Security Architect

Ework Group, founded in 2000 and listed on Nasdaq Stockholm, has around 13,000 independent professionals on assignment. The company provides total talent solutions partnering with clients in private and public sectors, focusing on IT/OT, R&D, Engineering, and Business Development to deliver sustainable value through holistic talent management.

• Deep expertise in application security principles including secure design, threat modeling, and risk assessment.
• Strong understanding of common vulnerabilities such as OWASP Top 10 and mitigation strategies.
• Proficiency in cloud security across AWS, Azure, or GCP.
• Experience securing microservices, containerized environments (Docker, Kubernetes), and APIs.
• Familiarity with DevSecOps practices and integrating security tools into CI/CD pipelines.
• Knowledge of secure coding practices in multiple languages including Python.
• Experience with security testing tools such as SAST, DAST, SCA, and IaC scanning tools.
• Strong architectural and system design skills with a security-first mindset.
• Excellent communication and stakeholder management skills.
• Ability to mentor and guide developers and security engineers.
• 7+ years of experience in application security, software engineering, or related fields.
• Proven track record designing and implementing secure architectures in complex distributed systems.
• Hands-on experience embedding security into SDLC in Agile/DevOps environments.
• Experience conducting threat modeling and security architecture reviews.
• Background in incident response, vulnerability management, or security operations is a plus.
• Experience with cloud-native applications and modern infrastructure.
• Prior leadership, mentorship, or advisory role experience in security or engineering teams.

Nice to have:

• Experience with DevOps.

• Lead and mature the application security program.
• Serve as a trusted security advisor to engineering and product teams.
• Provide expert guidance on secure design, threat modeling, and security architecture across various applications and platforms.
• Collaborate cross-functionally to embed security into the software development lifecycle (SDLC).
• Evaluate emerging technologies for risk.
• Drive adoption of secure coding practices.
• Develop and enforce secure design standards.
• Influence technical direction.
• Support incident response efforts as needed.

Position requires working 2 days per week at the office in Wrocław, Poland.