Security

Our career map helps you take charge of your professional growth. With 10 growth levels, from L1 to L10, each step features clear milestones to support your development.

Our career map helps you take charge of your professional growth. With 10 growth levels, from L1 to L10, each step features clear milestones to support your development. Open the document as a table ↗

Individual Contributor

Management

IC-1

Security Intern

Experience

No prior experience required. Typically a student or recent graduate beginning a career in cybersecurity or IT infrastructure.

Area of Responsibility

Supports the security team in basic administrative and technical tasks. Observes and learns how security operations are structured and managed in real-world environments.

Skills

Understands basic security concepts (confidentiality, integrity, availability)
Familiar with common types of cyber threats and attack vectors
Can follow instructions and assist with documentation
Observes incident response or audit processes
Uses basic tools to scan or observe network traffic (with supervision)
Demonstrates attention to detail and a willingness to learn
Follows internal security and compliance policies

‍

IC-2

Junior Security Analyst

Experience

6–18 months of experience in information security, IT operations, or support roles. Familiar with tools and basic security workflows.

Area of Responsibility

Assists in monitoring systems and alerts, collecting evidence, documenting incidents, and executing standard security tasks under supervision.

Skills

Monitors security alerts and flags suspicious activity using existing tools
Understands vulnerability management basics and CVE classification
Conducts routine log reviews and access checks with guidance
Assists in implementing basic security policies (e.g., password rules, MFA setup)
Documents and communicates findings clearly to senior team members
Participates in regular security audits and compliance reviews
Follows incident response playbooks and knows when to escalate

‍

IC-3

Middle Security Analyst

Experience

1–2 years in information security, SOC, or risk/compliance role. Comfortable operating independently within standard procedures and toolsets.

Area of Responsibility

Monitors systems, investigates security incidents, and supports vulnerability remediation. Collaborates with IT and engineering teams on operational security tasks.

Skills

Conducts triage and initial analysis of security alerts (SIEM, EDR, IDS/IPS)
Participates in vulnerability scans and supports remediation efforts
Investigates low-to-medium severity incidents with defined response actions
Maintains and updates security documentation and runbooks
Supports audits and compliance checks (e.g., access controls, asset reviews)
Understands network and application-level threats and controls
Provides security awareness input for internal communications or training
Tracks metrics related to incident handling and risk indicators
Escalates issues and collaborates with engineering to resolve security gaps

‍

IC-4

Senior Security Analyst

Experience

2–4 years in a technical security role, such as infrastructure security, application security, or DevSecOps.

Area of Responsibility

Owns implementation of technical security controls, participates in system design reviews, and ensures compliance and secure development lifecycle.

Skills

Builds and maintains security tools (e.g., SAST, DAST, secrets scanning)
Collaborates with DevOps teams to secure CI/CD pipelines
Configures and maintains IAM policies, firewalls, WAFs, endpoint security tools
Performs threat modeling and supports secure design reviews
Supports incident response and forensic investigations
Ensures systems meet security baselines and compliance frameworks (ISO 27001, PCI DSS, etc.)
Automates vulnerability scanning and security testing workflows
Collaborates on infrastructure hardening and zero-trust architecture efforts
Works with developers on secure coding best practices and secure libraries

‍

IC-5

Security Engineer

Experience

Typically 4–5 years in information security or infrastructure engineering roles. Has solid experience implementing security controls, automating protection mechanisms, and working in cross-functional teams.

Area of Responsibility

Owns implementation of security solutions and actively participates in architecture reviews, threat modeling, and remediation workflows. Collaborates with product and engineering teams to secure both insurance and non-insurance systems throughout the SDLC.

Skills

Implements and maintains security tools and frameworks (e.g., SAST, DAST, SCA) within CI/CD pipelines
Conducts threat modeling, vulnerability analysis, and risk assessments for new features and services
Investigates incidents, assists in root cause analysis, and proposes remediation strategies
Ensures proper access control, encryption, and logging across infrastructure and services
Works with development teams to enforce secure coding practices and apply hardening techniques
Supports internal security audits and compliance checks (e.g., ISO 27001, GDPR, PCI DSS)
Participates in red/blue team exercises, penetration tests, and security simulation events
Shares expertise across teams via documentation, security playbooks, and knowledge sharing sessions
Tracks security metrics, proposes improvements, and contributes to overall risk reduction

‍

IC-6

Senior Security Engineer

Experience

6+ years of experience in security engineering, application security, or infrastructure protection. Acts as a subject-matter expert across a broad range of technical security domains.

