Automated Security Scanning Analyst

Join us, and be the shield in a fast-evolving tech world!

Krakow-based opportunity with the possibility to work 70% remotely!

As an Automated Security Scanning Analyst, you will be working for our client, a global financial institution. The role focuses on supporting cybersecurity within global technology operations, ensuring the adoption of best practices in secure development and automated security scanning. Working with diverse teams, you will enhance security tooling, guide developers in implementing security protocols, and contribute to the secure lifecycle of development processes across various platforms and cloud environments.

Your main responsibilities:

• Develop and adopt security tools to enhance team efficiency and security
• Collaborate with developers and project managers on application security integration
• Recommend security practices and tools for secure development processes
• Conduct and support training for development teams on security scanning services
• Stay current with security industry trends, tools, and best practices
• Design and implement processes for tracking and improving security metrics
• Support audit requirements and service desk management with quality reviews
• Contribute to the automation and integration of security tools in DevOps pipelines
• Oversee changes in risk profiles through analysis of metrics and controls
• Provide ongoing support for secure development lifecycle (SDLC) tools and procedures

You’re ideal for this role if you have:

• Experience with DevSecOps and security-focused DevOps practices
• Proficiency with security tools such as SAST, DAST, or container security tools (e.g., Jenkins, GitHub, Checkmarx, Aquasec)
• Knowledge of common public cloud environments (AWS, GCP, Azure, Alicloud)
• Understanding of security vulnerabilities and platform-specific risks, especially in web and mobile application architecture
• Familiarity with programming language vulnerabilities (Java, JavaScript, Objective C, Swift, Kotlin)
• Knowledge of vulnerability scoring systems such as CVSS
• Hands-on experience with collaboration tools, preferably JIRA and Confluence
• Strong analytical skills, including attention to detail, data analysis, and problem-solving abilities
• Understanding of emerging technologies and corresponding security threats
• Knowledge of pipeline vulnerability identification tools

It is a strong plus if you have:

• Experience in implementing security within agile, DevOps, or DevSecOps environments
• Knowledge of compliance management and audit processes in cybersecurity
• Proficiency with secrets management and source code management technologies (e.g., Hashicorp Vault, Git)
• Familiarity with IT risk management and service delivery in a global enterprise
• Background in training or mentoring teams on secure development practices

#GETREADY  to meet with us!

We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at recruitment@itds.pl.

Internal number #6078