Threat and Control Assessment Consultant

Join us, and transform cybersecurity challenges into solutions!

As a Threat and Control Assessment Consultant, you will be working for our client, a leading global financial institution. You will be part of a specialized team within the Cybersecurity Assessment and Testing function, responsible for identifying, assessing, and remediating security vulnerabilities across diverse IT environments, including on-premise, cloud, and third-party services. Your role involves collaborating with various technical and business stakeholders to ensure comprehensive threat modeling and control assessments, ultimately safeguarding the organization’s information and technology assets.

Your main responsibilities: Performing effective threat and control assessments of services within internal, external, and cloud estates

• Liaising with developers, architects, and technical leads to identify control gaps
• Understanding business requirements and evaluating potential solutions with technical recommendations
• Being hands-on with technology and contributing to the design and development of projects with security recommendations
• Identifying threats across applications, databases, networks, and other infrastructure components
• Engaging with other Cybersecurity teams, senior management, and business members regarding potential security issues
• Contributing to process, procedures, and tool identification and development
• Staying updated with industry trends and best practices

You’re ideal for this role if you have:

• Proven experience in general security concepts and principles
• Hands-on experience with threat modeling and assessing vulnerabilities
• Strong understanding of application design and architecture
• Knowledge and experience with network, host, and application security practices
• Good working knowledge of Cloud Service Providers such as AWS, GCP, or Azure
• Strong understanding of the Software Development Life Cycle (SDLC) with a focus on security
• Experience in continuous improvement and process optimization
• Understanding of emerging technologies and corresponding security threats
• Strong stakeholder management and communication skills
• Ability to communicate technical gaps into business risk effectively

It is a strong plus if you have:

• Industry-recognized cybersecurity-related certifications such as CISSP, CRISC, CISM, or Cloud Security Certifications
• Experience in engaging with business, technology, regional, and regulatory stakeholders
• Proven experience in international and diverse environments
• Ability to work independently and deliver tasks to a high-quality standard
• Strong analytical and problem-solving skills
• Experience within fast-moving, complex, and demanding corporate environments

#GETREADY  to meet with us!

We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at recruitment@itds.pl.

Internal number #6749