The IT-Security and Cloud Consultant will provide technical leadership for our Security Development Lifecycle of  the Infrastructure Product Portfolio by establishing clear direction, a dynamic security culture, and measurable goals  to continually improve our application security strategy. 

This individual will integrate security processes and tools across the development organization for Surface Area,  Static Code Analysis, Dynamic Code Analysis, and Penetration testing as well as execute security training programs  for developers. Candidates must be able to approach application security with a pragmatic perspective of risk  management and avoid purely academic thinking about software security. 

In addition, this role implies a leading role in consultancy of software deployment in the cloud. The individual will be  responsible to design, manage and secure data, applications and infrastructure in the cloud. 


We Offer You 

  • Stable contract of employment. 
  • Possibility of remote work. 
  • Sports package and private health care. 
  • Group life insurance. 
  • Good working atmosphere. 
  • Working in international environment. 


  • Evangelize security best practices within the development teams and build security expertise across the  organization. 
  • Manage regular security reviews with the product development teams and present summary level reports  to Infrastructure leadership team. 
  • Provide selected support to the internal Legal and Sales Proposals teams as well as occasional best  practice security support to external customers in the Infrastructure markets. 
  • Leading company efforts to gain additional security certifications. 

  • A completed bachelor’s degree in Computer Science, Software Engineering or related technical field is  required. 
  • 3+ years of progressively more complex AppSec experience at a medium to large size software company. 
  • In-depth experience with common security tools across SAST, DAST, IAST, and PenTest vendors.
  • Familiar with GDPR principles and personal related data. 
  • Expert knowledge of OWASP Top 10 and CWE/SANS Top 25 listings as well as practical, hands-on  experience with the development, testing, and remediation of software security issues a plus. 
  • Familiarity with agile development processes and experience integrating secure development best  practices into an agile model, Microsoft SDL experience a plus. 
  • Software engineering experience with Microsoft and/or Java web applications, specific experience with  ASP.NET, and Angular a plus.
  • CCSP (Certified Cloud Security Professional) a plus. 
  • Familiarity with industry standards and regulations including but not limited to ISO27034, ISO27001 and  Privacy by Design/Privacy by Default. 
  • Strong personal ethics and understanding of ethics in Application and Information security. 

Packages and extras

  • Healthcare package
  • Leisure package
  • Financial bonus
  • Conferences
  • Trainings
  • Books
  • Healthcare package for families
  • Leisure package for families
  • Language courses

Relocation package

  • Adaptation tips
  • Help finding an apartment

Amenities

  • Car parking
  • Bicycle parking
  • Cold beverages
  • Hot beverages
  • Shower
  • Chill room
  • Integration events
  • Fruits

HEXAGON | Intergraph Polska Sp. z o.o.

>20.000

Hexagon is a global leader in sensor, software and autonomous technologies. We are putting data to work to boost efficiency, productivity and quality across industrial, manufacturing, infrastructure, safety and mobility applications.

Our technologies are shaping urban and production ecosystems to become increasingly connected and autonomous — ensuring a scalable, sustainable future. 

Hexagon (Nasdaq Stockholm: HEXA B) has approximately 21,000 employees in 50 countries and net sales of approximately 3.8bn EUR. Learn more at hexagon.com and follow us @HexagonAB.


Let us share with you Our Story: https://hexagon.com/our-story !