Principal Web Application Security Specialist

Web Application Security Protection SME

Join us, and be the shield behind global innovation!

Kraków - based opportunity with hybrid work model (6 days/month in the office).

As a Web Application Security Protection SME, you will be working for our client, a global financial services organization undergoing a transformation to fortify its cybersecurity posture across its digital infrastructure. You are joining a forward-thinking team within the cybersecurity division, focusing on enhancing web application defense mechanisms to counter evolving threats. This role places you at the heart of designing and implementing protection strategies for critical applications and services accessed globally, ensuring data security, business continuity, and customer trust in an increasingly complex cyber landscape.

Your main responsibilities:

• Designing and deploying Web Application Firewalls (WAFs) to protect critical applications

• Monitoring and fine-tuning WAF rules for effective mitigation of threats

• Integrating vulnerability scanning tools with WAFs for automated threat response

• Conducting threat modeling to identify and address application security risks

• Collaborating with DevSecOps and infrastructure teams to align protection strategies

• Reviewing security policies and adapting them to evolving threats

• Leading incident response efforts related to web application attacks

• Supporting secure design and deployment in cloud-based environments

• Advising on secure development practices to reduce application-layer vulnerabilities

• Documenting security configurations, procedures, and best practices

  
  

You're ideal for this role if you have:

• Proven experience in Web Application Security and Protection tooling

• Strong understanding of web application vulnerabilities and OWASP threat models

• Expertise with WAF platforms such as AWS WAF, Akamai Kona, or F5 ASM

• Deep knowledge of API security, including token-based authentication and gateways

• Solid grasp of vulnerability scanning tools and automated security integration

• Hands-on experience in threat modeling and mitigation

• Proficiency in cloud security, especially within AWS or GCP environments

• Excellent problem-solving skills with strong analytical thinking

• Ability to communicate complex technical topics to non-technical stakeholders

• Experience collaborating across global, cross-functional security teams

  
  

It is a strong plus if you have:

• Familiarity with secure development principles and modern coding languages

• Understanding of bot mitigation and automated attack prevention techniques

• Knowledge of anomaly detection and behavioral security analytics

• Background in network security architecture for large-scale enterprises

• Experience working in highly regulated financial environments

We offer you:

ITDS Business Consultants is involved in many various, innovative and professional IT projects for international companies in the financial industry in Europe. We offer an environment for professional, ambitious, and driven people. The offer includes:

• Stable and long-term cooperation with very good conditions 

• Enhance your skills and develop your expertise in the financial industry

• Work on the most strategic projects available in the market

• Define your career roadmap and develop yourself in the best and fastest possible way by delivering strategic projects for different clients of ITDS over several years

• Participate in Social Events, training, and work in an international environment

• Access to attractive Medical Package

• Access to Multisport Program

• Access to Pluralsight

• Flexible hours & remote work

Internal job number #7521

You can report violations in accordance with ITDS’s Whistleblower Procedure available here.