Senior Frontend Engineer (Security)

Antal is a leading recruitment and HR advisory company, present in Poland since 1996 and later expanded to the Czech Republic and Hungary. Across the CEE region, they employ around 150 professionals who deliver a full range of services – from specialist and executive recruitment, employee outsourcing and HR consulting, to employer branding and market research. Their division-based structure combines deep industry expertise with functional specialisation, enabling tailored solutions for companies in every sector. They act as a trusted partner for both employers and candidates, sharing knowledge and guiding them through every stage of the talent journey.

• 5+ years professional experience in a similar position
• Advanced proficiency in at least one modern frontend ecosystem (React, Angular, or Vue) with ability to justify architectural choices
• Proven track record of identifying and mitigating frontend vulnerabilities (XSS, CSRF, Supply-Chain attacks) at the code level
• Experience connecting frontend architectures to GCP-based microservices via type-safe API contracts (REST, GraphQL, or gRPC)
• Strong mastery of TypeScript, unit/e2e testing (Cypress, Playwright), and CI/CD integration
• Ability to think ahead technologically and guide the team
• Hands-on technologist delivering code to production; understands React Server Components (RSC), Server Actions, and Partial Pre-rendering (PPR)
• Deep expertise in modern Component-Based Frameworks and strong grasp of SSR and SSG strategies
• Problem solver translating business opportunities into technical solutions
• Ability to constructively challenge existing thinking and develop improved paths forward
• Maintains strong knowledge of IT development methodology, architecture design, engineering solutions, and technical standards
• Mentor and share knowledge within and outside the team
• Considers automation from the start to reduce toil and improve agility
• Fluent English

• Implement and maintain robust Content Security Policies (CSP) and secure cookie management
• Build secure authentication flows using OAuth2/OpenID Connect within Next.js Middleware
• Prevent XSS, CSRF, and clickjacking at the architectural level
• Build and lead communities that raise the bar on delivering quality and efficiency