World
Country
Language

poland Poland

portugal Portugal

netherlands Netherlands

THIS JOB OFFER IS NO LONGER AVAILABLE
Click on "Job offers" to see all other positions available on our website.

Vulnerability Assessment Analyst (Secret)

  • Hybrid
  • English
  • Banking
  • Regular
  • Agile/Scrum

Join us, and protect critical assets with strategic vulnerability analysis!

Krakow-based opportunity with the possibility to work 80% remotely!

As a Vulnerability Assessment Analyst (Secret), you will be working for our client, a prominent global financial institution. The client focuses on managing information, technology, and cybersecurity risks through a comprehensive risk management framework. The Cybersecurity Assessment and Testing (CSAT) function within this organization drives the identification, assessment, and remediation of security vulnerabilities across various platforms. You will be playing a crucial role in ensuring the effectiveness of these processes by providing expert guidance and managing vulnerability assessments.

Your main responsibilities:

  • Managing the review of assigned JIRA tickets, determining potential false positives, and advising on mitigation approaches
  • Supporting imminent threat review sessions and deputizing for the chair when required
  • Monitoring external threat feeds to identify newly reported risks
  • Ensuring clear documentation of identified patterns for remediation or false positives within central tools
  • Assessing all newly discovered vulnerabilities to verify risk scores
  • Reviewing repositories to identify secret data types and sensitive information
  • Identifying critical operational paths to ensure efficient processes
  • Engaging with relevant team members to review and align information requests with the group risk appetite
  • Handling escalations and requests from various teams as required
  • Providing expert guidance on vulnerability remediation and mitigation strategies

You’re ideal for this role if you have:

  • Proficiency with vulnerability management technologies (e.g., SAST/DAST such as Checkmarx, Netsparker, Fortify)
  • Strong knowledge of OWASP concepts, CVE, CWE, and cryptography
  • Experience with Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST)
  • A solid understanding of secret management and secret data types
  • Programming skills in languages like Python and Java
  • Knowledge of common threats, attacks, security protocols, and standards
  • Strong analytical skills for timely risk assessments
  • Proven ability to deliver high-quality work on time
  • Minimum of 4 years of experience in application security
  • Ability to work in a hybrid routine and maintain a high level of personal integrity

It is a strong plus if you have:

  • Hands-on experience with GitHub, Stash, and Data Platforms
  • A proactive, independent, and collaborative team player attitude
  • Outstanding organizational skills and a process-oriented mindset
  • Experience in supporting operational activities and handling escalations

#GETREADY  to meet with us!

We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at recruitment@itds.pl.

Internal number #6025

Benefits

Access to +100 projects
Access to Healthcare
fintech-delivery
Access to Multisport
Training platforms
Access to Pluralsight
Make your CV shine
B2B or Permanent Contract
Flexible & remote work
Flexible hours and remote work