Cybersecurity Design Reviewer - Architect

Unleash Cybersecurity Innovation - Shape the Future of Secure Cloud Solutions!

Warsaw-based opportunity with hybrid work model

You will be working for our client, a leading global investment bank, dedicated to safeguarding their critical applications and cloud infrastructure. In this role, you will evaluate and shape innovative security design strategies, ensuring advanced protection measures are embedded from inception. You will collaborate with development teams, analyze security findings, and advise on risk mitigation to support the firm's transition towards secure, cloud-native solutions while fostering a culture of cybersecurity excellence organization-wide.

Your main responsibilities:

• Conduct cybersecurity architecture and design reviews for applications, including AI/ML solutions.

• Advise development teams on secure design and implementation strategies.

• Analyze penetration test, bug bounty, and code review findings to guide mitigation efforts.

• Document and promote effective security patterns and best practices.

• Engage with stakeholders via read-out calls to communicate risks and mitigation plans.

• Mentor and support junior cybersecurity professionals.

• Collaborate with engineers to ensure security is integrated within SDLC and CI/CD pipelines.

• Advocate for web application and cloud infrastructure security standards.

• Evaluate authentication, authorization, and cryptography implementations.

• Drive organizational change by embedding security controls into critical projects.

You're ideal for this role if you have:

• Over 4 years’ experience in application security or cloud security roles.

• Proven expertise in Threat Modeling or Secure Design/Architecture Reviews.

• Strong knowledge of common cybersecurity vulnerabilities, including OWASP Top 10.

• Hands-on experience with AWS security services and best practices (IAM, Security Groups, KMS, CloudTrail).

• Familiarity with secure coding practices and modern web technologies.

• Deep understanding of authentication and authorization protocols (OAuth, OIDC, SAML).

• Knowledge of security standards such as OWASP ASVS, NIST, or SANS Top 20.

• Experience in vulnerability assessment and penetration testing.

• Excellent communication skills to convey risks to both technical and management audiences.

• Ability to stay updated on emerging threats and mitigation strategies.

• Core cryptography knowledge, including TLS, encryption, hashing, and related vulnerabilities.

It is a strong plus if you have:

• Certifications such as CISSP, CISM, or GIAC.

• Experience with scripting or automation tools related to security.

Language Required for the role:

• Fluent in Polish and English.

Eligibility for the role:

• Only candidates with an existing legal right to work in Europe will be considered for this role.

#MAKEYourCareerBETTER

#8373