Security Engineer (Crypto Project)

We are looking for a skilled Security Engineer to enhance our cybersecurity framework, ensure secure data storage and transmission, and implement security policies and procedures in line with industry regulations, including DORA.

Key Responsibilities:

• Develop, implement, and maintain an Information Security Management System (ISMS).
• Provide strategic oversight to ensure compliance with industry security standards (ISO/IEC 27001, ISO/IEC 22301, NIST, SOC2, GDPR, NIS2/DORA).
• Prepare the company for security certification audits (ISO/IEC 27001, SOC2, NIS2/DORA).
• Integrate and manage next-generation cybersecurity solutions, including EDR, Next-Generation Firewalls, WAF, MDM, vulnerability scanning tools, and anti-malware solutions.
• Strengthen cloud security with a focus on AWS infrastructure.
• Conduct risk assessments and design risk mitigation strategies.
• Oversee business continuity management (ISO/IEC 22301) to ensure operational resilience.
• Manage security incidents and vulnerabilities and coordinate responses.
• Perform internal security audits and proactively identify areas for improvement.
• Establish and maintain data protection best practices, including encryption, backup management, and access control.
• Configure and maintain security monitoring systems, anti-fraud solutions, and email protection tools.
• Develop, refine, and enforce security policies and procedures, ensuring compliance with evolving regulations.
• Analyze security investments by evaluating cost-effectiveness and operational impact (licensing, firewall solutions, antivirus, and more).
• Maintain secure communication channels within the organization and with external clients.

Requirements:

• Strong understanding of cybersecurity principles, data protection, and risk management.
• Hands-on experience with security monitoring tools, anti-fraud mechanisms, and intrusion detection systems.
• Ability to create and maintain clear, structured technical documentation, making security policies understandable for both technical and non-technical stakeholders.
• Familiarity with global security frameworks, including DORA, ISO, GDPR, and NIST, and the ability to translate regulations into actionable policies.
• Experience with incident response, vulnerability management, and penetration testing coordination.

We offer:

• Remote work;
• Flexible schedule and ability to manage your working hours;
• Competitive salary;
• Working in a team of skilled and experienced specialists;
• Professional development opportunities.
• Regular practice and training in English, including complimentary English classes.