latchhire

Security Lead / Security Engineer

Playson · European Union, Ukraine, Bratislava Hub (Remote)
Remote lead security engineer
Apply on Playson →
About the Role We are looking for a Security Lead or Security Engineer to strengthen Playson’s information security framework and help us continue building a mature, practical, and business-oriented security function. This is a senior hands-on role for someone who can combine security engineering, incident investigation, compliance ownership, and security process improvement. The right person will not only maintain existing controls, but also define priorities, improve security operations, and help shape the security roadmap together with the CTO, Head of IT, DevOps, HR, Legal, and IT teams. This role is a good fit for someone who enjoys both strategy and execution: setting standards, improving processes, investigating incidents, managing tools, working with technical stakeholders, and helping non-technical teams understand security risks in a clear and practical way. We are looking for someone who can bring structure, ownership, and senior-level judgment while remaining close to the technical details. Key Responsibilities Security Ownership & Roadmap Own and continuously improve Playson’s information security processes, controls, and roadmap. Help mature the security function by identifying gaps, defining priorities, and driving practical improvements. Work closely with the CTO, Head of IT, DevOps, IT, HR, and Legal teams on security-related topics. Translate security risks into clear business language, priorities, and measurable actions. Define and track security KPIs / metrics that can be shared with leadership. Foster a strong Security-First mindset across the organization. Information Security & Compliance Maintain and continuously improve the ISO/IEC 27001:2022 Information Security Management System. Conduct internal audits, risk assessments, gap analyses, and support certification renewals. Update security policies, procedures, and controls in line with ISO 27001, GDPR, and relevant frameworks such as NIST CSF and NIS2 principles. Document risks, incidents, corrective actions, and control improvements to ensure continuous compliance. Support DLP implementation and maintain central tracking of security events. Ensure security processes are practical, clear, and embedded into daily operations rather than existing only as documentation. Security Operations, SIEM & Tooling Manage integrations, alerting, and monitoring within tools such as Datadog SIEM, CrowdStrike, Cloudflare, and Google Workspace. Improve visibility across endpoints, access, cloud/SaaS tools, and user activity. Review and tune security alerts to reduce noise and improve detection quality. Maintain central logging, evidence collection, and security event tracking. Partner with DevOps and IT to improve security controls across infrastructure, endpoints, and SaaS environments. Incident Response & Investigations Lead investigations into security incidents such as phishing, data leakage, suspicious user activity, unauthorized access, and endpoint compromise. Collect, analyze, and document digital evidence across systems such as CrowdStrike, Cloudflare, Google Workspace, Slack, and other internal tools. Maintain and improve incident response playbooks, escalation paths, and communication workflows. Collaborate with HR, Legal, IT, and relevant business teams during internal investigations. Produce clear post-incident reports with root cause, impact, timeline, remediation actions, and prevention measures. Endpoint, Identity & Access Security Manage MDM systems such as Zoho MDM and Endpoint Central, with a strong focus on macOS endpoint compliance. Maintain CrowdStrike Falcon configurations and improve endpoint security posture. Oversee SSO, MFA, and 2FA enforcement across services, including Google SSO, DUO Mobile, and 1Password. Implement and improve Just-in-Time privilege elevation, privileged access controls, and admin access reviews. Perform quarterly RAS Access Management Reviews and maintain a consistent access audit trail throughout the year. Improve access governance, onboarding/offboarding security, and SaaS access controls. Requirements 6+ years of experience in Information Security, Security Engineering, IT Security, Incident Response, Security Operations, or a similar hands-on security role. Strong hands-on experience with security tooling such as SIEM, EDR, MDM, DLP, IAM, SSO, MFA, and access management platforms. Practical experience with incident response and security investigations, including evidence collection, analysis, documentation, and remediation. Strong working knowledge of ISO/IEC 27001, GDPR, and modern security frameworks such as NIST CSF and NIS2 principles. Experience owning or significantly improving security controls, policies, processes, or a security roadmap. Ability to work independently, define priorities, and make practical security decisions in a fast-moving environment. Strong understanding of endpoint security, identity and access management, SaaS security, and internal IT security controls. Ability to communicate clearly with both technical and non-technical stakeholders. Nice to Have Certifications such as CISSP, CISM, CEH, ISO 27001 Lead Auditor, AWS Security Specialty, or similar. Experience with Zero Trust, PAM, CASB, SOAR, or advanced DLP platforms. Digital forensics or internal investigation experience. Experience with cloud security, especially AWS, GCP, or Azure. Experience with Kubernetes, CI/CD, IaC, or DevSecOps practices. Experience designing security awareness programs or running phishing simulations. Experience building or scaling security practices in a product or technology company. What We Offer Competitive Salary Quarterly Bonuses Unlimited Paid Time Off Unlimited Paid Sick Leave Remote & Flexible Working Private Medical Insurance Financial Support for Life Events Professional Development Budget International Exposure Regular Company Events *Benefits may vary depending on location and contractual agreement Recruitment Process HR interview Technical interview Final interview Please take into account that sometimes the process may differ, your TA Partner will keep you updated. Know a perfect candidate? Referral bonus - up to €5,000. Email us at recruiting@playson.com
Posted 2025-11-04