Work model: Hybrid – presence in the office 6 days per month
Location: Kraków or Warsaw
Rate: 170–190 PLN/hour
Type of cooperation: Contracting (B2B)
Threat and Controls Assessment Senior Analyst
What you will be doing
The Threat and Controls Assessment Senior Analyst will work as part of a global team to perform Threat Modelling activities.
This role reports to the Threats and Controls Assessment Regional Lead and closely collaborates with peers across Penetration Testing, Secure Development, Third Party Security Assessment, as well as Cybersecurity business and regional leads, enabling effective end-to-end vulnerability identification.
Key Responsibilities:
-
Perform effective threat and control assessments of services within internal, external, and cloud environments.
-
Liaise with Developers, Architects, and other Technical Leads to understand end-to-end services and identify control gaps.
-
Understand business requirements, evaluate potential products/solutions, and provide technical recommendations.
-
Be hands-on with technology and contribute to the design, development, and support of projects with security recommendations.
-
Identify threats across the IT estate, including applications, databases, networks, and other infrastructure components.
-
Engage with other Cybersecurity teams, senior management, and business stakeholders when addressing potential security issues.
-
Contribute to process, procedure, and tool identification/development.
-
Stay up to date with industry trends and best practices.
Good Risk and Controls Understanding
-
Knowledge and exposure to Risk and Control Management.
-
Ability to understand and assess threats, controls, and vulnerabilities, articulating them to both technical and business stakeholders.
-
Industry-recognised cybersecurity certifications (e.g., CISSP, CRISC, CISM, or Cloud Security certifications) are desirable.
Strong Technical Background
-
Proven experience in general security concepts and principles.
-
Hands-on experience with threat modelling and strong technical understanding of vulnerability assessment across diverse enterprise IT assets.
-
Strong understanding of application design and architecture.
-
Knowledge and experience in network, host, and application security practices.
-
Good working knowledge of one or more Cloud Service Providers (AWS, GCP, or Azure).
-
Strong understanding of the Software Development Life Cycle (SDLC) with a focus on security.
-
Experience in continuous improvement and process optimisation.
-
Understanding of emerging technologies and associated security threats.
Strong Stakeholder Management and Communication Skills
-
Experience working in international and diverse environments.
-
Experience engaging with business, technology, regional, and regulatory stakeholders.
-
Ability to effectively translate technical gaps into business risk for key stakeholders.
Why apply for an Antal job offer?
When your application is successful, you will be supported by a dedicated Consultant who will stay in regular contact with you (via email or phone), help you prepare for interviews with your future employer, and ensure a smooth and professional recruitment process.
About Antal
Antal is a leading recruitment and HR advisory company, present in Poland since 1996 and later expanded to the Czech Republic and Hungary. Across the CEE region, we employ around 150 professionals who deliver a full range of services – from specialist and executive recruitment, employee outsourcing and HR consulting, to employer branding and market research.
Our division-based structure combines deep industry expertise with functional specialisation, enabling us to provide tailored solutions for companies in every sector. We act as a trusted partner for both employers and candidates, sharing our knowledge and guiding them through every stage of the talent journey. We connect exceptional people with the right opportunities and help organisations build successful teams.
Discover our latest job openings: https://en.antal.pl/candidates
Follow us on LinkedIn: https://www.linkedin.com/company/antalpoland
