Threat and Controls Assessment Specialist

Unleash the Power of Cybersecurity — Drive Innovation in Threat and Controls Assessment!

Krakow-based opportunity with hybrid work model (up to 3 days remote/week).

As a Senior Threat and Controls Assessment Specialist – Cybersecurity, you will be working for our client, a leading global financial institution committed to delivering secure and innovative digital banking solutions. You will play a pivotal role within the HSBC Cybersecurity team, focusing on threat modelling and risk assessment for complex banking services, including cloud platforms, to safeguard millions of customers worldwide. This is your chance to contribute to cutting-edge security efforts at an international scale, with opportunities for professional growth and impact.

Your main responsibilities:

• Perform comprehensive threat and control assessments for various services and platforms, including Azure, AWS, and GCP.

• Collaborate with developers, architects, and technical leads to understand service architectures and identify control gaps.

• Stay current with industry trends, best practices, and emerging security threats.

• Guide and mentor less experienced team members, sharing your expertise in cybersecurity.

• Liaise with global teams to enhance the Threats and Controls Assessment service and methodology.

• Act as a key point of contact for cybersecurity issues, providing expert advice and insights.

• Contribute to continuous improvement of security processes and frameworks within the organization.

You're ideal for this role if you have:

• 6+ years of proven experience in the cybersecurity or technology sector.

• Deep technical knowledge of threat modelling, vulnerability assessment, and security controls.

• Hands-on experience working with cloud providers such as Azure, AWS, or GCP.

• Strong understanding of risk and control management frameworks, including STRIDE and MITRE ATT&CK.

• Industry-recognized cybersecurity certifications (e.g., CISSP, CRISC, CISM, Cloud Security Certifications) are highly desirable.

• Excellent communication skills in English, with the ability to explain complex risks to technical and non-technical stakeholders.

• Experience working in large-scale, multi-national, and diverse environments.

It is a strong plus if you have:

• Certifications in cloud security or security architecture.

• Knowledge of application design and development lifecycle with a security focus.

• Expertise in network, host, and application security practices.

Language Required for the role:

• Fluent English (both spoken and written).

Eligibility to work on this role:

• Only candidates with an existing legal right to work in the European Union will be considered for this role.

#MAKEYourCareerBETTER

Interested? Apply now and include your CV (preferably in English) along with a statement confirming your consent to the processing and storage of your personal data.

We offer you 

At ITDS, you will work on innovative and impactful technology projects for international companies across multiple industries in Europe and beyond. We create an environment for ambitious, driven professionals who want to grow, deliver value, and build their careers in modern IT and digital transformation. 

Our offer includes: 

• Stable and long-term cooperation with attractive conditions 

• Opportunities to develop your technical expertise across various industries and technologies 

• The chance to work on high-impact, strategic IT and digital transformation projects 

• A clear career path and the opportunity to grow quickly by contributing to diverse client initiatives over time 

• International environment, knowledge sharing, social events, and training opportunities 

• Access to an attractive medical package 

• Access to the Multisport program 

• Access to learning platforms such as Pluralsight 

• Flexible working hours and remote work options