Lead Cybersecurity Analyst - Automated Security Scanning

Lead Cybersecurity Analyst – Automated Security Scanning

Miejsce pracy: Kraków

Technologies we use

Expected

• HTML
• XML
• JavaScript
• Python

Operating system

• Windows

About the project

As a Lead Cybersecurity Analyst – Automated Security Scanning, you will be working for our client in the global cybersecurity space, dedicated to safeguarding financial and digital assets through innovative security practices. You will contribute to establishing and maintaining robust security controls and standards, helping the organization stay ahead of emerging threats while fostering career growth within a dynamic environment.

Empower secure digital ecosystems — lead the future of automated cybersecurity!

Krakow-based opportunity with hybrid work model (up to 3 remote days per week).

Only candidates with an existing legal right to work in the European Union will be considered for this role.

Your responsibilities

• Review and analyze DAST (Dynamic Automated Security Testing) scan results to identify vulnerabilities and improve scan quality.
• Collaborate with application teams to onboard, configure, and optimize website and API security scans.
• Drive continuous improvement initiatives to enhance the efficacy, coverage, and accuracy of security scanning tools.
• Support internal users of DAST tools through ticket resolution and technical guidance.
• Ensure compliance with cybersecurity policies, regulations, and audit requirements through detailed analysis and reporting.
• Act as a role model and mentor for junior team members, promoting best practices in cybersecurity.
• Engage with other cybersecurity teams and stakeholders to address potential security issues proactively.

Our requirements

• 4+ years of experience in cybersecurity, with a focus on security testing, particularly automated scanning (DAST).
• Hands-on experience configuring and reviewing DAST scan tools, preferably Invicti.
• Strong knowledge of web technologies and APIs, including HTML, XML, JavaScript, JSON, REST, and microservices architecture.
• Development and scripting skills in JavaScript and Python.
• A solid understanding of the Software Development Life Cycle (SDLC) with cybersecurity integration.
• Excellent stakeholder management, communication, and problem-solving skills.

Optional

• Experience supporting application security initiatives.
• Knowledge of enterprise security tooling and processes.
• Certifications in cybersecurity or related fields.

This is how we organize our work

This is how we work

• at the client's site
• agile
• scrum

What we offer

• Stable and long-term cooperation with very good conditions
• Enhance your skills and develop your expertise in the financial industry
• Work on the most strategic projects available in the market
• Define your career roadmap and develop yourself in the best and fastest possible way by delivering strategic projects for different clients of ITDS over several years
• Participate in Social Events, training, and work in an international environment
• Access to attractive Medical Package
• Access to Multisport Program
• Access to Pluralsight
• Flexible hours

Benefits

• sharing the costs of sports activities
• private medical care
• flexible working time
• fruits
• integration events
• corporate gym
• saving & investment scheme
• no dress code
• coffee / tea
• drinks
• christmas gifts
• birthday celebration
• sharing the costs of a streaming platform subscription
• access to +100 projects
• access to Pluralsight

Recruitment stages

• online interview
• online interview

#GETREADY to meet with us!

ITDS Business Consultants is involved in many various, innovative and professional IT projects for international companies in the financial industry in Europe. We offer an environment for professional, ambitious, and driven people.

We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data.

ITDS’s Whistleblower Procedure

You can report violations in accordance with ITDS’s Whistleblower Procedure available here:

ITDS Polska Sp. z o.o.

ITDS supports financial service providers to take the next steps.

We identify what’s possible, every day. Opportunities in the areas of technology, organization, and digitization.

We see where banks, insurers, payment companies, or fintech can go and how they can get there.

That’s why we want to stimulate you to ramp up your ambition. Forget what you perceive as restraints and step towards the new reality.

ITDS in Poland - Pure player in new Technologies & Financial Industry

+300 IT implementation professionals

+20 clients in the Banking, Insurance, Payment & Fintech Industry

ITDS excels in digital strategy delivery and implementation of best-of-breed lending solutions. ITDS has delivered successful strategic projects throughout Europe since 1998. We combine the experience we’ve accumulated with in-depth knowledge of technologies, business processes, and EU legislation to unlock new business opportunities.

Informujemy, że administratorem danych jest ITDS z siedzibą w Warszawie, ul. Złota 59 (dalej jako "administrator"). Masz prawo do żądania dostępu do swoich danych osobowych, ich sprostowania, usunięcia lub ograniczenia przetwarzania, prawo do wniesienia sprzeciwu wobec przetwarzania, a także prawo do przenoszenia danych oraz wniesienia skargi do organu nadzorczego. Dane osobowe przetwarzane będą w celu realizacji procesu rekrutacji. Podanie danych w zakresie wynikającym z ustawy z dnia 26 czerwca 1974 r. Kodeks pracy jest obowiązkowe. W pozostałym zakresie podanie danych jest dobrowolne. Odmowa podania danych obowiązkowych może skutkować brakiem możliwości przeprowadzenia procesu rekrutacji. Administrator przetwarza dane obowiązkowe na podstawie ciążącego na nim obowiązku prawnego, zaś w zakresie danych dodatkowych podstawą przetwarzania jest zgoda. Dane osobowe będą przetwarzane do czasu zakończenia postępowania rekrutacyjnego i przez okres możliwości dochodzenia ewentualnych roszczeń, a w przypadku wyrażenia zgody na udział w przyszłych postępowaniach rekrutacyjnych - do czasu wycofania tej zgody. Zgoda na przetwarzanie danych osobowych może zostać wycofana w dowolnym momencie. Odbiorcą danych jest serwis Hello HR oraz inne podmioty, którym powierzyliśmy przetwarzanie danych w związku z rekrutacją.
Naruszenia można zgłaszać zgodnie z Procedurą zgłaszania nieprawidłowości ITDS dostępną tutaj: