Cyber Security Engineer

Firma apreel powstała w kwietniu 2010 roku. W miarę rozwoju firmy i równolegle ze wzrostem poziomu zaufania klientów, jej działalność poszerzyła się o usługi Outsourcingu Specjalistów IT. Dziś to właśnie ten obszar stanowi główny filar działalności apreel.

• Bachelor’s degree in computer science, Cybersecurity, or a related field (or equivalent experience).
• 5–8+ years of experience in cloud applications, cybersecurity, or related domains.
• Strong experience performing threat modeling and security reviews.
• Hands-on experience with whitebox, greybox, and blackbox assessments or oversight of application penetration tests focusing on OWASP.
• Strong documentation skills.
• Experience working with various IT and non-IT teams.
• Ability to assimilate complex technical challenges and provide appropriate security advice that delivers the right business outcomes.
• Self-motivated with experience in solving complex problems.
• Strong communication and collaboration skills, comfortable working closely with Architecture and Infrastructure teams.
• Ability to learn and apply new technologies quickly in complex deployments.

Nice to have:

• Relevant certifications: CISSP, CCSP, or equivalent.
• Expert knowledge of zero trust, identity, threat detection, threat modeling, and security practices.

Key activities:

• Perform security reviews on new and existing applications to ensure all security requirements are implemented and align with the organization’s security baselines.
• Support the architecture team with threat modeling, risk assessment, and implementation of security controls or mitigations.
• Embed security into all phases of the product lifecycle, from discovery and threat modeling to design reviews, secure delivery, and ongoing monitoring and testing post-release.

Core responsibilities:

• Perform deep architecture and security reviews on cloud and on-prem applications to identify vulnerabilities.
• Design application security requirements, perform threat modeling, and manage application penetration tests.
• Support decision-making by determining tradeoffs between security and business requirements.
• Lead implementation of strategic security initiatives to improve security across the company.