Security Assessment Specialist - US EST (East Coast) Timezone

Hello,

We are called People More because we treat our employees with respect, but also because the projects we work on are for people and should be easy and pleasant to use. We are technological, but we look at the bigger picture :)

People More has been in existence for over three years and is an offshoot of one of the country's oldest interactive agencies - Insignia. The company is made up of people with a huge client base in the country and abroad, for whom we build projects from scratch (UX, UI, frontend, backend, mobile) or in part. We work directly for our clients and also support our partners in their own solutions. This ensures a wide range of projects and the ability to change! We work with clients all over the world.

For the project that we are working on with our foreign partner, we are looking for Security Assessment Specialist.

Your duties will include:

• Conduct security assessments of infrastructure, applications, and processes in alignment with industry standards and regulatory frameworks (e.g., ISO 27001, FedRAMP, BSI IT-Grundschutz).
• Identify and analyze security risks in cloud and hybrid environments, providing recommendations for mitigation.
• Develop and maintain remediation plans based on findings from assessments, audits, and risk analyses.
• Support internal and external audits by preparing documentation and assisting teams with compliance requirements.
• Collaborate with DevOps teams and cloud architects to ensure secure implementation of infrastructure and adherence to DevSecOps best practices.
• Utilize infrastructure automation tools (e.g., Terraform, Ansible) and scripting languages (e.g., Python, Bash) to facilitate assessments and security testing.
• Create clear and detailed technical documentation, risk assessment reports, and compliance-related materials.
• Monitor evolving security standards and regulations, and contribute to updates in internal security practices and procedures.

Requirements that must be met:

• 3+ years of experience in information security, risk assessments, or related fields
• Understanding of modern deployment methodologies, cloud architecture, and DevSecOps practices
• Hands-on experience with infrastructure automation tools (e.g., Terraform, Ansible) and scripting languages (e.g., Python, Bash).
• Familiarity with FedRAMP, BSI IT-Grundschutz, ISO 27001, or similar regulatory/compliance frameworks.
• Strong leadership skills
• Very good English and Polish
• Open to work in US EST (East Coast) Timezone

Nice to have:

• Security certifications such as CISSP, CISA, or similar are a plus
• Experience participating in third-party audits or assessments
• Knowledge of secure coding practices and application security testing.
• Familiarity with container security, Kubernetes, and cloud-native technologies.

What we offer:

• We are open and honest and we solve problems instead of generating them.
• Maybe it’s obvious, but we really respect our employees and associates. We used to be software developers, too, and we appreciate that job!
• A small team
• An international working environment and international projects
• Private medical care
• Sports card
• Training courses
• Work that is 100% remote (unless you prefer another system)

We have an office in Krakow, but if you like to work remotely, that’s absolutely fine. Over the next few months, we plan to continue working this way. After that, you decide according to what you prefer. We are OK with fully remote work. For us, you can be located anywhere. :)

Why it’s a good idea to work with People More?

• If you are not satisfied with your work or your tasks, we’ll find a way out together!
• If you get bored, we will offer you a new product and new, fascinating tasks
• We will work on your brand together: you will get an opportunity to attend conferences, including as a speaker, and we will help you publish in recognized magazines and online
• We will facilitate your access to challenges that are usually difficult to get
• At any time, you can talk directly to the board of People More—we talk your language because the company’s founders are software developers and designers!

What does the recruitment process look like?

• A friendly remote initial interview
• A remote technical talk
• The decision to work together!