Infrastructure Security Engineer (remote from Poland)

The Infrastructure Security Engineer is responsible for designing, implementing and managing enterprise security controls to protect critical infrastructure and city-scale assets. The person in this role will provide specialist guidance on network and operational technology (OT/ICS) security, validate contractor implementations against the master security architecture, and oversee testing and hardening of security controls in accordance with recognised standards.

Responsibilities:

• Design, implement and maintain enterprise security controls, including firewalls, web application firewalls (WAF), privileged access management (PAM), Zscaler, and vulnerability management platforms such as Qualys.

• Ensure security architectures and designs comply with organisational security standards and policies.

• Provide expert-level support and advisory services for network security infrastructure and related technologies.

• Specialise in OT/ICS security and physical security systems, including CCTV and access control systems (ACS).

• Define and maintain security hardening baselines for infrastructure and devices.

• Validate and audit security contractor implementations against the master security architecture and project requirements.

• Plan, coordinate and oversee testing of security controls for assets and city infrastructure, including penetration testing and control verification activities.

• Maintain up-to-date technical knowledge of relevant standards and controls and apply them to design and operational activities.

Qualifications:

• Proven experience in network and infrastructure security design and operations, including hands-on work with firewalls, WAF, PAM, NAC, endpoint controls and related technologies.

• Specialist experience with OT/ICS environments and integration of physical security systems (CCTV, ACS) into overall security architecture.

• Demonstrable expertise with security frameworks and standards such as IEC 62443 and relevant national or sectoral frameworks (for example HCIS, NCA‑ECC).

• Experience validating third-party or contractor implementations against master security architectures and conducting control testing.

• Relevant professional certifications such as CISSP, GCIA, or equivalent are required; additional vendor or technical certifications are desirable.

• Strong analytical, communication and stakeholder management skills, with the ability to document technical designs and present findings to technical and non-technical audiences.

Benefits:

• Competitive salary and benefits package aligned with role and experience.

• Support for professional development, including training and certification sponsorship relevant to the role.

• Flexible working arrangements to support work-life balance.

• Opportunities to work on complex, large-scale infrastructure and security projects with structured onboarding and ongoing learning.

• Remote work.

• Unique TEAL culture, relationship- and respect-driven community, non-corporate atmosphere.

• Agile approach and no bureaucracy.

• Outstanding integration trips to various places in Europe for all employees.

• Activities to support your well-being and health.

• Luxmed Gold Extended medical care and Multisport Plus benefit.