SharksCode is a Ukrainian IT company that develops high-tech software solutions and platforms for the B2B market, particularly in the iGaming industry.
We are looking for a DevSecOps Engineer who will help maintain and improve a secure cloud infrastructure built on AWS. Our applications run on Kubernetes (EKS), Cloudflare is used for edge protection, and Wazuh serves as our SIEM/HIDS platform.
This role is ideal for an engineer with hands-on experience in cloud infrastructure and security, who will work within an existing architecture and established best practices while helping improve the reliability and security of our systems.
We expect that you:
- Have 2+ years of commercial experience with AWS.
- Have hands-on experience with EKS or other managed Kubernetes platforms.
- Understand IAM, VPC, Security Groups, and CloudWatch.
- Have experience with Kubernetes (deployments, services, ingress).
- Understand Kubernetes RBAC and access control policies.
- Have experience with Docker (building and running containers).
- Have experience with SIEM or security monitoring tools (Wazuh or similar).
- Understand logging, alerting, and basic HIDS principles.
- Have hands-on experience with Cloudflare (DNS and basic WAF configuration).
- Have experience with CI/CD tools (GitLab CI, GitHub Actions).
- Have experience with Infrastructure as Code (Terraform).
- Use Bash or Python for automation tasks.
- Understand HTTP/S, DNS, TLS, and basic cloud networking concepts.
Your future responsibilities:
- Maintain and improve CI/CD pipelines with integrated security checks.
- Support and operate Kubernetes clusters (AWS EKS).
- Configure and maintain Wazuh (agents, rules, alerts, dashboards).
- Manage and optimize Cloudflare services (DNS, WAF rules, rate limiting).
- Deploy and update infrastructure using Infrastructure as Code (Terraform / CloudFormation).
- Manage access control policies (AWS IAM and Kubernetes RBAC).
- Monitor logs and security alerts and participate in incident response.
- Apply container and EKS node hardening practices.
- Collaborate with development teams to ensure secure deployments.
- Configure infrastructure according to CIS security benchmarks.
Nice to have:
- Experience with security scanning tools (Burp, Snyk, kube-bench).
- Familiarity with AWS Security Hub or GuardDuty.
- Understanding of Zero Trust architecture principles.
- Experience with multi-account AWS environments.
- Exposure to security compliance or policy frameworks.
- Experience with ELK Stack.
Interview stages:
- Interview with Recruiter
- Technical Interview
- Offer
We offer:
- 24 paid vacation days, 14 sick days, and 5 days off.
- Flexible working hours (start between 9:00 and 11:00).
- Medical insurance.
- Bonuses and performance-based rewards.
- Office in the center of Kyiv — pet-friendly.
- Lounge area for rest during the day.
- Padel tennis, football, and training activities.
- Learning compensation, internal meetups, workshops, and LMS access.
- Corporate currency for merch, gifts, or additional benefits.
