.
Product Security & Incident Response Engineer
  • Kraków
Product Security & Incident Response Engineer
Kraków, Kraków, Lesser Poland Voivodeship, Polska
Cyclad
22. 2. 2026
Informacje o stanowisku

technologies-expected :


  • ServiceNow VM
  • Tenable
  • Qualys
  • Kenna

about-project :


  • In Cyclad we work with top international IT companies in order to boost their potential in delivering outstanding, cutting edge technologies that shape the world of the future. Currently, we are looking for an experienced Product Security & Incident Response Engineer.
  • Location: Kraków
  • Type of employment: B2B contract
  • Remuneration: 190 - 210 PLN net + VAT per hour on B2B
  • Project language: English

responsibilities :


  • Manage the full vulnerability lifecycle for products: intake, triage, risk assessment, remediation tracking, disclosure, and closure.
  • Lead vulnerability triage and risk assessment: analyze exploitability, product/system exposure, and prioritize engineering remediation.
  • Develop and implement triage workflows, prioritization criteria, escalation processes, and operational decision frameworks.
  • Advise on tools and workflow architecture (e.g., ServiceNow VM, vulnerability management platforms, SIEM/SOAR integration).
  • Create PSIRT documentation and process artifacts: SOPs, playbooks, RACI models, escalation procedures, and regulatory notification workflows.
  • Coordinate with SOC, DevOps, R&D, engineering, and operations for alerts, incident response, and remediation handoff.
  • Monitor and improve PSIRT KPIs, dashboards, and post-incident processes.
  • Provide training and operational guidance to internal teams.

requirements-expected :


  • Experience in PSIRT, product security, or pre-CERT operations, ideally with industrial, embedded/IoT, or complex software products.
  • Practical experience in vulnerability triage, CVE analysis, exploitability assessment, and remediation planning.
  • Knowledge of CVSS and building severity models with contextual modifiers (safety, regulatory, operational impact).
  • Experience with tools like ServiceNow VM, Tenable, Qualys, Kenna, or equivalent vulnerability management platforms.
  • Ability to design data models and metadata taxonomies for vulnerabilities, product/firmware lineage, and ownership.
  • Experience creating operational procedures, playbooks, and escalation processes.
  • Strong communication and collaboration skills; fluent in English.

offered :


  • Private medical care with dental care (covering 70% of costs). Family package option possible.
  • Multisport card (also for an accompanying person).
  • Life insurance.
  • Work with talented engineers on large-scale, technically challenging projects.

benefits :


  • sharing the costs of sports activities
  • private medical care
  • sharing the costs of professional training & courses
  • life insurance
  • remote work opportunities
  • flexible working time
  • dental care
  • extra social benefits

  • Praca Kraków
  • Product manager Kraków
  • Chief security officer Kraków

    • Kraków - Oferty pracy w okolicznych lokalizacjach

    Odpowiedz na ogłoszenie
    Praca Kraków - Ciekawe oferty pracy w okolicy:
    Application Product Security Engineer
    Senior GCP DevSecOps Engineer – Cloud Security & Automation
    Ekspert Python Engineer (projekty związane z cloud security)
    Cloud Security Controls Specialist – Cloud Security & Cybersecurity Governance
    Senior Backend Engineer - Product growth
    Expert Python Engineer (cloud security projects)
    120 753
    18 161