Senior Cyber Security Engineer

Profile: Senior Cyber Security Engineer

Summary: Hands-on role. Review applications, define/verify security requirements for IaaS/PaaS/on‑prem and SaaS; identify risks to confidentiality, integrity, availability.

Key activities:

• Product security reviews: verify security requirements, maintain security baselines.
• Architecture & design: threat modeling, risk assessment, security‑by‑design guidance.
• Governance: define security principles, policies, secure development lifecycle, embed security into product lifecycle.
• Vulnerability analysis: static/dynamic code analysis, security scanning, investigate reports, coordinate application incident response, define/oversee pentests.

Core responsibilities:

• Deep architecture and security reviews (cloud & on‑prem) to identify vulnerabilities.
• Design application security requirements; perform threat modeling; manage application pentests.
• Support security vs business tradeoff decisions.
• Lead implementation of strategic security initiatives.

Offer:

• Location: Poland / Warsaw — remote cooperation.
• Employment: contract of employment (with Client).
• Benefits: private healthcare with rehabilitation; extra parental days (6/yr); cafeteria; internal training.
• Cooperation: long‑term.

Requirements:

• Bachelor’s degree in computer science, Cybersecurity, or a related field (or equivalent experience).
• 5–8+ years of experience in cloud applications, cybersecurity, or related domains.
• Strong experience performing threat modelling and security reviews.
• Possess hands-on experience on whitebox, greybox, and blackbox assessments or oversight applications pen tests focusing on OWASP.
• Strong documentation skills.
• Experience working with various IT Teams and non-IT teams of various disciplines.
• The ability to assimilate complex technical challenges and provide appropriate security advice that delivers the right business outcomes.
• Self-motivated, experience in solving complex problems.
• Strong communication and collaboration skills who feels comfortable working closely with Architecture and Infrastructure teams.
• Ability to learn and apply new technologies quickly and in complex deployments.

Nice to have:

• Relevant certifications: CISSP, CCSP, or equivalent.
• Expert knowledge of zero trust, identity, threat detection, and threat modelling and security practices.