Cybersecurity Design Reviewer - Architect

Nasze wymagania: Over 5 years’ experience in application security or cloud security roles. Proven expertise in Threat Modeling or Secure Design/Architecture Reviews. Strong knowledge of common cybersecurity vulnerabilities, including OWASP Top 10. Hands-on experience with AWS security services and best practices (IAM, Security Groups, KMS, CloudTrail). Familiarity with secure coding practices and modern web technologies. Deep understanding of authentication and authorization protocols (OAuth, OIDC, SAML). Knowledge of security standards such as OWASP ASVS, NIST, or SANS Top 20. Experience in vulnerability assessment and penetration testing. Excellent communication skills to convey risks to both technical and management audiences. Ability to stay updated on emerging threats and mitigation strategies. Core cryptography knowledge, including TLS, encryption, hashing, and related vulnerabilities. Mile widziane: Certifications such as CISSP, CISM, or GIAC. Experience with scripting or automation tools related to security. O projekcie: You will be working for our client, a leading global investment bank, dedicated to safeguarding their critical applications and cloud infrastructure. In this role, you will evaluate and shape innovative security design strategies, ensuring advanced protection measures are embedded from inception. You will collaborate with development teams, analyze security findings, and advise on risk mitigation to support the firm's transition towards secure, cloud-native solutions while fostering a culture of cybersecurity excellence organization-wide. Unleash Cybersecurity Innovation — Shape the Future of Secure Cloud Solutions! Warsaw-based opportunity with hybrid work model. Only candidates with an existing legal right to work in Europe will be considered for this role. Zakres obowiązków: Conduct cybersecurity architecture and design reviews for applications, including AI/ML solutions. Advise development teams on secure design and implementation strategies. Analyze penetration test, bug bounty, and code review findings to guide mitigation efforts. Document and promote effective security patterns and best practices. Engage with stakeholders via read-out calls to communicate risks and mitigation plans. Mentor and support junior cybersecurity professionals. Collaborate with engineers to ensure security is integrated within SDLC and CI/CD pipelines. Advocate for web application and cloud infrastructure security standards. Evaluate authentication, authorization, and cryptography implementations. Drive organizational change by embedding security controls into critical projects. Oferujemy: Stable and long-term cooperation with very good conditions Enhance your skills and develop your expertise in the financial industry Work on the most strategic projects available in the market Define your career roadmap and develop yourself in the best and fastest possible way by delivering strategic projects for different clients of ITDS over several years Participate in Social Events, training, and work in an international environment Access to attractive Medical Package Access to Multisport Program Access to Pluralsight Flexible hours