TL;DR

Lead Security Engineer (Cybersecurity): Architecting the trust layer and security infrastructure for a high-growth Series A platform with an accent on identity management, cloud hardening, and AI-driven model protection. Focus on establishing robust SOC 2 and ISO 27001 compliance, securing complex AWS environments, and implementing a developer-friendly secure SDLC.

Location: Must be based in Bulgaria, Ukraine, Romania, Poland, Lithuania, Estonia, Georgia, or Palestine.

Company

Remofirst is a fast-growing Series A company that simplifies global payroll and HR for companies in 185 countries.

What you will do

  • Architect and secure customer-facing identity systems using Auth0 and internal authentication via Okta.
  • Enforce least-privilege security across the AWS infrastructure and manage complex IAM policies.
  • Perform offensive security tasks including internal pentesting and vulnerability scanning of Python and Java services.
  • Collaborate with developers to implement secure SDLC practices, thread modeling, and database security.
  • Define guardrails and data privacy protocols for AI and LLM initiatives.
  • Lead and automate end-to-end SOC 2 Type II and ISO 27001 certification and audit processes.

Requirements

  • 5+ years of experience in security engineering.
  • Experience with AWS infrastructure, including IAM, EKS, and S3.
  • Proficiency in identity management protocols like SAML, OIDC, and tools like Auth0 or Okta.
  • Deep familiarity with compliance frameworks like SOC 2 and ISO 27001.
  • Ability to translate complex regulatory requirements into actionable technical tasks for engineering teams.
  • Must reside in one of the specified countries: Bulgaria, Ukraine, Romania, Poland, Lithuania, Estonia, Georgia, or Palestine.

Nice to have

  • Deep understanding of the OWASP Top 10 for LLMs.
  • Hands-on experience with Python/Django and Java/Spring Boot security configurations.
  • Experience managing Kafka/RabbitMQ security streams.

Culture & Benefits

  • Opportunity to build the security function from the ground up as the first dedicated hire.
  • Culture focused on pragmatic security that enables business speed rather than just compliance.
  • Exposure to complex global payroll data challenges at scale.
  • Full remote working arrangement.