Cybersecurity Specialist

VML, part of WPP, is a leading creative company combining brand experience, customer experience, and commerce to drive growth. The Enterprise Solutions division includes strategic consultants, architects, developers, and operators supporting global brands across digital commerce platforms. VML operates globally with over 4,200 experts in 55 centers across 34 countries, working with clients such as The Coca-Cola Company, EY, Bosch, Unilever, Ford, and Nestlé.

• Proven experience in a dedicated cybersecurity role with strong application and network security knowledge.
• Solid understanding of web application vulnerabilities (OWASP Top 10), web technologies, and web services (SOAP/REST).
• Familiarity with cloud environment analysis, monitoring cloud logs, and security tools such as Web Application Firewalls (WAF).
• Strong knowledge of legal, regulatory, and compliance requirements related to penetration testing, vulnerability assessments, and data privacy (GDPR, PCI DSS).
• Ability to troubleshoot, debug, and identify root causes of cybersecurity and data issues.
• Excellent technical writing skills for detailed vulnerability and incident reports.
• Effective communication skills to articulate complex technical concepts to technical and non-technical stakeholders.
• Proactive self-directed learning to stay updated with security tools, technologies, and threat landscapes.
• Relevant security certifications (e.g., CompTIA Security+, AWS, SSCP, GIAC) or willingness to pursue them.

Nice to have:

• Developing problem-solving and critical thinking skills with an analytical approach.
• Active listening and strong collaboration skills.
• Organized approach with planning, strategy, and tactics.
• Flexibility and adaptability in fast-paced, ambiguous environments.
• Team player with mentorship capabilities.
• Familiarity with security frameworks such as NIST, ISO, and CIS.

• Conduct comprehensive security assessments to identify, prioritize, and mitigate vulnerabilities and threats based on risk.
• Analyze and interpret security data, cloud logs, and telemetry to detect and respond to security incidents and anomalies.
• Create detailed technical reports on vulnerabilities with actionable remediation steps.
• Provide guidance to software development and asset teams on security updates and secure coding practices.
• Maintain SDLC-related policies aligned with OWASP guidelines and industry best practices.
• Ensure compliance with data protection regulations and support third-party audits.
• Develop and maintain security awareness materials to raise cybersecurity awareness.
• Collaborate with project teams to explain vulnerabilities from an attacker’s perspective and assist in implementing fixes.
• Mentor and provide technical guidance to less experienced security team members.

This is a full-time position located in Poland. The selection process may be conducted in English. Applicants are requested to submit their CV in English. VML Enterprise Solutions complies with Polish regulations and encourages reporting of any irregularities or misconduct as per their whistle-blower policy.