Simple Life is the #1 AI-powered health coaching app for adults who want to lose weight and enjoy a healthier lifestyle—without the stress or extremes. Our mission is to empower people to feel their best every day. By challenging traditional, restrictive approaches, Simple offers a more sustainable method grounded in ease, personalization, and real-life support.
Simple has had over 17 million downloads and more than 300,000 5-star reviews, having helped millions lose weight successfully and sustainably. Simple has earned recognition as Best Virtual Coach and one of the Top 100 AI companies — all thanks to a dedicated global team driving real impact.
With SIMPLE as a partner in their pocket, users feel cared for and empowered to embrace — and stick to — new healthy habits. To learn more, visit simple.life.
We are looking for a T-shaped Senior Security Engineer with strong depth in application security and cloud-native infrastructure security. You will work hands-on across Go services, AWS, Kubernetes/EKS, Istio, CI/CD, and compliance-driven technical controls to make security part of how we build, deploy, and operate software.
This is an engineering-first security role. You should be comfortable moving across the stack - from code review and threat modeling to IAM, Kubernetes policy, service mesh security, and secure delivery pipelines - while going deepest on application security and cloud security.
Our main application stack is written in Go.
Own and improve application security across the SDLC, including secure design reviews, threat modeling, security-focused code review, and CI/CD-integrated SAST, SCA, and secrets scanning.
Harden our AWS and Kubernetes/EKS environment, including IAM, network segmentation, workload identity, secrets management, admission control, and runtime security controls.
Secure and improve our Istio service mesh, including mTLS, authorization policies, ingress/egress controls, and service-to-service security patterns.
Build security guardrails as code, including policy-as-code, paved-road patterns, reusable templates, and self-service tooling that helps developers move quickly and safely.
Improve software supply-chain security through controls such as image signing, SBOMs, dependency visibility, artifact provenance, and secure build/release practices.
Drive vulnerability management end to end: triage, exploitability-based prioritization, remediation coordination with SRE and product engineering, and follow-through on penetration test findings.
Build and operate technical controls that support HIPAA and SOC 2, including access control, encryption, audit logging, evidence automation, and secure handling of sensitive health data.
Help shape the full lifecycle of security services, from design and deployment to operation, measurement, and continuous improvement.
5+ years of experience in security engineering, cloud security, application security, or software engineering with a strong security focus.
Strong hands-on application security experience, including threat modeling, secure code review, API security, and OWASP API Top 10 risks.
Production experience securing AWS and Kubernetes/EKS environments.
Hands-on experience with Istio security in production or production-like environments.
Strong coding ability in Go or Python. You are comfortable building tools, automation, and integrations when needed.
Experience with CI/CD security and infrastructure as code, such as Terraform, ArgoCD, or GitOps workflows.
Experience with Kubernetes policy and networking tools such as Kyverno, OPA, Cilium.
Ability to translate security, privacy, and compliance requirements into practical technical controls.
At least one experience working with regulated environments such as HIPAA, SOC 2, or ISO 27001.
Ownership mindset: you can take a project from concept through rollout and operational maturity.
Strong written and spoken English.
Supply-chain security tooling such as Cosign, sigstore, SBOMs, or image signing.
Offensive security experience, penetration testing, or bug bounty work.
Competitive salary package commensurate with experience, plus stock options.
The equipment you need to do your job.
21 days annual leave, plus bank holidays.
Office in Limassol (Hybrid Work Format) or Remote Option for Candidates Residing Outside of Cyprus.
Think deeper: We understand that in order to grow we need to make all our decisions reality-based and change our opinion based on what we learn. We appreciate data coming in various forms – quantitative and qualitative, feedback from users and colleagues, and strong and weak signals.We treat data as the main source for leveraging insights and expect people at every level to have conversations that start with data.
Focus on impact: Results and speed matter. When we are competing to become an A-player in the digital health market, we don’t have the luxury of deliberation. We need to make decisions and changes quickly and, swiftly learn from our mistakes.We prioritize what will have the greatest impact and aren’t distracted by anything else. We create products that benefit users while we are meeting our metrics.
Take ownership: We seek to improve all facets of our company even in ways beyond our job description. We seek and take responsibility for our actions and their impact. We value and set high expectations for our own work so that it can add to the overall quality and innovation results of the team. Each one of us is empowered to make this company a success, take the lead to resolve disagreements and systemic issues.
Push the limits: We encourage our team to explore new ideas, challenge conventional thinking, and continuously improve work. This mindset can lead to breakthroughs in product development, improved operational efficiency, and increased competitiveness in the market. We believe that a culture and mindset of constantly striving to exceed existing standards, boundaries, or expectations that include innovation, experimentation, and a willingness to take risks, can bring us success. We don't accept what someone says as truth if we disagree with it, no matter what authority that person has in the company and express ourselves directly, not through back channels. We challenge ideas, from policy to product decisions, and always seek to understand the reason behind what we do.
Be a Championship Team: As a part of the championship team, you must improve your own performance constantly also know your teammates, their talents and skills and be focused on a common goal and how to achieve it together. We hold each other accountable for our contribution to the shared success or failure, and we constantly look for ways to help our colleagues to improve and for us to perform better as a team. We collaborate within the team in order to compete with challengers in the outside world. We build relationships of trust. We provide our teammates with the autonomy and support they need to deliver their part of the goal.
Palta is a thriving family of Wellbeing and HealthTech brands. We partner with ambitious founders and exceptional talent to transform innovative ideas into life-changing apps that make a positive impact at a global scale.
With over 700 employees on board, our offices stretch across the UK, US, EU and Israel.