Area of Responsibility

Skills

Leads design and deployment of secure development pipelines (CI/CD with integrated SAST, DAST, MAST, SCA tools)
Evaluates and integrates security technologies, ensuring scalability and automation across environments
Proactively identifies vulnerabilities through code reviews, threat modeling, and infrastructure scans
Works cross-functionally with DevOps, Engineering, and Product to ensure security by design
Guides secure infrastructure setup, including IAM policies, encryption, secrets management, and network segmentation
Participates in certification readiness and manages internal/external audits
Mentors engineers and promotes security awareness across technical teams
Drives adoption of DevSecOps practices and helps build a security-first engineering culture
Tracks advanced threats, zero-days, and emerging risks, ensuring timely mitigation strategies
Supports incident response and postmortems, helping teams to improve security posture continuously

‍

No items found.

IC-1

Trainee

Experience

Entry-level, little to no prior professional experience in frontend development.

Area of Responsibility

Learning and applying basic frontend concepts, writing simple components under supervision.

Skills

HTML/CSS: Understanding and using basic HTML elements and CSS styles.
JavaScript: Familiarity with basic JavaScript (ES6+) concepts.
Git: Basic version control operations, understanding of repositories.
Soft Skills: Effective communication, openness to feedback, willingness to learn and improve.

IC-2

Junior

Experience

More then 1 year of experience in frontend development.

Area of Responsibility

Developing small features, fixing bugs, and understanding project architecture.

Skills

HTML/CSS: Proficient in semantic HTML and CSS preprocessors (e.g., Sass).
JavaScript: Knowledge of ES6+, basic use of libraries like Vue.js or React.
Version Control: Confident use of Git, contributing to code reviews.
Soft Skills: Basic teamwork and communication, handling constructive criticism.

IC-3

Middle I

Experience

More then 2 years of solid frontend experience.

Area of Responsibility

Developing features independently, improving existing components, participating in code reviews.

Skills

JavaScript & Frameworks: Deep knowledge of ES6+, Vue.js ecosystem, understanding UI component libraries.
Coding Practices: Writing clean and maintainable code, understanding coding patterns and principles.
Infrastructure: Familiarity with build tools (Webpack, Babel) and CI/CD pipelines.
Soft Skills: Working well in a team, basic problem-solving and critical thinking.

IC-4

Middle II

Experience

More then 3 years of experience in frontend, capable of handling complex tasks.

Area of Responsibility

Leading feature implementation, optimizing performance, and mentoring juniors.

Skills

Advanced JavaScript: Mastery of core concepts, meta-frameworks, and server-side rendering (SSR).
Testing: Writing unit tests and understanding end-to-end testing frameworks.
Optimization: Improving load times, optimizing SEO, and handling responsive design challenges.
Soft Skills: Effective collaboration, taking initiative, and providing constructive feedback.

IC-5

Senior I

Experience

More then 4 years of frontend development experience.

Area of Responsibility

Designing and implementing complex systems, contributing to architectural decisions.

Skills

Architecture & Patterns: Understanding design patterns, OOP, and functional programming.
Security: Awareness of common vulnerabilities and how to mitigate them.
Performance Tuning: Deep understanding of browser performance and optimization.
Soft Skills: Strong communication, mentoring, and conflict resolution skills.

IC-6

Senior II

Experience

Recognized as an expert in frontend development.

Area of Responsibility

Driving project quality, ensuring best practices, leading codebase improvements.

Skills

Frontend Mastery: Proficient in multiple frameworks (Vue.js, React, Angular), full understanding of TypeScript.
Code Review & Testing: Leading code reviews, implementing automated testing strategies.
CI/CD & Infrastructure: Advanced setup and maintenance of continuous integration and delivery.
Soft Skills: Strategic thinking, decision-making, and adaptability to change.

IC-7

Principal

Experience

Strategic leader in frontend development.

Area of Responsibility

Shaping the technical direction, mentoring senior engineers, overseeing large projects.

Skills

Strategic Planning: Defining and implementing frontend strategies, architectural design.
Innovation: Proposing innovative solutions, optimizing frameworks and libraries.
Stakeholder Communication: Effectively interacting with product owners and management.
Soft Skills: High-level collaboration, influencing team direction, handling complex challenges.

