DevSecOps Specialist in FAVBET Tech

DevSecOps Specialist

Київ, за кордоном, віддалено

FAVBET Tech develops software that is used by millions of players around the world for the international company FAVBET Entertainment.
We develop innovations in the field of gambling and betting through a complex multi-component platform which is capable to withstand enormous loads and provide a unique experience for players.
FAVBET Tech does not organize and conduct gambling on its platform. Its main focus is software development.

• Betting/Gambling Platform Software Development — software development that is easy to use and personalized for each customer.
• Highload Development — development of highly loaded services and systems.
• CRM System Development — development of a number of services to ensure a high level of customer service, effective engagement of new customers and retention of existing ones.
• Big Data — development of complex systems for processing and analysis of big data.
• Cloud Services — we use cloud technologies for scaling and business efficiency.

Responsibilities:

• Conduct regular infrastructure audits with a focus on IAC security;
• Participate in SIEM support using the ELK stack.- Collaborate on infrastructure designs from a security perspective, planning new infrastructure security requirements;
• Conduct DDOS testing and implement protection strategies;
• Monitor security logs and events, and manage SIEM solutions;
• Network and network security management, including OWASP standards;
• Ensure compliance with relevant regulations (fintech, cryptotech) affecting company activities;
• Understand and implement cloud security best practices including microservices security and secrets management;
• Perform source code security reviews for various programming languages;
• Assist in DevSecOps tasks including container security, hardening, third-party analysis, and CI/CD;
• Utilize AWS services, Terraform, and Kubernetes (K8s) with Helm to manage and secure cloud infrastructure.

Requirements:

• Experience with security monitoring tools and practices, including logs, events, and SIEMs;
• Understanding of networking and network security principles;
• Experience with infrastructure as code (IAC) security.
• Would be a plus:
• Security expertise in mobile applications;
• Proven experience with AWS, Terraform, Kubernetes (K8s), and Helm;
• Solid understanding of CI/CD pipelines and associated security practices;
• Up-to-date knowledge of the latest security threats, vulnerabilities, and mitigation strategies;
• Ability to perform thorough source code security reviews;
• Proficiency with the ELK stack for SIEM support;
• Familiarity with current regulations in fintech and cryptotech industries;
• Experience with reverse engineering;
• Familiarity with OWASP standards and guidelines;
• Knowledge of DDOS reflection and prevention techniques;
• In-depth understanding of cloud security, particularly with AWS.

We offer:

• 24 days of paid vacation and 10sick days — we value rest and recreation;
• Medical insurance for employees and the possibility of training employees at the expense of the company and gym membership;
• Remote work or the opportunity — our own modern lofty office with spacious workplace, and brand-new work equipment (near Pochaina metro station);
• Flexible work schedule — we expect a full-time commitment but do not track your working hours;
• Flat hierarchy without micromanagement — our doors are open, and all teammates are approachable.

During the war, the company actively supports the Ministry of Digital Transformation of Ukraine in the initiative to deploy an IT army and has already organized its own cyber warfare unit, which makes a crushing blow to the enemy’s IT infrastructure 24/7, coordinates with other cyber volunteers and plans offensive actions on its IT front line.