Principal Security Researcher

Join us, and champion cybersecurity excellence across industries!

Krakow-based opportunity with the possibility to work 100% remotely!

As a Principal Security Researcher, you will play a pivotal role within our client’s global financial institution, contributing to cybersecurity initiatives on a worldwide scale. Your primary responsibility will be to lead the design and implementation of penetration tests, ensuring the delivery of robust security solutions.

Your main responsibilities:

• Conducting highly technical security assessments across various technologies
• Professionally documenting root cause and risk analyses
• Collaborating closely with DevOps teams to meet security testing requirements
• Providing expert advice on vulnerability remediation and secure development practices
• Mentoring junior team members and fostering continuous improvement within the team
• Leading penetration tests to effectively communicate risks in business terms
• Overseeing penetration tests to ensure alignment with defined risk appetite
• Serving as a technical authority in internal and external cybersecurity discussions
• Contributing to the maturity of the cybersecurity function by enhancing service quality
• Ensuring adherence to organizational defense models and regulatory compliance
• Collaborating with stakeholders to optimize the delivery of the cybersecurity strategy
• Providing supervision, guidance, and mentorship to less experienced team members

You’re ideal for this role if you have:

• 5+ years of hands-on experience in penetration testing
• Strong communication skills for technical and non-technical audiences
• Wide breadth of penetration testing skills with critical thinking ability
• Entrepreneurial attitude to excel in challenging scenarios
• Ability to work independently or lead penetration testing teams effectively
• Superior time management and problem-solving skills
• Expertise in cybersecurity strategy development and execution
• Strong TCP/IP knowledge and web application testing experience
• Solid understanding of platform security models for mobile platforms
• Practical knowledge of infrastructure, web, and mobile penetration testing
• Proven programming/scripting skills and understanding of cryptography
• Experience with relevant regulatory compliance standards
• Strong grasp of common technologies, protocols and architectures that are commonly used by mobile applications (HTML, XML, JavaScript, JSON, REST, Microservices etc.)
• Strong understanding of software development lifecycles especially DevOps

It is a strong plus if you have:

• Experience with dynamic and static application security testing and associated tools
• Experience with performing security code reviews for Java, Objective C, Swift and Kotlin programming languages
• Strong initiative, consensus-building and ability to collaborate directly with a variety of clients (business, development, compliance, etc.)
• Experience with mobile security testing frameworks such as OWASP MASVS, OWASP MSTG
• Knowledge of enterprise application design & common security issues associated with it
• Advanced knowledge of common security analysis tools and testing techniques especially for the mobile security space
• Knowledge of security verification of mechanisms & technologies such as SSL, Pinning, Biometric Authentication, Out of Band Authentication, JWT, SAML, RASP, Oauth2 etc.
• Prior software programming and development experience especially of iOS & Android
• Prior programming experience with Java, Kotlin, Objective C & Swift programming languages
• Prior experience with security testing or secure application development for a large enterprise
• Prior experience with cloud-hosted applications & services
• Experience in reverse engineering or disassembly

#GETREADY  to meet with us!

We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at recruitment@itds.pl.

Internal number #5061