Offer

• Flexible cooperation model – choose the form that suits you best (B2B, employment contract, etc.)
• Hybrid work setup – remote days available depending on the client’s arrangements – 6 days / month from office in Kraków
• Collaborative team culture – work alongside experienced professionals eager to share knowledge
• Continuous development – access to training platforms and growth opportunities
• Comprehensive benefits – including Interpolska Health Care, Multisport card, Warta Insurance, and more
• High quality equipment – laptop and essential software provided

Tasks

• Perform effective threat and control assessments for complex services and platforms, including cloud platform reviews for Azure, AWS, and GCP.
• Collaborate with developers, architects, and technical leads to understand end-to-end services and identify control gaps.
• Work with the CSAT management team to enhance the Threats and Controls Assessment Service.
• Stay up to date with industry trends and best practices.
• Provide supervision, guidance, and mentorship to less experienced team members.
• Act as a point of contact and source of advice on cybersecurity issues within the team.

Note: Detailed project information will be shared during the recruitment process.

Requirements

• Proven experience in the technology sector with strong knowledge of Risk and Control Management.
• Ability to assess threats, controls, and vulnerabilities and communicate findings to both technical and business stakeholders.
• Knowledge of frameworks and methodologies such as Threat Modelling (STRIDE) and MITRE ATT&CK.
• One or more industry-recognized cybersecurity certifications (e.g., CISSP, CRISC, CISM, Cloud Security Certifications) is desirable.
• Expert knowledge in one or more major cloud service providers (Azure, AWS, GCP).
• Strong understanding of general security concepts, application security, and Software Development Life Cycle (SDLC) with a focus on security.
• Hands‑on experience with threat modelling and vulnerability assessments in large, multi‑national environments.
• Knowledge of network, host, and application security practices and emerging technologies.
• Excellent stakeholder management and communication skills, with experience engaging business, technology, and regulatory stakeholders.
• Ability to prepare concise presentations and communicate technical risks to senior leadership.

Joining this project you’ll become part of Mindbox – a tech‑driven company where consulting, engineering, and talent meet to build meaningful digital solutions. We’ll back you up every step of the way, accelerate your development, and ensure your skills make a difference.