Expert DevSecOps Security Consultant – Cybersecurity and Cloud Security

Our requirements

• At least 6 years of proven experience in Cybersecurity within large-scale or complex, regulated environments.
• Deep technical expertise with CI/CD systems, build tools, artifact repositories, runtime environments, and developer tooling.
• Strong experience with DevSecOps, including secure pipeline design, security scanning tools, and automation.
• Knowledge of service mesh, cryptography, network and application security, vulnerability management, and risk assessment.
• Hands-on experience conducting threat modeling and platform security assessments.
• Experience developing and implementing maturity models or security frameworks in enterprise settings.
• Excellent stakeholder management skills and the ability to influence senior leadership for cybersecurity adoption.
• Fluent in Polish with strong communication skills to articulate technical risks effectively.
• Eligibility for the role: Only candidates with an existing legal right to work in the European Union will be considered for this role.

Optional

• Professional certifications such as CISSP, CISM, CCSK, CCSP, or equivalent.
• Hands-on knowledge of cloud security platforms (AWS, Azure, GCP) and container orchestration tools like Kubernetes.
• Experience in international, diverse environments with exposure to regulatory engagement.
• Familiarity with engineering excellence practices such as supply chain security, SLSA, SBOM, or secure developer tooling initiatives.

Your responsibilities

• Develop and maintain an Engineering-Platform Cybersecurity Maturity Framework to standardize assessments.
• Conduct comprehensive security reviews of build systems, CI/CD pipelines, runtime infrastructure, and developer tooling, identifying vulnerabilities and systemic risks.
• Perform threat modeling and gap analysis to recommend remediation strategies.
• Establish secure architecture patterns and enforce platform security baselines via policy-as-code and automated controls.
• Collaborate with platform owners to remediate critical gaps and implement scalable security solutions.
• Integrate vulnerability management and secure development practices such as SBOM, provenance, and code-signing into engineering workflows.
• Prioritize identified security gaps based on risk, regulatory impact, and operational importance, and help build strategic security roadmaps.
• Engage with senior stakeholders to translate technical risks into business impact, guiding governance and strategic decisions.
• Promote a security culture within engineering teams through continuous improvement and knowledge sharing.

About the project

This is how we organize our work

#GETREADY to meet with us!

ITDS’s Whistleblower Procedure

What we offer

• Stable and long-term cooperation with very good conditions
• Enhance your skills and develop your expertise in the financial industry
• Work on the most strategic projects available in the market
• Define your career roadmap and develop yourself in the best and fastest possible way by delivering strategic projects for different clients of ITDS over several years
• Participate in Social Events, training, and work in an international environment
• Access to attractive Medical Package
• Access to Multisport Program
• Access to Pluralsight
• Flexible hours

Benefits

• sharing the costs of sports activities
• private medical care
• flexible working time
• fruits
• integration events
• corporate gym
• saving & investment scheme
• no dress code
• coffee / tea
• drinks
• christmas gifts
• birthday celebration
• sharing the costs of a streaming platform subscription
• access to +100 projects
• access to Pluralsight

Recruitment stages

• 1.
  first online interview
• 2.
  second online interview

ITDS Polska Sp. z o.o.