Senior Cyber Security Engineer

apreel was founded in April 2010 by friends who dreamed of creating their own software house. As the company grew and gained client trust, it expanded its services to include IT expert leasing, which is now the main pillar of apreel's business. The founders continue to pursue their passion for creating proprietary IT solutions and aim for continuous improvement. The company values professionalism and a unique atmosphere.

• Bachelor’s degree in computer science, Cybersecurity, or a related field (or equivalent experience).
• 5–8+ years of experience in cloud applications, cybersecurity, or related domains.
• Strong experience performing threat modelling and security reviews.
• Hands-on experience on whitebox, greybox, and blackbox assessments or oversight of application pen tests focusing on OWASP.
• Strong documentation skills.
• Experience working with various IT and non-IT teams.
• Ability to assimilate complex technical challenges and provide appropriate security advice that delivers the right business outcomes.
• Self-motivated with experience in solving complex problems.
• Strong communication and collaboration skills; comfortable working closely with Architecture and Infrastructure teams.
• Ability to learn and apply new technologies quickly and in complex deployments.

Nice to have:

• Relevant certifications: CISSP, CCSP, or equivalent.
• Expert knowledge of zero trust, identity, threat detection, threat modelling, and security practices.

Key activities:

• Product security reviews: verify security requirements, maintain security baselines.
• Architecture & design: threat modeling, risk assessment, security-by-design guidance.
• Governance: define security principles, policies, secure development lifecycle, embed security into product lifecycle.
• Vulnerability analysis: static/dynamic code analysis, security scanning, investigate reports, coordinate application incident response, define/oversee pentests.

Core responsibilities:

• Deep architecture and security reviews (cloud & on-prem) to identify vulnerabilities.
• Design application security requirements; perform threat modeling; manage application pentests.
• Support security vs business tradeoff decisions.
• Lead implementation of strategic security initiatives.

Only candidates located in Poland are considered for this remote position.