Role Overview
As a Penetration Testing and Design Analyst, you will be a key defender of our global banking infrastructure. This role sits at the intersection of offensive security and secure architectural design.
You will not only identify vulnerabilities through rigorous testing but also partner with engineering teams during the design phase to ensure "Security by Design" is embedded in our next-generation financial products.
Key Responsibilities
- Offensive Security Testing: Conduct end-to-end penetration testing across web applications, mobile platforms, and internal/external network infrastructures.
- Secure Design Review: Analyze architectural blueprints for new banking services, providing expert recommendations on threat modeling and risk mitigation.
- Vulnerability Management: Manage the full lifecycle of discovered flaws—from identification and risk-rating to advising developers on remediation strategies.
- Automation & Tooling: Develop and maintain custom scripts and automated security testing suites to enhance the efficiency of the testing cycle.
- Regulatory Compliance: Ensure all testing and designs meet global financial regulations (e.g., PCI-DSS, GDPR, and EBA guidelines).
- Stakeholder Advisory: Translate complex technical findings into actionable business risk reports for senior management and non-technical stakeholders.
Required Qualifications & Skills
- Experience: 7–12 years in offensive security, ethical hacking, or security architecture, preferably within the financial services or FinTech sector.
- Technical Proficiency: * Deep knowledge of OWASP Top 10 and SANS 25.
- Hands-on experience with tools like Burp Suite Professional, Metasploit, Nessus, and Kali Linux.
- Proficiency in at least one scripting language (e.g., Python, Bash, or PowerShell).
- Certifications: Possession of (or progress toward) OSCP, CRT, CISSP, or CEH.
- Education: University degree in Computer Science, Cybersecurity, or a related STEM field.
- Language: Fluent English (written and verbal), some German is essential for collaboration within our global network.
Why Łódź?
- Join a thriving cybersecurity cluster in one of Poland's fastest-growing tech hubs.
- Work in a modern office environment that fosters innovation and continuous professional development.
- Collaborate with international teams while enjoying the unique cultural and academic atmosphere of Łódź.
