Security Specialist

  • Full time
  • Prague
  • Posted 1 week ago
WhiteSource (nice to have)
SonarQube (nice to have)
Azure DevOps (nice to have)
Azure Service Bus (nice to have)
Azure Kubernetes Service (nice to have)
Microsoft Azure (junior)
CI/CD & DevSecOps (regular)
• Industry: Finance / Banking
• Location: Poland
• Remote work: 98% remote work plus once per month/month and a half in the Warsaw office
• Project language: English (required), Polish
• Project length: Long-term
• Start: asap/flexible 
• Assignment type: B2B
Project details: Build a common service layer to support application needs for getting and updating data in core systems. The common services shrink-wraps business rules and core system-specific data to support a joint implementation. The bundle even allows the applications to work independently of updates and replacements of core systems. The common services offer applications a high speed, uninterrupted access to core systems. The proportion between New development 70% Maintenance 10% Process optimisation 20%
As an IT Security Specialist in the PaaS Integrations team, you will be responsible for: 
  • integrating solid and secure processes for our API Platform.
  • ensuring that all areas comply with our security policies and compliance requirements. 
  • driving processes around security and compliance evaluations and submitting information needed to comply with these, including security risk evaluations, security reviews, conducting PEN tests (performed by 3rd party), and similar tasks. 
  • improving our quality by changing or adding tools, processes and organizational culture as well as including security aspects early in the development life cycle. 
  • working in a strong team with an agile mindset and high flow, delivering high-profile APIs with a major impact on the organization’s success. 
  • working daily with Product Owner, Scrum Masters, developers, architects, the business and our Nordic IT Operations and Cyber Security teams. 
  • You have an education and experience that combines the technical, security and business understanding 
  • You have a minimum of 5 years of experience in a similar role and preferably experience with security and compliance in hybrid and cloud solutions (eg GDPR, PSD2, SOX, EBA, Basel) 
  • You can understand detailed technical procedures, security principles, software architecture, tools and processes, including security risk and various types of security tests 
  • You have hands-on experience with DevSecOps practices and experience with IAST, DAST, SAST, RASP & SCA
  • Solid knowledge in working with OWASP top-10 and similar web application security risks
  • Experience with Threat Modelling and similar disciplines 
  • Interest in and ability to drive a Cyber Security Compliance mindset in the development teams 
  • Experience working with APIs in the Financial industry is preferred
  • You worked with some of those technologies:  
    • Microsoft Azure, especially Azure Kubernetes Service, Azure Service Bus. 
    • CI/CD & DevSecOps 
    • Azure DevOps, SonarQube, WhiteSource
• Technical growth, including education and certifications.
• International projects in Scandinavian business culture.
• Long term cooperation across multiple projects and sectors.
• Transparently built relations based on trust and fair play.
• Co-financed benefit package (private healthcare, Multisport card).

To apply for this job please visit