About the Role
You'll join Vivid's security and engineering teams to strengthen and scale security practices across a fully cloud-native AWS environment. You will make hands-on improvements to cloud and Kubernetes security, vulnerability management, and perform security reviews across infrastructure and applications, while also contributing to long-term security direction. As Vivid actively adopts AI, uses LLMs extensively, and builds internal AI agents, you will play a key role in making sure security scales alongside innovation and regulatory requirements.
Requirements
- 5+ years of hands-on experience in DevSecOps, Cloud Security, or related fields
- Strong hands-on experience operating AWS and Kubernetes in production environments
- Experience implementing security in Infrastructure as Code and CI/CD workflows
- Solid understanding of cloud security fundamentals such as access control, secrets management, network security, and encryption
- Familiarity with container security and common application security risks
- Deep understanding of AI/LLM security risks, including prompt injection, data leakage, model abuse, and agent privilege escalation; hands-on experience securing AI infrastructure components such as LLM gateways, MCP servers, or agent-based workflows
- Comfortable with scripting and working in Git-based development environments
- Good communication skills and ability to work effectively with engineering and product teams
- Comfortable communicating clearly in English, both written and spoken
- Experience scaling security practices in fast-growing or regulated environments (nice to have)
- Experience building internal security tooling or automation from scratch (nice to have)
Responsibilities
- Continuously improve the security of AWS and Kubernetes platforms
- Strengthen IAM, RBAC, encryption, secrets management, and network controls through secure-by-default policy-as-code
- Manage edge security, including traffic filtering, WAF configuration, and external exposure management
- Perform security reviews of new services, architectural changes, and platform components
- Embed automated security controls into SDLC and CI/CD, including SAST, dependency and container scanning, and policy enforcement
- Lead vulnerability management processes, including detection, assessment, prioritization, and reporting
- Integrate automation and AI-assisted tooling to enhance security reviews and reduce manual effort
- Define and implement security controls for AI infrastructure components, including gateways, MCP servers, and model proxies
- Identify and mitigate AI-specific risks such as prompt injection, data leakage, and agent privilege escalation
Benefits
- Hybrid model in Limassol office, or fully remote outside office locations
- Relocation support to Cyprus (visa, package) when needed
- Learning & development budget
- Fully paid vacation and sick leave
- Sports compensation