Job description

Location: Warsaw, Poland (Hybrid – 2–3 days/week in office)

About the Team:

Join Technology Risk organization, led by our Chief Information Security Officer (CISO), where we defend the firm against cyber threats and shape the future of secure technology. As part of the Advisory function, you’ll work at the intersection of engineering, security, and innovation—advising on secure architectures, performing infrastructure reviews, and embedding controls into SDLC and CI/CD pipelines.

Role Overview:

We’re looking for an experienced Security Architect to help evaluate technology proposals, guide secure architecture design, and drive the adoption of secure patterns across cloud and on-premise systems. You’ll partner closely with engineering teams to ensure robust security posture during cloud migrations and development of modern infrastructure.

Key Responsibilities:

• Evaluate designs and implementations for security risks across cloud and hybrid environments

• Develop secure architecture patterns, controls, and automation using Policy as Code and infrastructure templates

• Perform infrastructure and SaaS security reviews, including IaC/code analysis

• Conduct PoCs for new tools and technologies to improve security capabilities

• Analyze the impact of SaaS/cloud services on core infrastructure and advise on mitigation strategies

Basic Qualifications:

• 7+ years in infrastructure or security engineering roles (e.g., networking, Linux, or Windows)

• 3–5 years working with cloud platforms (IaaS, PaaS, SaaS), preferably AWS

• Deep knowledge of TCP/IP, infrastructure protocols, and cloud security risks

• Experience in infrastructure and security domains like network segmentation, data protection, or platform hardening

Preferred Qualifications:

• Hands-on experience with AWS, Policy as Code, or Infrastructure as Code tools

• Understanding of Software Supply Chain Risk or SaaS Risk Management

• Degree in Computer Science, Cybersecurity, or related field

• Security certifications or relevant training in cloud and infrastructure security