Information Security Engineer

Hi there!

We are looking for an Information Security Engineer for the Sweed product startup, fully remote.

Further - more, in the Q&A.

What are we doing?

At Sweed, we offer a comprehensive cannabis retail solution with a wide range of features, including powerful POS functionality, in-depth analytics, marketing and promotional tools, efficient inventory management, and more. Our progressive web app can be easily accessed through the tablets already available in your store without any additional hardware required.

Since our establishment, we have been committed to creating an all-in-one system tailored to the specific needs of large cannabis retailers. Today, we are proud to be a market leader, owing much of our success to our signature killer feature – providing a full spectrum of software in one solution.

Why are we doing this?

At our company, we are driven by our passion for the medicinal potential of plants. Cannabis possesses unique properties that can help alleviate chronic pain, anxiety, depression, epilepsy, multiple sclerosis, glaucoma, and sleep disorders.

Although a significant amount of stigma is associated with this area, we firmly believe these plants possess unique properties and have helped countless people improve their quality of life. This rapidly growing industry presents immense potential for career advancement and personal fulfillment, and we are excited to explore how we can contribute to this dynamic field.

How old is the project? What stage is it at?

The product is already 4 years on the market and in the active development stage. Our current priority is establishing and maintaining strong customer trust, which has driven the development of our delivery processes that allow us to launch new features daily. Given the highly specialized nature of the cannabis retail market, we are committed to rapidly meeting the evolving needs of our customers. Furthermore, the market's unique legal framework presents challenges with significant variations in state-level taxes, delivery regulations, and other factors.

What to do in the project? What challenges will you meet?

• Provision and manage access permissions to ensure appropriate levels of access for employees and third parties.
• Ensure the security of AWS environments by implementing best practices for access control, encryption, network security, and monitoring.
• Manage threat detection systems, analyze logs and network traffic, and identify potential security issues.
• Manage Cloudflare services, including DDoS protection, Web Application Firewall (WAF), and SSL.
• Perform incident response, including investigation, containment, and remediation of security threats.
• Configure and maintain VPN technologies to ensure secure remote access.
• Oversee vulnerability assessments and patch management processes.
• Provide security training and guidance to teams on best practices.
• Develop and enforce security policies and procedures to ensure the protection of systems and data.
• Collaborate with DevOps and IT teams to integrate security into infrastructure and application design.

What professional skills are important to us?

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• Proven experience in cloud security, especially with AWS.
• Familiarity with Cloudflare security products.
• Experience with incident response, threat detection, and vulnerability management tools.
• Strong understanding of network security, firewalls, and encryption technologies.
• Knowledge of security standards, frameworks such as SOC 2, HIPAA or NIST.
• Security certifications (e.g., CISSP, CISM, CEH, AWS Certified Security - Specialty) are a plus.
• Strong analytical and problem-solving skills.
• Good proficiency in English (B2 or higher).

The conditions:

Is there a probation period, and how long does it last? - Probation period lasts 3 months.

What is the work schedule? - We offer flexible working hours. Our core working hours are from 09:00 to 15:00 (GMT), but flexibility is encouraged depending on the team's needs.

Is it possible to work remotely? - There is an opportunity to work fully remotely, we are a remote-first company, and we don't have offices.

What currency is the salary paid in, and what is the form of employment?

Salary in dollars (employment under a B2B contract with the USA).

The number of vacation days? - 20 working days per year.

The number of sick leave days? - 3 days.

Social package (medical insurance, other): Medical insurance becomes available after the trial period. We also offer equipment reimbursement for essential items such as laptops and additional equipment like monitors.

How many stages of the interview?

• Intro call with a recruiter (1 hour), there’s short English check;
• Technical interview with Security Lead (1.5 hours);
• Final interview with VP of Engineer (1 hour) .