Playson company logo

Playson is hiring a

Lead DevSecOps Engineer

Back to Jobs
European Union
Posted 5 days ago
18 views

Job Description

<p style="min-height:1.5em"><strong>About Playson</strong></p><p style="min-height:1.5em">Founded in 2012, <strong>Playson</strong> is a leading iGaming supplier recognized worldwide. We provide our partners with a high-end, microservice-based Platform-as-a-Service capable of processing <strong>billions of financial transactions daily</strong>. Our global infrastructure is designed for cross-regional performance, with a relentless focus on <strong>latency reduction and flawless player experience</strong>, regardless of bandwidth or connectivity.</p><p style="min-height:1.5em">We are now building a <strong>Platform & Cloud Security function</strong> and are looking for the <strong>first hire</strong> to launch and lead it. This is a rare opportunity to <strong>set the standards from scratch</strong> and shape how security is embedded into a modern, high-load, cloud-native environment.</p><p style="min-height:1.5em"><strong>Key Responsibilities</strong></p><ul style="min-height:1.5em"><li><p style="min-height:1.5em">Establish the <strong>DevSecOps function</strong> at Playson, defining best practices and security standards across the Platform Tribe.</p></li><li><p style="min-height:1.5em">Integrate security into CI/CD pipelines (SAST, DAST, dependency scanning, container scanning).</p></li><li><p style="min-height:1.5em">Harden infrastructure and runtime environments (Linux, Docker, Kubernetes/EKS, RBAC).</p></li><li><p style="min-height:1.5em">Design and enforce <strong>cloud security controls</strong> in AWS (IAM least-privilege, GuardDuty, Security Hub, encryption at rest/in transit).</p></li><li><p style="min-height:1.5em">Define and maintain <strong>IaC security policies</strong> (Terraform/Terragrunt, drift detection, policy-as-code).</p></li><li><p style="min-height:1.5em">Implement and manage <strong>secrets management</strong> solutions (Vault, AWS Secrets Manager).</p></li><li><p style="min-height:1.5em">Build centralized <strong>security monitoring & alerting</strong> (Datadog, ELK, CloudWatch, SIEM/SOAR).</p></li><li><p style="min-height:1.5em">Lead vulnerability management and <strong>threat modeling</strong> practices.</p></li><li><p style="min-height:1.5em">Automate workflows through scripting (Python, Bash).</p></li><li><p style="min-height:1.5em">Partner with backend, infrastructure, and platform engineers to embed security in design & delivery.</p></li><li><p style="min-height:1.5em">Contribute to <strong>compliance readiness</strong> (ISO 27001, GDPR, PCI-DSS).</p></li><li><p style="min-height:1.5em">Act as a <strong>security subject-matter expert</strong>, mentoring engineers and raising awareness.</p></li><li><p style="min-height:1.5em">Continuously evaluate and implement <strong>new security tools</strong> and approaches.</p></li></ul><p style="min-height:1.5em"><strong>Requirements</strong></p><ul style="min-height:1.5em"><li><p style="min-height:1.5em"><strong>5+ years in Security Engineering / DevSecOps roles</strong>, with proven success delivering secure infrastructure and applications.</p></li><li><p style="min-height:1.5em">Strong skills in Python and Bash for building and automating security workflows.</p></li><li><p style="min-height:1.5em"><strong>Cloud Security (AWS focus) -</strong> Deep knowledge of IAM least-privilege design, encryption at rest/in transit, GuardDuty, Security Hub, and best practices for securing multi-account environments.</p></li><li><p style="min-height:1.5em">Implementation of security controls in pipelines (SAST, DAST, dependency scanning, container image scanning, policy-as-code).</p></li><li><p style="min-height:1.5em">Hardening of Linux systems, Docker, Kubernetes/EKS; strong experience with RBAC, PodSecurity/OPA/Gatekeeper/Kyverno policies.</p></li><li><p style="min-height:1.5em">Terraform/Terragrunt, including policy-as-code, drift detection, and compliance enforcement.</p></li><li><p style="min-height:1.5em">Expertise with HashiCorp Vault, AWS Secrets Manager, or equivalent.</p></li><li><p style="min-height:1.5em">Hands-on with centralized logging, SIEM/SOAR tools (Datadog Security, ELK, CloudWatch, etc.) and incident response workflows.</p></li><li><p style="min-height:1.5em"><strong>In-depth understanding of secure network design, segmentation, and monitoring.</strong></p></li><li><p style="min-height:1.5em">Experience with tools enabling temporary, approval-based access (Teleport, AWS IAM Identity Center, Okta, etc.).</p></li><li><p style="min-height:1.5em">Ability to design and enforce zero trust principles (continuous verification, microsegmentation, contextual access).</p></li><li><p style="min-height:1.5em"> Familiarity with SBOM generation (CycloneDX, Syft), artifact signing (Cosign, Sigstore), and applying SLSA/in-toto frameworks.</p></li><li><p style="min-height:1.5em">Understanding of ISO 27001, GDPR, PCI-DSS (iGaming relevance), plus experience automating compliance checks with IaC and policy engines.</p></li></ul><p style="min-height:1.5em"><strong>Nice to have:</strong></p><ul style="min-height:1.5em"><li><p style="min-height:1.5em">Exposure to Kafka or ClickHouse in security-sensitive environments.</p></li><li><p style="min-height:1.5em">Familiarity with GitOps tooling (FluxCD/ArgoCD).</p></li><li><p style="min-height:1.5em">Broader knowledge of SOC 2, HIPAA, or other regulatory frameworks.</p></li></ul><p style="min-height:1.5em"><strong>What We Offer</strong></p><ul style="min-height:1.5em"><li><p style="min-height:1.5em"><strong>Compensation at top industry standards</strong> + quarterly bonuses based on transparent evaluation.</p></li><li><p style="min-height:1.5em"><strong>Remote-first flexibility</strong> and adaptable working hours.</p></li><li><p style="min-height:1.5em"><strong>Unlimited paid vacation & sick leave</strong>.</p></li><li><p style="min-height:1.5em"><strong>Comprehensive medical insurance</strong> (for you and your partner).</p></li><li><p style="min-height:1.5em"><strong>Financial support for major life events</strong>.</p></li><li><p style="min-height:1.5em"><strong>Professional growth budget</strong> for courses, training, and certifications.</p></li></ul><p style="min-height:1.5em"><strong>Recruitment Process</strong></p><ol style="min-height:1.5em"><li><p style="min-height:1.5em">HR Interview – 45 min</p></li><li><p style="min-height:1.5em">Hiring Manager Interview – 60 min</p></li><li><p style="min-height:1.5em">Technical Interview – 90 min</p></li><li><p style="min-height:1.5em">Final Interview with Head of Platform & CTO – 60 min</p></li></ol><p style="min-height:1.5em"><strong>If you're ready to embrace ambitious goals and thrive in a dynamic environment,</strong><br /><strong>Apply now and become part of Playson's exciting journey in the iGaming world!</strong></p>

Sponsored
⭐ Featured Partner

Join Swish Analytics

Work on cutting-edge sports data and analytics. Join a team that's revolutionizing how we understand sports performance with AI and machine learning.

Remote FriendlyCompetitive SalarySports Tech

Create a Job Alert

Interested in building your career at Playson? Get future opportunities sent straight to your email.

Create Alert

Related Opportunities

Discover similar positions that might interest you