Security Engineer – AI Application & Infrastructure

Our requirements

• 6+ years of experience in cybersecurity, application security engineering, or related fields.
• Strong expertise in secure code review, vulnerability analysis, and AI/ML security risks (OWASP Top 10, and AI/ML-specific risks).
• Hands-on experience with security tooling (e.g., SAST, container security, secrets scanning, vulnerability scanning).
• Knowledge of API security, authentication protocols (OAuth 2.0, JWT), and secure CI/CD pipelines.
• Proficiency in Python scripting and automation for security workflows.
• Experience with security standards in regulated financial environments (e.g., NIST, ISO 27001).
• Ability to lead security threat modeling sessions and effectively communicate technical security findings.
• Fluent English communication skills, with proven ability to work within Agile teams and influence cross-functional stakeholders.

Optional

• Hands-on experience with OWASP LLM Top 10 or adversarial ML techniques.
• Knowledge of cloud security on GCP and/or Azure.
• Relevant security certifications such as CSSLP, CEH, OSCP.
• Experience with Software Composition Analysis (SCA) tools.
• Background working in financial services or heavily regulated sectors.

Your responsibilities

• Conduct secure code reviews and provide developer-friendly security findings to engineering teams across cybersecurity and banking units.
• Act as a security consultant, identifying insecure AI/ML patterns, deprecated protocols, and compliance gaps, recommending secure migration paths.
• Build proof-of-concept (POC) and proof-of-value (POV) implementations to evaluate new security solutions for AI and application security.
• Assess and report on security findings using rigorous analytical methodologies, including statistical modeling and risk evaluations.
• Evaluate large language models (LLMs) for security applications, measuring their efficacy in vulnerability detection and automated remediation.
• Review AI platform configurations, access controls, and deployment settings to ensure safety and compliance standards are maintained.
• Develop clear technical documentation to enable knowledge sharing across engineering teams globally.
• Identify risks in AI/ML pipelines, such as prompt injection or data leakage, and define secure-by-default best practices.
• Examine third-party AI supply chains for vulnerabilities and model integrity issues.
• Contribute to the development of security patterns, policies, and guidance across diverse AI projects.
• Mentor colleagues, foster a culture of continuous learning, and promote best security practices in AI application development.

About the project

This is how we organize our work

This is how we work on a project

• Continuous Deployment
• Continuous Integration

#GETREADY to meet with us!

ITDS’s Whistleblower Procedure

What we offer

• Stable and long-term cooperation with very good conditions
• Enhance your skills and develop your expertise in the financial industry
• Work on the most strategic projects available in the market
• Define your career roadmap and develop yourself in the best and fastest possible way by delivering strategic projects for different clients of ITDS over several years
• Participate in Social Events, training, and work in an international environment
• Access to attractive Medical Package
• Access to Multisport Program
• Access to Pluralsight
• Flexible hours

Benefits

• sharing the costs of sports activities
• private medical care
• flexible working time
• fruits
• integration events
• corporate gym
• saving & investment scheme
• no dress code
• coffee / tea
• drinks
• christmas gifts
• birthday celebration
• sharing the costs of a streaming platform subscription
• access to +100 projects
• access to Pluralsight

Recruitment stages

• 1.
  online interview
• 2.
  online interview

ITDS Polska Sp. z o.o.