Confirmo is hiring a

Web3 Security Engineer

Confirmo is one of the fastest growing crypto payment gateways, and our flexible solutions, low fees, and top-class support make it easy for businesses of all sizes to accept crypto payments. Since 2022, we’ve grown 700% in volume and now process over $80M+ monthly and due to our expansion plans, we are looking to grow our security team by Security Engineer.

This is not a typical "sit back and monitor the dashboard" security role. At Confirmo, we build a leading stablecoin payment platform, and security is not just a department, it is part of our DNA.

Key Responsibilities

As our Security Engineer, you will work directly alongside our CISO and Head of Security to harden our defenses, monitor our infrastructure, and ensure our code is secure.

You will be stepping into a modern, cloud-native environment. We don't rely on legacy on-premise hardware; we live in AWS, use platforms such as Cloudflare for the edge security, and use modern cloud services to keep eyes on everything. This is a role for a true generalist, someone who refuses to be siloed into just "AppSec" or just "Compliance."

If you are passionate about hunting threats, enjoy deep-diving into code, and want to help shape security strategy rather than just following a checklist, we want you on board.

Your Profile

We are looking for a security enthusiast who understands that true security happens at the intersection of infrastructure, code, and compliance.

• Cloud Security Architecture: Deep understanding of any public cloud infrastructure services (preferably AWS) and security best practices. You know how to secure a cloud-native infrastructure, manage IAM roles effectively, and audit configurations.

• Blue Team & SIEM Operations: Proficiency with security, monitoring and observability SIEM platforms (e.g. DataDog). You will be responsible for log management, writing custom detection rules, and investigating alerts before they become incidents.

• Application Security (AppSec): You understand secure programming principles and have a strong grasp of the OWASP Top 10. You are capable of reviewing code (Java,Typescript, Python, etc.) to help our developers catch vulnerabilities early in the lifecycle.

• Edge & Network Security: Experience with configuring and managing network security solutions (preferably SaaS services like Cloudflare) - WAF, rate limiting, and edge protection rules to keep malicious traffic at bay.

• Identity & Modern Auth: You are a proponent of modern authentication. You have experience with Google Workspace security, managing shared secrets, and the implementation of passkeys and hardware keys. You know that identity is the new perimeter.

• ZeroTrust principles: You embrace and ideally have practical experience with this modern access/authentication/authorization approach, we don’t rely on VPNs.

• A desire to not only propose and design, but also to change and execute, with your own hands. As an example, we’re more and more relying on IaaC, using Terraform at the moment. You don’t need to be proficient in that regard, but you need to be keen to learn fast and do it right after, without relying on an Ops engineer or anyone else.

• Vulnerability Management: You can manage the full lifecycle of vulnerabilities—from detection and triage to working with engineering teams on remediation.

• GRC Knowledge: Familiarity with compliance frameworks such as ISO 27001, NIST CSF, SOC2, or DORA. You understand that documentation and governance are the backbone of a mature security program.

• English Language: We are an international team; fluent English (written and spoken) is a must.

Any of these is a plus

While not required, having these skills will give you a head start:

• Crypto & Blockchain: A genuine passion for cryptocurrency and blockchain technology. Understanding how crypto transactions and wallets work is a massive advantage.

• Certifications: Industry-recognized certifications such as CISSP, CEH or AWS Security Specialty.

• DevSecOps: Experience integrating security into Git CI/CD pipelines.

• A practical experience with penetration testing: The ability to perform Gray-box and/or White-box testing would be ideal, the ability to orchestrate and process external pentesting is a plus.

• Threat Intelligence: Experience analyzing current threat trends and proactively adjusting defenses based on the threat landscape.

• A practical experience with OKTA: This may become our future IdM of choice.

What we promise in return

• A chance to be part of a well-funded startup supported by successful investors.

• A close-knit team of forward-thinking entrepreneurs.

• Flexibility in working hours and the ability to work from home.

• A stylish office located in Karlín, Prague 8 (near metro Křižíkova).

• A rare combination of engineering freedom and professional stability, we're a startup with a proven business model.

• A competitive compensation based on your impact on the team and the whole company.

Onsite, hybrid or remote (within Czech Republic) are offered for this role. If you are interested in learning more, please submit your CV, and our recruiter, will get back to you promptly.

Apply Now: