Pentester / Security Support Engineer

Security Engineer – Runtime Platform Security

Warsaw, city center, hybrid model 3 x week in the office

As an Engineer – Runtime Platform Security you will be working for our client, a leading global financial institution at the forefront of technological innovation in the financial services industry. You will join the Runtime Platform team, working closely with software and infrastructure engineers to safeguard the security of distributed systems and core infrastructure. This position is central to identifying vulnerabilities, influencing secure development practices, and ensuring compliance with security standards in a complex, large-scale environment handling critical financial operations.

Your main responsibilities:

• Conduct penetration testing and vulnerability assessments across distributed platforms

• Identify and analyze security vulnerabilities in containerized environments including Docker and Kubernetes

• Collaborate with development teams to embed security best practices throughout the SDLC

• Interface with the internal Tech Risk team to align with security standards and policies

• Participate in code and design reviews with a focus on security implications

• Develop and maintain tools to automate security testing and vulnerability detection

• Perform threat modeling and risk assessments for internal platforms and systems

• Contribute to incident response efforts, including root cause and forensic analysis

• Document and communicate security findings and recommendations clearly

• Stay informed on emerging security threats, vulnerabilities, and mitigation strategies

You're ideal for this role if you have:

• Proven experience in penetration testing and vulnerability assessment of distributed systems

• Proficiency in at least one programming language such as C++, Python, or Go

• Deep understanding of security principles and best practices

• Familiarity with container technologies such as Docker and Kubernetes

• Experience working with or developing security testing tools

• Strong knowledge of Linux operating system fundamentals

• Solid grasp of networking concepts and protocols

• Ability to communicate technical security risks to both technical and non-technical audiences

• A proactive and analytical approach to problem-solving in complex environments

• Experience collaborating across teams and navigating enterprise security requirements

Preferred:

• Industry certifications such as OSCP, CEH, or CISSP

• Experience with cloud security (AWS, GCP, Azure)

• Contributions to open-source security projects

• Experience with security automation and orchestration tools

• Familiarity with common security frameworks and standards (e.g., NIST, OWASP)

• Experience with reverse engineering and malware analysis

• Background in incident response and digital forensics

• Developing and delivering security training