Cybersecurity Threat and Control Assessment Consultant

Join us, and transform cybersecurity challenges into solutions!

Krakow-based opportunity with the possibility to work in a hybrid setup (6 days per month in the office).

As a Cybersecurity Threat and Control Assessment Consultant, you will be working for our client, a leading global financial institution. You will be part of a specialized team within the Cybersecurity Assessment and Testing function, responsible for identifying, assessing, and remediating security vulnerabilities across diverse IT environments, including on-premise, cloud, and third-party services. Your role involves collaborating with various technical and business stakeholders to ensure comprehensive threat modeling and control assessments, ultimately safeguarding the organization's information and technology assets.

Your main responsibilities:

• Performing effective threat and control assessments of services within internal, external, and cloud estates
• Liaising with developers, architects, and technical leads to identify control gaps
• Understanding business requirements and evaluating potential solutions with technical recommendations
• Being hands-on with technology and contributing to the design and development of projects with security recommendations
• Identifying threats across applications, databases, networks, and other infrastructure components
• Engaging with other Cybersecurity teams, senior management, and business members regarding potential security issues
• Contributing to process, procedures, and tool identification and development
• Staying updated with industry trends and best practices

You're ideal for this role if you have:

• Proven experience in general security concepts and principles
• Hands-on experience with threat modeling and assessing vulnerabilities
• Strong understanding of application design and architecture
• Knowledge and experience with network, host, and application security practices
• Good working knowledge of Cloud Service Providers such as AWS, GCP, or Azure
• Strong understanding of the Software Development Life Cycle (SDLC) with a focus on security
• Experience in continuous improvement and process optimization
• Understanding of emerging technologies and corresponding security threats
• Strong stakeholder management and communication skills
• Ability to communicate technical gaps into business risk effectively

It is a strong plus if you have:

• Industry-recognized cybersecurity-related certifications such as CISSP, CRISC, CISM, or Cloud Security Certifications
• Experience in engaging with business, technology, regional, and regulatory stakeholders
• Proven experience in international and diverse environments
• Ability to work independently and deliver tasks to a high-quality standard
• Strong analytical and problem-solving skills
• Experience within fast-moving, complex, and demanding corporate environments

We offer you:

ITDS Business Consultants is involved in many various, innovative and professional IT projects for international companies in the financial industry in Europe. We offer an environment for professional, ambitious and driven people. The offer includes:

• Stable and long-term cooperation with very good conditions
• Enhance your skills and develop your expertise in the financial industry
• Work on the most strategic projects available in the market
• Define your career roadmap and develop yourself in the best and fastest possible way by delivering strategic projects for different clients of ITDS over several years
• Participation in Social Events, training, and work in an international environment
• Access to an attractive Medical Package
• Access to Multisport Program

#GETREADY

Internal job ID #6749

You can report violations in accordance with ITDS’s Whistleblower Procedure available here.