DevSecOps Engineer

About Us

At Colossyan, we are building the future of AI video; we exist to 'make knowledge transfer easy'. Our platform empowers content creators to transform text into training videos, delivering cost/time savings and enhanced results for over 2000 companies including industry leaders such as Paramount, Novartis, and Continental.

In early 2024, we raised $22million in our Series A funding round, led by Lakestar (known for partnering with Spotify and Revolut among other businesses), to help fuel our next round of sustainable growth! We're also recognized as a "Leader" on G2.

We take great pride in fostering a culture of growth within our rapidly-growing, international team of over 60. Our organization thrives on a deep-seated passion for technology and its incredible potential, with a strong commitment to the personal and professional development of each team member. Yet, we don't stop at work – we also value the importance of enjoying ourselves! Our company's offsite events are a true highlight (check out the Istanbul reel!), offering a fantastic opportunity to connect and bond with colleagues.

Role Purpose

We have an agile DevOps teams and multiple locations across the globe. As a Medior DevSecOps Engineer you'll be working in the platform team reporting to Adam Antal our Platform Tech Lead.

You will improve the security of our platform, review and try the latestand greatest security solutions. You will have a hand in all other security tasks and grow the security culture at Colossyan.

Key Responsibilities:

What you will be doing:

• Propose and implement architectural changes & new practices for short and long term advancements in security to meet security compliance criteria.
• Research new solutions to improve the security posture of Colossyan.
• Design and help implementing new security tests, checks, controls and policies.
• Conduct internal and external penetration tests.
• Maintain and improve the security awareness program within Colossyan.
• Monitor and react to security incidents and anomalies.
• Assist in reviewing legal and contractual security requirements and make sure the Colossyan complies with them.
• Assist in reviewing and implementing cloud security solutions (SIEM, IPS, anti-virus, DLP in a cloud environment).
• Proactively keep your technical and industry knowledge up to date using the resources provided.

What we're looking for:

• 3 years of work experience in IT Security with exposure to both technical and governance related tasks.
• General DevOps and IaC knowledge.
• Experience with cloud security in AWS
• Fluent in written and spoken English
• Security related certificates such as CISM, CISSP, OSCP or other relevant.
• Good working knowledge of webapp security.
• A positive, can-do attitude and a proactive approach to work.

You can stand out by:

• Working knowledge of security standards such as SOC2, GDPR and ISO27001.

• Having experience work in startups.

• Having experience in at least one these: NextJS, Javascript/Typescript, Node.js, React.