Senior Cybersecurity Engineer (Defence)

We're looking for a Senior Cybersecurity Engineer with a strong background in designing, implementing, and validating security mechanisms across diverse systems and environments. The ideal candidate will have deep expertise in cybersecurity engineering principles, secure architecture, risk assessment, and vulnerability management, supported by strong analytical and problem‑solving skills. Experience with embedded systems security is highly desirable and considered a significant advantage. This role requires excellent communication skills to translate complex technical risks into clear, actionable recommendations for engineering teams and stakeholders.

• Proven experience in designing security solutions for embedded systems, IoT devices, and cloud-connected architectures
• Strong background in identifying, exploiting, and documenting security weaknesses
• Deep understanding of embedded security attack vectors: side-channel attacks, fault injection, firmware tampering, replay attacks, MITM
• Experience with vulnerability scanning, fuzzing, exploit development, and hardware-level security assessment
• Solid knowledge of secure communication protocols, cryptography, secure mechanisms used in embedded, secure firmware design, cybersecurity testing
• Familiarity with risk assessment frameworks such as ISO 21434, IEC 62443, ISO 27005, IEC 81001-5-1, UL 2900, DO‑326A
• Understanding of data protection requirements (GDPR / HIPAA) in cloud-integrated IoT ecosystems
• Relevant certifications such as OSCE, OSCP, GPEN, CompTIA PenTest+
• Fluent/Native Polish language skills
• Willingness to undergo mandatory personal security clearance verification or having clearance up to NATO Secret/Tajne
• Willingness to undergo mandatory checks required to work with defense-related technologies

Additional Advantages:

• Experience working with public administration, defence, and/or security industry
• Knowledge of NATO/STANAG standards

• Design security solutions for embedded systems, IoT devices, and cloud-connected architectures
• Identify, exploit, and document security weaknesses across a broad range of environments
• Assess embedded security attack vectors including side-channel attacks, fault injection, firmware tampering, replay attacks, MITM
• Perform vulnerability scanning, fuzzing, exploit development, and hardware-level security assessment
• Translate complex technical findings into clear, actionable recommendations for technical and non-technical stakeholders
• Work with secure SDLC, DevSecOps, and CI/CD security practices

The candidate will be required to undergo personal security clearance and procedures for admission to work with defence-related technologies (Koncesja MSWiA). Willingness to work predominantly from Spyrosoft's Wrocław office.