Lead DevSecOps Engineer at Playson - European Union

Job Description

About PlaysonFounded in 2012, Playson is a leading iGaming supplier recognized worldwide. We provide our partners with a high-end, microservice-based Platform-as-a-Service capable of processing billions of financial transactions daily. Our global infrastructure is designed for cross-regional performance, with a relentless focus on latency reduction and flawless player experience, regardless of bandwidth or connectivity.We are now building a Platform & Cloud Security function and are looking for the first hire to launch and lead it. This is a rare opportunity to set the standards from scratch and shape how security is embedded into a modern, high-load, cloud-native environment.Key Responsibilities<ul style="min-height:1.5em"><li>Establish the DevSecOps function at Playson, defining best practices and security standards across the Platform Tribe.</li><li>Integrate security into CI/CD pipelines (SAST, DAST, dependency scanning, container scanning).</li><li>Harden infrastructure and runtime environments (Linux, Docker, Kubernetes/EKS, RBAC).</li><li>Design and enforce cloud security controls in AWS (IAM least-privilege, GuardDuty, Security Hub, encryption at rest/in transit).</li><li>Define and maintain IaC security policies (Terraform/Terragrunt, drift detection, policy-as-code).</li><li>Implement and manage secrets management solutions (Vault, AWS Secrets Manager).</li><li>Build centralized security monitoring & alerting (Datadog, ELK, CloudWatch, SIEM/SOAR).</li><li>Lead vulnerability management and threat modeling practices.</li><li>Automate workflows through scripting (Python, Bash).</li><li>Partner with backend, infrastructure, and platform engineers to embed security in design & delivery.</li><li>Contribute to compliance readiness (ISO 27001, GDPR, PCI-DSS).</li><li>Act as a security subject-matter expert, mentoring engineers and raising awareness.</li><li>Continuously evaluate and implement new security tools and approaches.</li></ul>Requirements<ul style="min-height:1.5em"><li>5+ years in Security Engineering / DevSecOps roles, with proven success delivering secure infrastructure and applications.</li><li>Strong skills in Python and Bash for building and automating security workflows.</li><li>Cloud Security (AWS focus) - Deep knowledge of IAM least-privilege design, encryption at rest/in transit, GuardDuty, Security Hub, and best practices for securing multi-account environments.</li><li>Implementation of security controls in pipelines (SAST, DAST, dependency scanning, container image scanning, policy-as-code).</li><li>Hardening of Linux systems, Docker, Kubernetes/EKS; strong experience with RBAC, PodSecurity/OPA/Gatekeeper/Kyverno policies.</li><li>Terraform/Terragrunt, including policy-as-code, drift detection, and compliance enforcement.</li><li>Expertise with HashiCorp Vault, AWS Secrets Manager, or equivalent.</li><li>Hands-on with centralized logging, SIEM/SOAR tools (Datadog Security, ELK, CloudWatch, etc.) and incident response workflows.</li><li>In-depth understanding of secure network design, segmentation, and monitoring.</li><li>Experience with tools enabling temporary, approval-based access (Teleport, AWS IAM Identity Center, Okta, etc.).</li><li>Ability to design and enforce zero trust principles (continuous verification, microsegmentation, contextual access).</li><li> Familiarity with SBOM generation (CycloneDX, Syft), artifact signing (Cosign, Sigstore), and applying SLSA/in-toto frameworks.</li><li>Understanding of ISO 27001, GDPR, PCI-DSS (iGaming relevance), plus experience automating compliance checks with IaC and policy engines.</li></ul>Nice to have:<ul style="min-height:1.5em"><li>Exposure to Kafka or ClickHouse in security-sensitive environments.</li><li>Familiarity with GitOps tooling (FluxCD/ArgoCD).</li><li>Broader knowledge of SOC 2, HIPAA, or other regulatory frameworks.</li></ul>What We Offer<ul style="min-height:1.5em"><li>Compensation at top industry standards + quarterly bonuses based on transparent evaluation.</li><li>Remote-first flexibility and adaptable working hours.</li><li>Unlimited paid vacation & sick leave.</li><li>Comprehensive medical insurance (for you and your partner).</li><li>Financial support for major life events.</li><li>Professional growth budget for courses, training, and certifications.</li></ul>Recruitment Process<ol style="min-height:1.5em"><li>HR Interview – 45 min</li><li>Hiring Manager Interview – 60 min</li><li>Technical Interview – 90 min</li><li>Final Interview with Head of Platform & CTO – 60 min</li></ol>If you're ready to embrace ambitious goals and thrive in a dynamic environment, Apply now and become part of Playson's exciting journey in the iGaming world!

Join Swish Analytics

Work on cutting-edge sports data and analytics. Join a team that's revolutionizing how we understand sports performance with AI and machine learning.

Remote FriendlyCompetitive SalarySports Tech

View Open Roles Learn More

Create a Job Alert

Interested in building your career at Playson? Get future opportunities sent straight to your email.

Create Alert

Apply for this Job

Playson is hiring a