Cyber Security Engineer

About the role

We are seeking a Cyber Security Engineer to perform end‑to‑end security reviews of our systems, covering code, infrastructure, CI/CD pipelines, AWS services, authentication, authorization, data privacy, and production deployment practices. The role requires deep technical knowledge of our stack and the ability to assess backend, frontend, mobile, AI, and cloud components before and after release.

Key responsibilities

• Conduct secure code reviews for backend, frontend, dashboard, mobile, and AI‑related systems.
• Assess Django/DRF APIs, serializers, permission classes, authentication flows, and admin workflows.
• Audit CI/CD pipelines for insecure steps, exposed secrets, missing security gates, and weak access controls.
• Review AWS infrastructure (S3, CloudFront, IAM, RDS/PostgreSQL, Redis/ElastiCache, ALB, security groups) and environment configurations.
• Evaluate file upload/download flows, signed URLs, and data leakage risks.
• Inspect JWT/session handling, password reset mechanisms, role‑based permissions, and admin‑level actions.
• Check frontend and mobile security, including token storage, XSS risks, API interceptors, and route guards.
• Identify AI‑related risks such as prompt injection, PII leakage, and unsafe prompt construction.
• Perform vulnerability assessments and pre‑release security audits.
• Create security checklists for code review, deployment review, and production readiness, documenting findings with severity, impact, evidence, and remediation steps.

Required profile

• 3+ years of experience in application security, cloud security, or security‑focused software engineering.
• Strong knowledge of OWASP Top 10, authentication, authorization, and session security.
• Hands‑on experience reviewing CI/CD pipelines and AWS security services.
• Proficiency with Python, Django, and Django REST Framework.
• Familiarity with frontend and mobile security risks.
• Experience with Git workflows, pull‑request reviews, and cross‑functional collaboration.

Required skills

• Python
• Django & Django REST Framework
• React, Vite, Tailwind, Axios, Zustand, React Query
• Flutter, BLoC, Dio, GoRouter, Firebase Messaging
• AWS (IAM, S3, CloudFront, RDS/PostgreSQL, ElastiCache, ALB, Security Groups)
• CI/CD pipelines, Git
• OWASP Top 10
• JWT, SimpleJWT
• Celery, Channels, Redis, PostgreSQL
• OpenAI APIs, SMTP

What we offer

• Hybrid work model