Principal Cybersecurity Engineer

Principal Cybersecurity Engineer Miejsce pracy: Kraków Technologies we use Optional Akamai F5 AWS Google Cloud Platform Python Terraform Jira About the project Join us, and implement top-tier web protection for a global financial leader Kraków/Warsaw - based opportunity with hybrid work model (4/6 days per month in the office). As a Principal Cybersecurity Engineer, you will be working for our client, a global financial institution, to enhance their Web Application Firewall (WAF) strategy. This organization operates in numerous countries and offers various services that require robust cybersecurity measures to safeguard their critical web applications. You will play a key role in optimizing WAF solutions and ensuring comprehensive protection for both internal and external web applications across multiple platforms. Your expertise will directly contribute to the safety of sensitive data and applications in a fast-paced, constantly evolving environment. Your responsibilities Delivering Web Application and API Protection for critical applications, mainly on the Akamai platform Monitoring and reviewing WAF tuning requests to ensure optimal protection Conducting detailed log analysis to identify and mitigate false positives Creating and maintaining comprehensive WAF tuning documentation, policies, and configurations Developing, testing, and recommending tailored WAF policies and rules for specific applications Proactively identifying false positives and making necessary adjustments to WAF rules Collaborating with cross-functional teams to integrate WAF solutions seamlessly into existing security infrastructure Ensuring protection through Akamai, preventing direct attacks to origin servers Performing regular assessments and audits of WAF configurations to maintain security posture and compliance Staying updated on the latest web security threats and vulnerabilities to improve WAF effectiveness Our requirements Extensive experience in WAF management, tuning, and engineering Proven track record of optimizing WAF performance by identifying and mitigating false positives In-depth knowledge of web application security principles and techniques Experience in SOC or CSIRT environments with hands-on log analysis expertise Proficiency with log analysis tools like Splunk, Wireshark, or custom scripts Experience with major WAF solutions (e.g., Akamai, F5, AWS, GCP) Strong analytical and problem-solving skills with a keen attention to detail Excellent communication skills, capable of presenting complex security concepts clearly Competence in maintaining documentation for WAF tuning and configuration procedures Familiarity with automation technologies such as Python, Terraform, or JIRA automation Optional Experience working in a large-scale, global financial services environment Knowledge of best practices in web application security and protection Familiarity with cloud security solutions and their integration with WAF Experience delivering service reviews with application owners A proactive, detail-oriented approach to cybersecurity challenges This is how we organize our work This is how we work agile scrum This is how we work on a project Continuous Deployment Continuous Integration DevOps What we offer Stable and long-term cooperation with very good conditions Enhance your skills and develop your expertise in the financial industry Work on the most strategic projects available in the market Define your career roadmap and develop yourself in the best and fastest possible way by delivering strategic projects for different clients of ITDS over several years Participate in Social Events, training, and work in an international environment Access to attractive Medical Package Access to Multisport Program Access to Pluralsight Flexible hours & remote work Benefits sharing the costs of sports activities private medical care remote work opportunities flexible working time fruits integration events corporate gym mobile phone available for private use computer available for private use saving & investment scheme no dress code coffee / tea drinks christmas gifts birthday celebration sharing the costs of a streaming platform subscription access to 100 projects access to Pluralsight Recruitment stages first online interview second online interview GETREADY to meet with us ITDS Business Consultants is involved in many various, innovative and professional IT projects for international companies in the financial industry in Europe. We offer an environment for professional, ambitious, and driven people. We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data. ITDS’s Whistleblower Procedure You can report violations in accordance with ITDS’s Whistleblower Procedure available here: https://itds.pl/wp-content/uploads/2025/03/INFORMATION-ON-PROCEDURE-FOR-REPORTING-BREACHES-AND-PROTECTION-OF-WHISTLEBLOWERS-AT-ITDS-POLSKA.pdf ITDS Polska Sp. z o.o. ITDS supports financial service providers to take the next steps. We identify what’s possible, every day. Opportunities in the areas of technology, organization, and digitization. We see where banks, insurers, payment companies, or fintech can go and how they can get there. That’s why we want to stimulate you to ramp up your ambition. Forget what you perceive as restraints and step towards the new reality. ITDS in Poland - Pure player in new Technologies & Financial Industry 300 IT implementation professionals 20 clients in the Banking, Insurance, Payment & Fintech Industry ITDS excels in digital strategy delivery and implementation of best-of-breed lending solutions. ITDS has delivered successful strategic projects throughout Europe since 1998. We combine the experience we’ve accumulated with in-depth knowledge of technologies, business processes, and EU legislation to unlock new business opportunities. Informujemy, że administratorem danych jest ITDS z siedzibą w Warszawie, ul. Złota 59 (dalej jako "administrator"). Masz prawo do żądania dostępu do swoich danych osobowych, ich sprostowania, usunięcia lub ograniczenia przetwarzania, prawo do wniesienia sprzeciwu wobec przetwarzania, a także prawo do przenoszenia danych oraz wniesienia skargi do organu nadzorczego. Dane osobowe przetwarzane będą w celu realizacji procesu rekrutacji. Podanie danych w zakresie wynikającym z ustawy z dnia 26 czerwca 1974 r. Kodeks pracy jest obowiązkowe. W pozostałym zakresie podanie danych jest dobrowolne. Odmowa podania danych obowiązkowych może skutkować brakiem możliwości przeprowadzenia procesu rekrutacji. Administrator przetwarza dane obowiązkowe na podstawie ciążącego na nim obowiązku prawnego, zaś w zakresie danych dodatkowych podstawą przetwarzania jest zgoda. Dane osobowe będą przetwarzane do czasu zakończenia postępowania rekrutacyjnego i przez okres możliwości dochodzenia ewentualnych roszczeń, a w przypadku wyrażenia zgody na udział w przyszłych postępowaniach rekrutacyjnych - do czasu wycofania tej zgody. Zgoda na przetwarzanie danych osobowych może zostać wycofana w dowolnym momencie. Odbiorcą danych jest serwis Hello HR oraz inne podmioty, którym powierzyliśmy przetwarzanie danych w związku z rekrutacją. Naruszenia można zgłaszać zgodnie z Procedurą zgłaszania nieprawidłowości ITDS dostępną tutaj:https://itds.pl/wp-content/uploads/2025/03/INFORMATION-ON-PROCEDURE-FOR-REPORTING-BREACHES-AND-PROTECTION-OF-WHISTLEBLOWERS-AT-ITDS-POLSKA.pdf

Location: Kraków, PL

Posted Date: 4/18/2025