Senior Cyber Security Engineer AppSec Specialist

For Digital Hub Warsaw, we are looking for:

Senior Cyber Security Engineer AppSec Specialist

This role is responsible for managing, operating, and maintaining the controls that protect Bayer’s computer networks systems and data from cyberattacks. They work closely with IT teams to identify, assess and mitigate security risks, and they work with ITSM to ensure operational continuity and with cyber incident response to contain the damage from security incidents and prevent future attacks. 

Key Responsibilities:

• Implements, Operates, and assists in the design of cybersecurity solutions for Bayer’s systems and products in compliance with Bayer’s applicable security policies and standards. 

• Works with IT and internal and external business partners to ensure that security is factored in the evaluation, selection, installation, and configuration process of infrastructure and software.

• Maintains operational efficiency, performance, and reliability of security systems; integrating into IT lifecycle management and incident response processes.

• Analyzes and makes recommendations to improve DevOps architectures.

• Assists in the review and update of cybersecurity policies, architectures, and standards.

• Assists in responding to audits, penetration tests, and vulnerability assessments.

• Assists in the design and implementation of secure infrastructure solutions, including, source control, API, containerization, configuration management, storage security, and identity and access management (IAM) based on security policies to prevent unauthorized access.

• Conducts regular application security assessments to identify vulnerabilities and potential risks.

• Align with Cyber Security Architects on ensuring security architecture standards, guidelines, and best practices are implemented into technology. 

Qualifications:

• BS or MA in computer science, cybersecurity, or a related field. 

• [3+] years of experience in cybersecurity, previous experience in a software engineering role utilizing modern application development (e.g., Node.js, Java, Python, SQL, etc.) highly desired.

• Desired, but not required: Certified Information Systems Security Professional (CISSP).

• Understands organizational mission, values, and goals and consistently applies this knowledge.

• Experience with cyber security tools (e.g., SAST, DAST, SCA, secrets scanning) and techniques to automate security tasks, streamline incident response, and enhance overall security posture.

• Experience with relevant security standards and regulations that apply, such as PCI DSS and HIPAA. They should be able to assess compliance requirements and implement necessary controls to ensure adherence to these standards.

• Familiarity with application deployment / configuration within one or more cloud environments (AWS, Azure, GCP)

What do We offer:

• A flexible, hybrid work model

• Great workplace in a new modern office in Warsaw

• Career development, 360° Feedback & Mentoring programme

• Wide access to professional development tools, trainings, & conferences

• Company Bonus & Reward Structure

• VIP Medical Care Package (including Dental & Mental health)

• Holiday allowance (“Wczasy pod gruszą”)

• Life & Travel Insurance

• Pension plan

• Co-financed sport card - FitProfit

• Meals Subsidy in Office

• Additional days off

• Budget for Home Office Setup & Maintenance

• Access to Company Game Room equipped with table tennis, soccer table, Sony PlayStation 5 and Xbox Series X consoles setup with premium game passes, and massage chairs

• Tailored-made support in relocation to Warsaw when needed

• Please send your CV in English

You feel you do not meet all criteria we are looking for? That doesn’t mean you aren’t the right fit for the role. Apply with confidence, we value potential over perfection

WORK LOCATION: WARSAW AL.JEROZOLIMSKIE 158