Overview

Direct message the job poster from Investigo

But if you’re the type who actually enjoys making sure systems don’t get wrecked by lazy code, forgotten misconfigs, or someone plugging a rogue USB stick into prod - keep reading.

Because here’s the deal…

The job in plain English:

You’ll work with business and IT teams on a daily basis, embedding security into everything from app design through to deployment. You’ll be the person who gets called before something goes live - not after it’s blown up.

You’ll be threat modelling, defining security requirements, scanning code and infra, and giving the thumbs-up (or thumbs-down) before anything hits production. You’ll also get to mentor teams on how not to create the next massive security incident.

This is the intersection of cybersecurity, project delivery, and diplomacy. One foot in the tech, the other in the room with people who don’t speak acronyms.

Responsibilities

• Embedding security into projects from start to finish.
• Performing threat modelling and risk assessments.
• Validating controls. Rejecting nonsense.
• Working with tools like SAST, DAST, SCA, CSPM - the usual suspects.
• Making risk-based go/no-go calls. And owning them.
• Mentoring delivery teams to think “secure by design” instead of “hope for the best.”
• Reporting risks, gaps, and actual progress – not just dashboards that look pretty in PowerPoint.

Qualifications

• 5+ years in cybersecurity – ideally embedded in delivery or project teams.
• Hands‑on with security tooling (SAST, DAST, vuln scanners, etc).
• Solid understanding of cloud (AWS and/or M365), network security, and secure SDLC.
• Comfortable speaking risk in both tech and business dialects.
• Bonus points if you know DORA, GDPR, and the joys of working with Legal and DPOs.

People Skills

You’ll be working with:

• Architects who don’t always want to hear “no”, but might need to.
• Project managers who are terrified of delays but secretly grateful when you prevent a breach.
• Business stakeholders who speak in revenue, not risk.
• The Group CISO, the DPO, and some folks who’ve been around the block more than once.

Perks & Expectations

• You’ll be supported. But you’ll also be expected to deliver.
• You won’t be micro‑managed. But don’t mistake that for not being accountable.
• There’s no team to manage – just your own output.
• Occasional travel required (domestic and international). Nothing wild.
• Offices in Warsaw, Prague, Bucharest or Budapest. Ideally you’re close to one.

Summary

You’ll be the person standing between a solid security posture and a future post‑mortem.

Youll need backbone, brains, and a genuine interest in doing security right – not just ticking the box.

Around the 24,400 Zloty per month.

Apply

Sound like your kind of challenge?

Apply now. Or don’t – but if someone breaches a system you could’ve secured, don’t come crying to us.

Referrals increase your chances of interviewing at Investigo by 2x