience implementing Quality Gate in CI/CD.
Understanding of web applications and API architecture (web-GRPC, REST, Ajax).
Knowledge of security standards: ISO 27001, SOC 2, NIST, PCI-DSS.
Basic understanding of containers (Docker, Kubernetes).
Programming Languages: Python, Go, JavaScript, Bash for code review and scripting.

Certifications (optional): eWPT, OSWE, CEH, GWEB.

Soft skills:

Strong communication skills collaborating with developers, DevOps, and security teams.
Critical thinking analyzing and prioritizing risks.
Attention to detail when reviewing code.
Proactive approach suggesting process improvements.
Willingness to learn quickly adapting to new tools and challenges.
Ability to manage multiple tasks simultaneously.
Willingness to learn quickly adapting to new tools and challenges.
Ability to manage multiple tasks simultaneously.

Responsibilities:

Application Security Analysis:

• Implement and maintain SAST/DAST tools.

• Conduct threat modeling for new features.

• Perform source code analysis for vulnerabilities.

• Ensure secure API implementations.

DevSecOps Processes:

• Set up security gates in GitLab CI/CD.

• Scan dependencies (Grype, Trivy).

• Validate Helm charts for security issues.

Vulnerability Management:

• Track vulnerabilities using DefectDojo.

• Prioritize and assign remediation tasks.

• Monitor vulnerability resolution.

Training and Documentation:

• Conduct secure coding workshops.

• Develop guidelines and checklists.

Our Stack:

SAST: e.g., Semgrep, Gitleaks, Checkov.
SCA: e.g., Grype, Trivy, Snyk.
CI/CD: GitLab CI.
Containers: Docker, basic Kubernetes knowledge.
API: e.g., Postman
Vulnerability Management: DefectDojo, Jira.
Languages: Python, Bash, Go, JavaScript

Benefits:

☘️An exciting and challenging job in a fast-growing holding, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and more

🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed

📍Beautiful offices in Warsaw, Limassol, Kyiv, Almaty, Yerevan — work remotely or on-site with comfort and enjoy the opportunity to build a network of connections with professionals day by day

🧑🏻‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided

🏖Paid vacations, sick leave, personal events days, days off

👨🏻‍⚕️Corporate healthcare program for your well-being

💵Referral program — enjoy cooperation with your colleagues and get the bonus

📚Educational support by our L&D team: internal and external trainings and conferences, courses on Udemy

🗣Free internal English courses

🤸‍♀Sport benefit

🦄Multiple internal activities: online platform with newsletters, quests, gamification, and presents for collecting bonuses, PIN-UP talks club for movie and book lovers, board games cozy evenings, special office days dedicated to holidays, etc

🎳Company events, team buildings