Threat and Controls Assessment Consultant

Unleash the power of cybersecurity — shape a safer digital future for a global leader.

Krakow-based opportunity with hybrid work model (up to 3 days remote per week).

As a Senior Threat and Controls Assessment Analyst, you will be working for our client, a leading international banking institution. You will join their dynamic Cybersecurity team within Technology, focused on safeguarding digital assets and enabling secure innovation across global banking services. This role offers a unique opportunity to contribute to cutting-edge security initiatives and advance your career in a fast-paced, high-impact environment.

Your main responsibilities:

• Perform comprehensive threat and control assessments of HSBC’s internal, external, and cloud services.

• Collaborate with Developers, Architects, and technical leads to understand service architecture and identify control gaps.

• Evaluate business requirements and provide detailed security recommendations for solutions and products.

• Conduct hands-on threat modeling and vulnerability assessments, highlighting weaknesses across applications, databases, networks, and infrastructure.

• Engage with Cybersecurity teams and senior stakeholders to address and mitigate potential security issues.

• Contribute to the development and improvement of processes, procedures, and assessment tools.

• Stay informed about emerging industry trends, best practices, and new security threats.

You're ideal for this role if you have:

• At least 5 years of experience in the cybersecurity or IT security sector.

• Strong technical expertise in security concepts, vulnerability assessment, and threat modeling.

• Proven experience with assessing diverse enterprise IT assets, including applications, networks, and cloud environments.

• Hands-on knowledge of secure software development life cycle (SDLC) and security practices.

• Familiarity with cloud platforms such as AWS, GCP, or Azure.

• Industry-recognized cybersecurity certifications (e.g., CISSP, CRISC, CISM, or Cloud Security Certifications) is highly desirable.

• Excellent stakeholder management and communication skills, with the ability to translate technical risks into business language.

• A proactive, problem-solving mindset with the ability to work independently in a dynamic environment.

It is a strong plus if you have:

• Experience working in international, multi-cultural teams.

• Knowledge of risk and control management frameworks.

• Familiarity with emerging security technologies and threats.

• Certifications or experience relevant to cloud security.

Language Required for the role:

• Fluent English (both spoken and written).

Eligibility for the role:

• Only candidates with an existing legal right to work in the European Union will be considered for this role.

#MAKEYourCareerBETTER

Interested? Apply now and include your CV (preferably in English) along with a statement confirming your consent to the processing and storage of your personal data.

We offer you 

At ITDS, you will work on innovative and impactful technology projects for international companies across multiple industries in Europe and beyond. We create an environment for ambitious, driven professionals who want to grow, deliver value, and build their careers in modern IT and digital transformation. 

Our offer includes: 

• Stable and long-term cooperation with attractive conditions 

• Opportunities to develop your technical expertise across various industries and technologies 

• The chance to work on high-impact, strategic IT and digital transformation projects 

• A clear career path and the opportunity to grow quickly by contributing to diverse client initiatives over time 

• International environment, knowledge sharing, social events, and training opportunities 

• Access to an attractive medical package 

• Access to the Multisport program 

• Access to learning platforms such as Pluralsight 

• Flexible working hours and remote work options