Network Enforcement Points Security Engineer

Join us, and secure critical systems across continents!

Kraków - based opportunity with hybrid work model (6 days/month in the office).

As a Network Enforcement Points Security Engineer, you will be working for our client, a global financial institution with a strong presence in digital services and cybersecurity innovation. You will be part of a team focused on improving and implementing network security controls that protect against sophisticated network-based threats. This project plays a critical role in supporting the client's global cybersecurity defence strategy. You will be collaborating with internal teams to drive secure architectural decisions, enhance threat detection, and maintain compliance with regulatory standards while enabling business growth in a secure environment.

Your main responsibilities:

• Reviewing business and IT projects to ensure alignment with network security requirements
• Identifying and driving improvements to the network security posture
• Applying expert knowledge to assess and mitigate network security risks
• Collaborating with global stakeholders and cybersecurity teams
• Analysing logs and security data to support decision-making and assess control effectiveness
• Leading project engagements and managing successful technical outcomes
• Coaching team members on best practices in cybersecurity and enforcement point engineering
• Documenting processes and creating reports for senior cybersecurity leadership
• Staying up to date with security standards, industry trends and threat intelligence
• Ensuring compliance with internal control standards and external regulations

You're ideal for this role if you have:

• Strong experience with traditional firewalls and host-based enforcement points
• Deep understanding of network security controls, threats, and mitigation strategies
• Proven background in network security engineering or architecture
• Familiarity with cybersecurity data analysis, including log reviews
• Ability to work across multiple teams and business units
• Excellent communication and stakeholder management skills
• Experience managing large-scale security projects or engagements
• Knowledge of enterprise-grade security frameworks and compliance standards
• Ability to write clear documentation and deliver presentations to technical and non-technical audiences
• Demonstrated commitment to continuous learning and professional development

It is a strong plus if you have:

• Experience working in highly regulated industries such as finance or banking
• Knowledge of cloud-based enforcement point security solutions (e.g. Azure, AWS)
• Relevant certifications such as CISSP, CCSP, or equivalent
• Familiarity with Zero Trust Architecture and micro-segmentation
• Hands-on experience with automation and scripting (e.g. Python, Ansible)
• Exposure to SIEM platforms and integration with enforcement point data
• Experience supporting audit and compliance initiatives
• Knowledge of advanced persistent threat detection techniques
• Understanding of network forensics and incident response processes
• Background in mentoring or team leadership roles

We offer you:

ITDS Business Consultants is involved in many various, innovative and professional IT projects for international companies in the financial industry in Europe. We offer an environment for professional, ambitious, and driven people. The offer includes:

• Stable and long-term cooperation with very good conditions 
• Enhance your skills and develop your expertise in the financial industry
• Work on the most strategic projects available in the market
• Define your career roadmap and develop yourself in the best and fastest possible way by delivering strategic projects for different clients of ITDS over several years
• Participate in Social Events, training, and work in an international environment
• Access to attractive Medical Package
• Access to Multisport Program
• Access to Pluralsight

Internal job number #6876

📌 You can report violations in accordance with ITDS’s Whistleblower Procedure available here.