Senior Security Engineer

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Palta

WebsiteLinkedInAll Job Openings

501 - 1000 employees

Founded 2016

🤖 Artificial Intelligence

👥 B2C

🧘 Wellness

💰 $100M Series B - Palta on 2021-08

Artificial Intelligence • B2C • Wellness

Palta is a global holding company and portfolio of preventative digital health and wellness brands that build consumer-facing mobile apps and AI-powered virtual coaches. The group develops and operates large-scale B2C health and wellness products — including women's health, AI weight-management coaching, fitness coaching, and AI-driven skincare — with a focus on preventative care and personalized guidance. Palta emphasizes deep tech and data-driven solutions to make preventative healthcare and wellness accessible at scale.

📋 Description

• Own and improve application security across the SDLC, including secure design reviews, threat modeling, security-focused code review, and CI/CD-integrated SAST, SCA, and secrets scanning. • Harden our AWS and Kubernetes/EKS environment, including IAM, network segmentation, workload identity, secrets management, admission control, and runtime security controls. • Secure and improve our Istio service mesh, including mTLS, authorization policies, ingress/egress controls, and service-to-service security patterns. • Build security guardrails as code, including policy-as-code, paved-road patterns, reusable templates, and self-service tooling that helps developers move quickly and safely. • Improve software supply-chain security through controls such as image signing, SBOMs, dependency visibility, artifact provenance, and secure build/release practices. • Drive vulnerability management end to end: triage, exploitability-based prioritization, remediation coordination with SRE and product engineering, and follow-through on penetration test findings. • Build and operate technical controls that support HIPAA and SOC 2, including access control, encryption, audit logging, evidence automation, and secure handling of sensitive health data. • Help shape the full lifecycle of security services, from design and deployment to operation, measurement, and continuous improvement.

🎯 Requirements

• 5+ years of experience in security engineering, cloud security, application security, or software engineering with a strong security focus. • Strong hands-on application security experience, including threat modeling, secure code review, API security, and OWASP API Top 10 risks. • Production experience securing AWS and Kubernetes/EKS environments. • Hands-on experience with Istio security in production or production-like environments. • Strong coding ability in Go or Python. • You are comfortable building tools, automation, and integrations when needed. • Experience with CI/CD security and infrastructure as code, such as Terraform, ArgoCD, or GitOps workflows. • Experience with Kubernetes policy and networking tools such as Kyverno, OPA, Cilium. • Ability to translate security, privacy, and compliance requirements into practical technical controls. • At least one experience working with regulated environments such as HIPAA, SOC 2, or ISO 27001. • Ownership mindset: you can take a project from concept through rollout and operational maturity. • Strong written and spoken English. • Experience with any of the following is a plus: Supply-chain security tooling such as Cosign, sigstore, SBOMs, or image signing. Offensive security experience, penetration testing, or bug bounty work.

🏖️ Benefits

• Competitive salary package commensurate with experience, plus stock options. • The equipment you need to do your job. • 21 days annual leave, plus bank holidays. • Office in Limassol (Hybrid Work Format) or Remote Option for Candidates Residing Outside of Cyprus.