Lead IT Security Analyst

Nasze wymagania: Typically educated to degree level or equivalent (ideally within IT security) 3+ year experience on consultancy and support to application teams including security scanning tool onboarding, scanning eligibility and exceptions etc. Experience using enterprise security scanning tooling will be an advantage. Hands-on DAST experience. Experience using Invicti would be an added advantage. Knowledge and understanding of common authentication mechanisms for websites and APIs. Understanding of common technologies, protocols and architectures that are commonly used by web applications and APIs. (HTML, XML, JavaScript, JSON, REST, Microservices etc.) Development and scripting experience (JavaScript, Python) Experience configuring and review automated DAST scan configurations. Strong understanding of Software Development Life Cycle (SDLC) with a focus on Cybersecurity. The ability to understand, troubleshoot and solve complex problems. Excellent stakeholder management and communication skills. Zakres obowiązków: Ensure adherence to the three lines of defence organisational model with clear lines of responsibility, accountability, and segregation of duties. Ensure compliance with internal audit and external regulators that any organisational changes are fit for purpose and meet their expectations. Analyse and execute activities to ensure compliance with Cybersecurity policies and standards. Contribute to process, procedures and tool identification/development that will strength the bank’s response to threats and incidents. Assess new technology products and projects utilising security technologies pertinent to the department. Act as a role model to more junior members of the team. Engagement with other Cybersecurity teams, senior management and members of the Business when confronted with potential security issues. Expand their skills, knowledge, and experience to enhance the overall capability of the function. Review and analyse DAST (Dynamic Automated Security Testing) scanning results and connect with application teams improve scan quality where required. Liaise with application teams to onboard and set up website and API scan configurations for automated scanning. Drive continual improvement in DAST security scanning product efficacy, coverage, and quality. Support internal DAST users via service desk tickets as required. Oferujemy: A full-time contract with possibility to choose the form of employment (UoP/B2B) Stable and long-term cooperation A clearly defined career path and the possibility of development in four areas as: Project Manager, Business Manager, Technical Leader and a specialist in their field Participation in company conferences, trainings, workshops, integration meetings, etc. Certification and training opportunities Opportunity to relocate and work in different ALTEN Polska branches