Kliknij w zakładkę "Oferty pracy", aby zobaczyć inne stanowiska dostępne na naszej stronie internetowej.

Secure Development Lifecycle Specialist

  • Remote
  • English
  • Banking
  • Senior
  • Agile/Scrum

Join us, and be at the forefront of digital defense!

Krakow-based opportunity with the possibility to work 100% remotely!

As a Secure Development Lifecycle Specialist, you will be working for our client, a leading global financial institution, within the Cybersecurity organization. Your primary focus will be to analyze and execute activities related to cybersecurity processes, controls, standards, and regulatory requirements.

Your main responsibilities:

  • Contributing to the ongoing development and adoption of Automated Dynamic Application Security Testing (DAST) security scanning service
  • Driving continual improvement in DAST security scanning product efficacy, coverage, and quality
  • Supporting DAST security scanning product vision, strategy, and metrics
  • Assisting in the creation of authentication scripts, using JavaScript and tool native scripting, to facilitate authenticated DAST web applications and APIs scanning
  • Ensuring adherence to the three lines of defense organizational model with clear lines of responsibility, accountability, and segregation of duties
  • Ensuring compliance with internal audit and external regulators to ensure organizational changes meet expectations
  • Analyzing and executing activities to ensure compliance with Client’s Cybersecurity policies and standards
  • Contributing to the identification and development of processes, procedures, and tools to strengthen the bank’s response to threats and incidents
  • Assessing new technology products and projects utilizing security technologies pertinent to the department
  • Acting as a role model to more junior members of the team
  • Engaging with other Cybersecurity teams, senior management, and members of the Business when confronted with potential security issues
  • Expanding skills, knowledge, and experience to enhance the overall capability of the function

You’re ideal for this role if you have:

  • 3+ years of development experience in JavaScript
  • 2+ years of experience in Dynamic Application Security Testing and related security scanning tools such as Invicti (Netsparker), Contrast, AppScan, etc.
  • 2+ years of experience in consultancy and support to application teams including security scanning tool onboarding, vulnerability review and triage, false positive and rating challenges, scanning eligibility, and exceptions, etc.
  • Strong understanding of general security concepts and principles and application-specific security concepts and principles
  • Strong understanding of the Software Development Life Cycle (SDLC) with a focus on security
  • Excellent understanding of platform-specific security risks, common vulnerabilities for web applications and microservices architecture, and their mitigations
  • Proven troubleshooting ability
  • Development and scripting experience (JavaScript)
  • Understanding of common technologies, protocols, and architectures used by web applications and APIs (HTML, XML, JavaScript, JSON, REST, Microservices, etc.)
  • Knowledge of the Common Vulnerability Scoring System (CVSS)
  • Understanding of emerging technologies and corresponding security threats
  • A degree in IT security
  • Fluent English

It is a strong plus if you have:

  • Professional qualifications such as CEH, CISSP, GIAC, or Cloud Security Certifications

#GETREADY  to meet with us!

We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at recruitment@itds.pl.

Internal number #4968

Internal number #4968


Access to +100 projects
Access to Healthcare
Access to Multisport
Training platforms
Access to Pluralsight
Make your CV shine
B2B or Permanent Contract
Flexible & remote work
Flexible hours and remote work