IC-8

Tech Lead

Experience

Extensive experience in leading frontend projects and teams.

Area of Responsibility

Technical leadership, architecture design, and ensuring project alignment with company goals.

Skills

Technology Leadership: Guiding the team on technical implementations, making strategic tech decisions.
Code Quality: Establishing and maintaining coding standards, enforcing best practices.
CI/CD & DevOps: Expertise in infrastructure, server configuration, and deployment strategies.
Soft Skills: Effective delegation, inspiring and motivating the team, strategic decision-making.

M-7

Security Officer

Experience

7–9 years of experience in information security with strong technical background and growing strategic involvement. Acts as a trusted security advisor to engineering, IT, legal, and compliance teams.

Area of Responsibility

Oversees security operations, coordinates risk assessments, and ensures security and compliance across all systems and business units. Manages security metrics and works across teams to embed security practices in day-to-day operations.

Skills

Defines and implements security policies and operational procedures
Coordinates risk management activities and mitigation plans
Collaborates with legal, compliance, and HR to align on governance requirements
Oversees vulnerability management, incident response, and third-party risk assessments
Tracks internal audit findings and drives resolution of compliance issues
Reports on security posture to senior leadership and ensures alignment with business priorities
Manages security awareness programs and internal training sessions
Partners with infrastructure and application teams to ensure secure configuration of systems and data
Supports business continuity and disaster recovery planning
Ensures data privacy practices align with regulations (e.g., GDPR, ISO 27001, PCI DSS)

‍

M-8

Security Lead

Experience

Extensive experience in security engineering and architecture, with deep hands-on expertise and team leadership experience. Leads company-wide security initiatives and defines secure development practices.

Area of Responsibility

Owns the design and technical execution of secure development and operations across the organization. Leads a team of engineers, drives DevSecOps culture, and sets technical standards for security implementation.

Skills

Selects tools, resources, and checkpoints for secure development lifecycle
Designs and integrates advanced security frameworks and automation pipelines (CI/CD with SAST, DAST, MAST, SCA/OSA)
Orchestrates correlation and deduplication of vulnerabilities across platforms
Verifies and prioritizes vulnerabilities, supports developers with remediation
Leads penetration testing and coordinates with third-party security auditors
Builds technical security roadmap and contributes to product-level threat models
Leads incident response and root cause analysis in collaboration with stakeholders
Educates teams on secure coding and design patterns
Establishes DevSecOps metrics and tracking systems
Collaborates with product, engineering, and compliance to scale security across all environments

‍

M-9

Head of Security

Experience

12+ years in cybersecurity and leadership. Owns the security function across the organization and drives alignment between security strategy and business goals.

Area of Responsibility

Sets the vision and strategy for information security across the company. Ensures alignment with regulatory requirements, oversees risk and incident management, and represents security at the executive level.

Skills

Develops and evolves the company-wide security strategy and governance model
Ensures compliance with security standards and regulations (e.g., ISO, GDPR, NCA)
Manages cross-functional security budgets, planning, and resource allocation
Leads the security organization: hiring, team structure, goal setting, and performance management
Represents security in front of the board, regulators, and customers
Oversees enterprise-wide risk assessments, business continuity planning, and data governance
Owns vendor risk, third-party security assessments, and audit readiness
Partners with Legal, Compliance, Product, and IT on secure-by-default initiatives
Defines and tracks security KPIs and maturity metrics
Promotes a security-first culture across the company

‍

M-8

Team Lead

Experience

Senior-level experience with a focus on leadership and team management.

Area of Responsibility

Managing the frontend team, ensuring project delivery, and aligning with stakeholders.

Skills

Project Management: Planning and coordinating tasks, prioritizing work for team members.
Team Development: Mentoring and coaching, organizing training sessions for skills enhancement.
Communication: Handling stakeholder expectations, managing team dynamics.
Leadership Skills: Decision-making, conflict resolution, and fostering a collaborative environment.

M-9

Head of Frontend

Experience

Extensive experience in both frontend development and leadership.

Area of Responsibility

Overseeing the entire frontend department, defining the vision, and driving strategic initiatives.

Skills

Strategic Leadership: Setting goals, driving innovation, and overseeing large-scale projects.
Process Improvement: Developing and implementing processes to improve team efficiency.
Hiring & Development: Building and growing the team, managing recruitment, and team development.
Executive Communication: Reporting to top management, presenting the department’s achievements and plans.

Career map

Security

Join us