Türkiye
We’re Hiring at Assistbox! Join Us on Our Global Journey💡
Who We Are
At Assistbox, we help enterprises transform customer engagement through video-first and AI-enhanced experiences.
Trusted by 70+ leading brands across banking, insurance, retail, telecommunications, healthcare, and public services, our platform powers mission-critical customer journeys such as remote onboarding, customer support, video advisory, and accessibility services.
We believe the future of customer experience lies at the intersection of human interaction, video communication, and artificial intelligence. As a growing B2B SaaS company, we’re helping enterprises rethink how they engage with their customers—and we’re just getting started. As we expand into international markets, we’re looking for people who want to help shape our next stage of growth.
If you’re excited by enterprise technology, AI, and the opportunity to make a visible impact, we’d love to meet you.
About This Role
Own and continuously improve the security posture of Assistbox across applications, infrastructure, cloud, Kubernetes, networking, CI/CD, and enterprise deployments. Work closely with engineering and DevOps to design secure systems, proactively identify vulnerabilities, and validate defenses through authorized offensive security testing.
Defensive Security Responsibilities
• Design and maintain security architecture.
• Configure and review firewall policies (WatchGuard, cloud firewalls, Kubernetes NetworkPolicies).
• Design network segmentation for DMZ, production, management, and internal networks.
• Secure VPNs, remote access, ingress, NAT, routing, and public-facing services.
• Harden Linux servers, Kubernetes clusters, Docker hosts, and containerized workloads.
• Secure CI/CD pipelines, GitHub, Harbor, Helm deployments, and secrets management.
• Improve IAM, RBAC, certificate lifecycle, TLS, WAF, and Zero Trust controls.
• Implement vulnerability management, patch management, asset inventory, and security baselines.
• Build and improve SIEM, IDS/IPS, EDR, logging, alerting, and incident response capabilities.
• Perform architecture reviews and threat modeling for new features.
• Support compliance initiatives such as ISO 27001, SOC 2, HIPAA, or customer security assessments.
Offensive Security Responsibilities
• Perform authorized penetration testing on web applications, APIs, infrastructure, Kubernetes, and networks.
• Assess WebRTC, SIP, media servers, and real-time communication security.
• Conduct red team and purple team exercises.
• Perform source code security reviews.
• Identify vulnerabilities, prioritize risk, and validate remediation.
• Simulate realistic attack scenarios against production-like environments.
• Review authentication, authorization, session management, and tenant isolation.
Required Qualifications
• 4+ years of experience in security engineering, application security, infrastructure security, penetration testing, or similar.
• Strong understanding of networking, firewalls, Linux, Kubernetes, and cloud security.
• Experience with OWASP Top 10, API Security, secure SDLC, and threat modeling.
• Experience with SAST, DAST, SCA, container image scanning, and secrets scanning.
• Excellent communication skills and ability to work with engineering teams.
Nice to Have
• Experience securing WebRTC, VoIP, SIP, or media platforms.
• Experience with enterprise customer security reviews.
• Experience with ISO 27001, SOC 2, HIPAA, or GDPR.
• Security certifications such as OSCP, OSWE, OSEP, CISSP, GSEC, GPEN, GWAPT, or Kubernetes Security Specialist.
Assistbox is an equal opportunity employer that does not tolerate any discrimination. We ensure equal opportunity for all applicants without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other legally protected characteristics.