Kliknij w zakładkę "Oferty pracy", aby zobaczyć inne stanowiska dostępne na naszej stronie internetowej.

Principal Security Researcher

  • Remote
  • English
  • Banking
  • Expert/Senior
  • Agile/Scrum

Join us, and champion cybersecurity excellence across industries!

Krakow-based opportunity with the possibility to work 100% remotely!

As a Principal Security Researcher, you will play a pivotal role within our client’s global financial institution, contributing to cybersecurity initiatives on a worldwide scale. Your primary responsibility will be to lead the design and implementation of penetration tests, ensuring the delivery of robust security solutions.

Your main responsibilities:

  • Conducting highly technical security assessments across various technologies
  • Professionally documenting root cause and risk analyses
  • Collaborating closely with DevOps teams to meet security testing requirements
  • Providing expert advice on vulnerability remediation and secure development practices
  • Mentoring junior team members and fostering continuous improvement within the team
  • Leading penetration tests to effectively communicate risks in business terms
  • Overseeing penetration tests to ensure alignment with defined risk appetite
  • Serving as a technical authority in internal and external cybersecurity discussions
  • Contributing to the maturity of the cybersecurity function by enhancing service quality
  • Ensuring adherence to organizational defense models and regulatory compliance
  • Collaborating with stakeholders to optimize the delivery of the cybersecurity strategy
  • Providing supervision, guidance, and mentorship to less experienced team members

You’re ideal for this role if you have:

  • 5+ years of hands-on experience in penetration testing
  • Strong communication skills for technical and non-technical audiences
  • Wide breadth of penetration testing skills with critical thinking ability
  • Entrepreneurial attitude to excel in challenging scenarios
  • Ability to work independently or lead penetration testing teams effectively
  • Superior time management and problem-solving skills
  • Expertise in cybersecurity strategy development and execution
  • Strong TCP/IP knowledge and web application testing experience
  • Solid understanding of platform security models for mobile platforms
  • Practical knowledge of infrastructure, web, and mobile penetration testing
  • Proven programming/scripting skills and understanding of cryptography
  • Experience with relevant regulatory compliance standards
  • Strong grasp of common technologies, protocols and architectures that are commonly used by mobile applications (HTML, XML, JavaScript, JSON, REST, Microservices etc.)
  • Strong understanding of software development lifecycles especially DevOps

It is a strong plus if you have:

  • Experience with dynamic and static application security testing and associated tools
  • Experience with performing security code reviews for Java, Objective C, Swift and Kotlin programming languages
  • Strong initiative, consensus-building and ability to collaborate directly with a variety of clients (business, development, compliance, etc.)
  • Experience with mobile security testing frameworks such as OWASP MASVS, OWASP MSTG
  • Knowledge of enterprise application design & common security issues associated with it
  • Advanced knowledge of common security analysis tools and testing techniques especially for the mobile security space
  • Knowledge of security verification of mechanisms & technologies such as SSL, Pinning, Biometric Authentication, Out of Band Authentication, JWT, SAML, RASP, Oauth2 etc.
  • Prior software programming and development experience especially of iOS & Android
  • Prior programming experience with Java, Kotlin, Objective C & Swift programming languages
  • Prior experience with security testing or secure application development for a large enterprise
  • Prior experience with cloud-hosted applications & services
  • Experience in reverse engineering or disassembly

#GETREADY  to meet with us!

We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at recruitment@itds.pl.

Internal number #5061


Access to +100 projects
Access to Healthcare
Access to Multisport
Training platforms
Access to Pluralsight
Make your CV shine
B2B or Permanent Contract
Flexible & remote work
Flexible hours and remote work