Platform Security Engineer

Company Description

Our mission as a company providing IT services is to provide our clients all over the world with the best solutions. We manage to do this by analyzing the needs of our clients and matching them to the skills and aspirations of our employees. Therefore, one of our main motivations is to provide each Employee and Consultant with a satisfying experience. Joining us means being part of a community with diverse personalities. Start your adventure with act digital Polska!

Job Description

We are looking for Platform Security Engineers (Senior+) to join our Product Security domain. Our platform underpins multiple products and handles sensitive, high-value data. At its core sits a large, graph-based data store that powers downstream systems. Building and securing access to that data, correctly and pragmatically, is critical to the company.

This is a hands-on engineering role. You will design, build, and ship production-grade security and privacy controls, not just define policies or review designs from the sidelines. This role is intentionally leveled as Senior+. We are open to hiring at different seniority levels if the fit is right. Titles matter less than ownership, judgment, and impact.

You’ll work on core platform security problems that directly affect how data is accessed, protected, and trusted. You’ll have real influence, real responsibility, and the space to do things properly, without losing sight of pragmatism.

Responsibilities

• Designing and implementing authentication and authorization for a large, graph-based database (hundreds of thousands of nodes).

• Building and evolving secure OAuth-based AuthN/AuthZ flows, including token handling, permission models, and enforcement.

• Making concrete improvements to production security posture.

• Auditing, understanding, and improving data flows and data-privacy controls, ensuring sensitive data does not end up where it shouldn’t.

• Acting as a security and privacy gatekeeper in reviews — asking hard questions and requiring changes when needed.

• Improving and maintaining supply-chain security, including SAST, SCA, container scanning, and CI/CD hardening.

Requirements

• Senior experience - minimum 5 years.

• Strong proficiency in Python (our primary language).

• Deep understanding of authentication and authorization concepts, including OAuth, JWTs, permission models, and secure token handling.

• Experience designing and securing non-trivial data systems.

• Ability to reason about risk, trade-offs, and real-world constraints.

• A track record of shipping real security improvements, not just writing policy.

Nice to have (strongly preferred)

• Experience with graph databases, ideally Neo4j or similar.

• Experience with CI/CD and supply-chain security (SAST, SCA, container scanning, pipeline hardening).

• Experience with Go or Rust.

• Some familiarity with frontend or React (not required, but useful for end-to-end thinking).

Additional Information

• Work model: Hybrid from Warsaw

• Type of contract: B2B

• Rate: up to 240 PLN net per hour

• Project: Long-term (2+ years)

• Start: ASAP-1 month

We offer

• Access to local and international projects - Clients from France, Germany, Portugal, UK, and Benelux.

• Professional development support - trainings, technical certificates, conference participation, foreign language classes, and soft skills trainings are subsidized for up to 2 000 PLN.

• Bonus for recommending Candidates starting from 6 000 up to 10000 PLN.

• Fully paid Medicover healthcare card.

• Psychological support program WellBee.

• Multisport card.

• Regular integration events and gifts.

• Long-term cooperation.

• Relocation Program.

If You applied for this position the Controller of your personal will be ACT DIGITAL POLSKA Sp. z o.o., with its registered office at Przyokopowa 31, 01-208 Warsaw. The personal data provided by you will be processed for the purpose of the recruitment process and for future recruitment processes.

You have the right to access the content of your data, request their rectification, erasure, restriction of processing, the right to data portability, the right to object to the processing of your data and the right to lodge a complaint to the President of the Personal Data Protection Office.