Infrastructure Security Engineer (remote from Poland)

The Infrastructure Security Engineer is responsible for designing, implementing and managing enterprise security controls to protect critical infrastructure and city-scale assets. The person in this role will provide specialist guidance on network and operational technology (OT/ICS) security, validate contractor implementations against the master security architecture, and oversee testing and hardening of security controls in accordance with recognised standards. Responsibilities: • Design, implement and maintain enterprise security controls, including firewalls, web application firewalls (WAF), privileged access management (PAM), Zscaler, and vulnerability management platforms such as Qualys. • Ensure security architectures and designs comply with organisational security standards and policies. • Provide expert-level support and advisory services for network security infrastructure and related technologies. • Specialise in OT/ICS security and physical security systems, including CCTV and access control systems (ACS). • Define and maintain security hardening baselines for infrastructure and devices. • Validate and audit security contractor implementations against the master security architecture and project requirements. • Plan, coordinate and oversee testing of security controls for assets and city infrastructure, including penetration testing and control verification activities. • Maintain up-to-date technical knowledge of relevant standards and controls and apply them to design and operational activities. Qualifications: • Proven experience in network and infrastructure security design and operations, including hands-on work with firewalls, WAF, PAM, NAC, endpoint controls and related technologies. • Specialist experience with OT/ICS environments and integration of physical security systems (CCTV, ACS) into overall security architecture. • Demonstrable expertise with security frameworks and standards such as IEC 62443 and relevant national or sectoral frameworks (for example HCIS, NCA‑ECC). • Experience validating third-party or contractor implementations against master security architectures and conducting control testing. • Relevant professional certifications such as CISSP, GCIA, or equivalent are required; additional vendor or technical certifications are desirable. • Strong analytical, communication and stakeholder management skills, with the ability to document technical designs and present findings to technical and non-technical audiences. Benefits: • Competitive salary and benefits package aligned with role and experience. • Support for professional development, including training and certification sponsorship relevant to the role. • Flexible working arrangements to support work-life balance. • Opportunities to work on complex, large-scale infrastructure and security projects with structured onboarding and ongoing learning. • Remote work. • Unique TEAL culture, relationship- and respect-driven community, non-corporate atmosphere. • Agile approach and no bureaucracy. • Outstanding integration trips to various places in Europe for all employees. • Activities to support your well-being and health. • Luxmed Gold Extended medical care and Multisport Plus benefit.