B2B

Security

remote

UPSTARS is a product IT company where both people and brands take off. Our main focus is technological solutions and B2B services for international clients. We launch star-level iGaming projects that gain recognition and top scores in industry rankings ✨

And yes, supporting a legal and transparent Ukrainian market is a must-have — we were the third company in the country to obtain a B2B license to provide gambling-related services.

In 2025, we are actively scaling both our projects and our dream team. That’s why we’re looking for a Senior Business Development Manager to strengthen our Affiliate Business Development team.

✅ Your future responsibilities:

conduct comprehensive security audits of infrastructure, services, and processes to identify vulnerabilities and misconfigurations;

manage the end-to-end vulnerability management lifecycle across packages, container images, infrastructure-as-code, and configurations;

implement and maintain automated security scanning and monitoring tools (SAST, DAST, SCA, container scanners, etc.);

configure and enhance security for EKS clusters, RBAC policies, network segmentation, and secret management;

design and maintain a secure CI/CD pipeline, integrating security tools and practices into the software delivery lifecycle;
collaborate closely with development and infrastructure teams to provide security guidance, enforce security standards, and deliver security awareness training.
respond to and remediate security incidents, creating and improving incident response processes.
ensure compliance of services with PCI DSS requirements and potentially other regulatory standards.

develop, maintain, and document security best practices for engineering teams.

💪 Your skills:

experience in DevSecOps, Cloud Security, or Security Engineering;
strong knowledge of AWS, Kubernetes, and infrastructure security;
hands-on experience with EKS, RBAC configuration, IAM, OIDC, DEX, and Kubernetes network security;
knowledge and practical use of open-source vulnerability scanning tools (Trivy, Grype, Cosign, etc.);
experience with CI/CD (GitLab CI, GitHub Actions, ArgoCD, etc.) and integrating them with security tools;
experience in configuring and analyzing logging and security monitoring (AWS GuardDuty, SecurityHub, CloudTrail, SIEM systems, etc.);
ability to not only define tasks but also solve them independently; proactive mindset.

willingness to collaborate with developers, explain, and assist in implementing security best practices.

🤞 Nice to have, but not critical:

experience working with infrastructure as code (Terraform, Helm, Kubernetes);
experience in designing and implementing Zero Trust architecture;
security certifications such as OSCP, CKS, AWS Certified Security, etc.;

experience in passing PCI DSS certification audits.

🌟 What we offer:

we confidently take on star-marked tasks — they unlock potential;
we speak directly and clearly, even about complex things;
we dislike bureaucracy and outdated methods — we support freedom of action;
we have our own infrastructure to build tech solutions from scratch;
we use cloud storage, Kubernetes and other components of digital maturity;
we automate routine tasks to focus on growth and professional development within the company;
we offer a clear career path with performance reviews, training, mentoring programs, and the opportunity to test new technologies on side projects;
a value-driven team — we work, rest, and do good things together.

🍪 Must-have:

work wherever you feel comfortable and safe — from the office or remotely;
official employment in Ukraine or Poland — we’ll support you with all bureaucracy and help with the paperwork;
20 paid vacation days, public holidays, and sick leave — we care about work-life balance;
medical insurance at top clinics and coverage of psychologist support via the Pleso platform;
Benefit café — monthly budget for your hobbies, sports, or other personal preferences;
events — take part in workshops, teambuildings, and company parties;
learning support for any need — individual course budget, corporate English classes, workshops, and access to an online library.

And one more thing:

❗️We do not have clients who use our products or services on the Ukrainian market.

❗️We do not work with clients from the aggressor country or any other Russian-speaking market.

Are you driven by growth and eager to learn new things? Want to take an active part in the product creation process? Let’s connect! 😉