Playson ยท 2 weeks ago
Lead DevSecOps Engineer
European Union
Full-time
Onsite
Senior Level, Lead/Staff
5+ years expPlayson is a leading iGaming supplier recognized worldwide, providing a high-end, microservice-based Platform-as-a-Service. They are seeking a Lead DevSecOps Engineer to establish their DevSecOps function, integrate security into CI/CD pipelines, and lead cloud security initiatives.
ContentInformation TechnologyMedia and EntertainmentOnline Games
Responsibilities
Establish the DevSecOps function at Playson, defining best practices and security standards across the Platform Tribe
Integrate security into CI/CD pipelines (SAST, DAST, dependency scanning, container scanning)
Harden infrastructure and runtime environments (Linux, Docker, Kubernetes/EKS, RBAC)
Design and enforce cloud security controls in AWS (IAM least-privilege, GuardDuty, Security Hub, encryption at rest/in transit)
Define and maintain IaC security policies (Terraform/Terragrunt, drift detection, policy-as-code)
Implement and manage secrets management solutions (Vault, AWS Secrets Manager)
Build centralized security monitoring & alerting (Datadog, ELK, CloudWatch, SIEM/SOAR)
Lead vulnerability management and threat modeling practices
Automate workflows through scripting (Python, Bash)
Partner with backend, infrastructure, and platform engineers to embed security in design & delivery
Contribute to compliance readiness (ISO 27001, GDPR, PCI-DSS)
Act as a security subject-matter expert, mentoring engineers and raising awareness
Continuously evaluate and implement new security tools and approaches
Qualification
Required
5+ years in Security Engineering / DevSecOps roles, with proven success delivering secure infrastructure and applications
Strong skills in Python and Bash for building and automating security workflows
Cloud Security (AWS focus) - Deep knowledge of IAM least-privilege design, encryption at rest/in transit, GuardDuty, Security Hub, and best practices for securing multi-account environments
Implementation of security controls in pipelines (SAST, DAST, dependency scanning, container image scanning, policy-as-code)
Hardening of Linux systems, Docker, Kubernetes/EKS; strong experience with RBAC, PodSecurity/OPA/Gatekeeper/Kyverno policies
Terraform/Terragrunt, including policy-as-code, drift detection, and compliance enforcement
Expertise with HashiCorp Vault, AWS Secrets Manager, or equivalent
Hands-on with centralized logging, SIEM/SOAR tools (Datadog Security, ELK, CloudWatch, etc.) and incident response workflows
In-depth understanding of secure network design, segmentation, and monitoring
Experience with tools enabling temporary, approval-based access (Teleport, AWS IAM Identity Center, Okta, etc.)
Ability to design and enforce zero trust principles (continuous verification, microsegmentation, contextual access)
Familiarity with SBOM generation (CycloneDX, Syft), artifact signing (Cosign, Sigstore), and applying SLSA/in-toto frameworks
Understanding of ISO 27001, GDPR, PCI-DSS (iGaming relevance), plus experience automating compliance checks with IaC and policy engines
Preferred
Exposure to Kafka or ClickHouse in security-sensitive environments
Familiarity with GitOps tooling (FluxCD/ArgoCD)
Broader knowledge of SOC 2, HIPAA, or other regulatory frameworks
Benefits
Compensation at top industry standards + quarterly bonuses based on transparent evaluation.
Remote-first flexibility and adaptable working hours.
Unlimited paid vacation & sick leave.
Comprehensive medical insurance (for you and your partner).
Financial support for major life events.
Professional growth budget for courses, training, and certifications.
Company
Playson
Playson is a gaming company that develops games, cutting-edge content, and promotional consulting services.
201-500 employees
Funding
Current Stage
Growth StageLeadership Team
Oleksii M.
CTO
Recent News
2025-10-22
Company data provided by crunchbase