Job VC
Security Lead
Technologies
Description
Would you be open to leading the Platform & Cloud Security direction in a top-tier iGaming product? We’re looking for a Security Lead to work on a high-load system. You’ll collaborate closely with the CTO, have full ownership of decisions, remote, and top-of-the-market terms.
This role combines technical expertise, investigative focus, and process leadership – ensuring that our systems, data, and people remain secure, compliant, and resilient.
Main Responsibilities
Information Security & Compliance
– Maintain and continuously improve the
ISO/IEC 27001:2022
Information Security Management System (ISMS)
– Foster a strong
Security-First mindset
across the organization
– Work closely with the CTO, Head of IT, and DevOps to enhance internal security controls
– Conduct internal audits, risk assessments, and coordinate certification renewals
– Update security policies and controls in line with
ISO 27001
,
GDPR
, and relevant international frameworks (e.g.,
NIST CSF
and
NIS2
principles where applicable)
– Manage integrations and alerting within
Datadog SIEM
,
CrowdStrike
,
Cloudflare
, and
Google Workspace
– Support DLP implementation and maintain central tracking of security events
– Document risks, incidents, and corrective actions to ensure continuous compliance
Incident Response & Investigation
– Lead investigations into security incidents such as phishing, data leakage, or unauthorized access
– Collect and analyze digital evidence across systems (CrowdStrike, Cloudflare, Google, Slack)
– Maintain and enhance
incident response playbooks
and escalation workflows
– Collaborate with HR, Legal, and IT teams during internal investigations
– Produce post-incident reports and recommend remediation measures
Endpoint & Access Security
– Manage
MDM systems
(Zoho MDM, Endpoint Central) and ensure full compliance for macOS endpoints
– Maintain
CrowdStrike Falcon
configurations and endpoint posture enforcement
– Oversee
SSO, MFA, and 2FA
enforcement across services (
Google SSO, DUO Mobile, 1Password
)
– Implement
Just-in-Time (JIT)
privilege elevation and regular admin access reviews
– Perform
Quarterly RAS Access Management Reviews
– Maintain a consistent audit trail for access management throughout the year
Mandatory Requirements
– 3+ years of experience in information security, IT audit, or digital investigations
– Solid understanding of
ISO 27001
,
GDPR
, and modern security frameworks (NIST CSF / NIS2)
– Hands-on experience with
SIEM / EDR systems
– Proven ability to manage
SSO, MFA, DLP
, and
MDM
environments
– Strong communication skills in English (B2 or higher)
– Analytical mindset, integrity, and attention to detail
Nice to Have
– Certifications:
CISSP
,
CISM
,
CEH
,
ISO 27001 Lead Auditor
,
AWS Security Specialty
– Experience with
Zero Trust
,
PAM
,
DLP/CASB
, or
SOAR
platforms
– Forensics experience
– Experience in designing awareness programs or running phishing simulations
We offer
Competitive Salary:
We offer a competitive salary in EUR, subject to annual performance reviews
Quarterly Bonuses:
Benefit from a transparent and systematic quarterly bonus system
Flexible Schedule:
We offer a flexible work schedule to accommodate your needs
Remote Work Option:
Choose to work remotely, providing greater flexibility and comfort
Medical Insurance:
Receive comprehensive medical insurance for both you and a significant other
Financial Support for Life Events:
We provide financial support during special life events
Unlimited Paid Vacation:
Enjoy unlimited paid vacation leave
Unlimited Paid Sick Leave:
Take unlimited paid sick leave whenever necessary
Professional Development:
Get reimbursement for professional development courses and training
Recruitment Process
– HR interview
– Technical interview
– Final interview
This role combines technical expertise, investigative focus, and process leadership – ensuring that our systems, data, and people remain secure, compliant, and resilient.
Main Responsibilities
Information Security & Compliance
– Maintain and continuously improve the
ISO/IEC 27001:2022
Information Security Management System (ISMS)
– Foster a strong
Security-First mindset
across the organization
– Work closely with the CTO, Head of IT, and DevOps to enhance internal security controls
– Conduct internal audits, risk assessments, and coordinate certification renewals
– Update security policies and controls in line with
ISO 27001
,
GDPR
, and relevant international frameworks (e.g.,
NIST CSF
and
NIS2
principles where applicable)
– Manage integrations and alerting within
Datadog SIEM
,
CrowdStrike
,
Cloudflare
, and
Google Workspace
– Support DLP implementation and maintain central tracking of security events
– Document risks, incidents, and corrective actions to ensure continuous compliance
Incident Response & Investigation
– Lead investigations into security incidents such as phishing, data leakage, or unauthorized access
– Collect and analyze digital evidence across systems (CrowdStrike, Cloudflare, Google, Slack)
– Maintain and enhance
incident response playbooks
and escalation workflows
– Collaborate with HR, Legal, and IT teams during internal investigations
– Produce post-incident reports and recommend remediation measures
Endpoint & Access Security
– Manage
MDM systems
(Zoho MDM, Endpoint Central) and ensure full compliance for macOS endpoints
– Maintain
CrowdStrike Falcon
configurations and endpoint posture enforcement
– Oversee
SSO, MFA, and 2FA
enforcement across services (
Google SSO, DUO Mobile, 1Password
)
– Implement
Just-in-Time (JIT)
privilege elevation and regular admin access reviews
– Perform
Quarterly RAS Access Management Reviews
– Maintain a consistent audit trail for access management throughout the year
Mandatory Requirements
– 3+ years of experience in information security, IT audit, or digital investigations
– Solid understanding of
ISO 27001
,
GDPR
, and modern security frameworks (NIST CSF / NIS2)
– Hands-on experience with
SIEM / EDR systems
– Proven ability to manage
SSO, MFA, DLP
, and
MDM
environments
– Strong communication skills in English (B2 or higher)
– Analytical mindset, integrity, and attention to detail
Nice to Have
– Certifications:
CISSP
,
CISM
,
CEH
,
ISO 27001 Lead Auditor
,
AWS Security Specialty
– Experience with
Zero Trust
,
PAM
,
DLP/CASB
, or
SOAR
platforms
– Forensics experience
– Experience in designing awareness programs or running phishing simulations
We offer
Competitive Salary:
We offer a competitive salary in EUR, subject to annual performance reviews
Quarterly Bonuses:
Benefit from a transparent and systematic quarterly bonus system
Flexible Schedule:
We offer a flexible work schedule to accommodate your needs
Remote Work Option:
Choose to work remotely, providing greater flexibility and comfort
Medical Insurance:
Receive comprehensive medical insurance for both you and a significant other
Financial Support for Life Events:
We provide financial support during special life events
Unlimited Paid Vacation:
Enjoy unlimited paid vacation leave
Unlimited Paid Sick Leave:
Take unlimited paid sick leave whenever necessary
Professional Development:
Get reimbursement for professional development courses and training
Recruitment Process
– HR interview
– Technical interview
– Final interview