Web Application Security Protection SME

Join us, and be the shield behind global innovation!

Kraków – based opportunity with hybrid work model (6 days/month in the office)

As a Web Application Security Protection SME, you will be working for our client, a global financial services organization undergoing a transformation to fortify its cybersecurity posture across its digital infrastructure. You are joining a forward-thinking team within the cybersecurity division, focusing on enhancing web application defense mechanisms to counter evolving threats. This role places you at the heart of designing and implementing protection strategies for critical applications and services accessed globally, ensuring data security, business continuity, and customer trust in an increasingly complex cyber landscape.

Your main responsibilities: Designing and deploying Web Application Firewalls (WAFs) to protect critical applications

• Monitoring and fine-tuning WAF rules for effective mitigation of threats
• Integrating vulnerability scanning tools with WAFs for automated threat response
• Conducting threat modeling to identify and address application security risks
• Collaborating with DevSecOps and infrastructure teams to align protection strategies
• Reviewing security policies and adapting them to evolving threats
• Leading incident response efforts related to web application attacks
• Supporting secure design and deployment in cloud-based environments
• Advising on secure development practices to reduce application-layer vulnerabilities
• Documenting security configurations, procedures, and best practices

You’re ideal for this role if you have:

• Proven experience in Web Application Security and Protection tooling
• Strong understanding of web application vulnerabilities and OWASP threat models
• Expertise with WAF platforms such as AWS WAF, Akamai Kona, or F5 ASM
• Deep knowledge of API security, including token-based authentication and gateways
• Solid grasp of vulnerability scanning tools and automated security integration
• Hands-on experience in threat modeling and mitigation
• Proficiency in cloud security, especially within AWS or GCP environments
• Excellent problem-solving skills with strong analytical thinking
• Ability to communicate complex technical topics to non-technical stakeholders
• Experience collaborating across global, cross-functional security teams

It is a strong plus if you have:

• Familiarity with secure development principles and modern coding languages
• Understanding of bot mitigation and automated attack prevention techniques
• Knowledge of anomaly detection and behavioral security analytics
• Background in network security architecture for large-scale enterprises
• Experience working in highly regulated financial environments

#GETREADY  to meet with us!

We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at cv-recruitment@itds.pl.

Internal number #7521