Experience with CIDC (nice to have)
Manual scanning and deployment (nice to have)
Cyber Attack Surface Management (nice to have)
support experience (nice to have)
Security tooling (regular)
Network Security (regular)
Cloud Computing (regular)
Security Operations (regular)
Want to feel truly appreciated at work?
At Duco, we care about our employees. We believe in giving everyone a genuine voice in what we do and how it’s done, in communicating openly and honestly, and in empowering people to succeed.
We believe everyone should be able to feel proud of what they do. This is one reason we have super-high Glassdoor scores and reviews .
This is especially true of our Information Security Team. We know it can be a tough job and often companies regard InfoSec as necessary’ rather than helpful’, but that isn’t the case for us.
We see them as an integral and highly-valued part of Duco’s success. We are now growing and developing this excellent team, and where (hopefully!) you come in
An exciting role with huge scope
The InfoSec team supports both our internal departments and our external stakeholders.
This is a high-profile role, working closely with the Head of Information Security, and will be integral in shaping the future of InfoSec within Duco.
The role can be based anywhere in Poland. We have an office in Wroclaw but you are allowed to work at home as well.
What you’ll be doing day to day :
Work closely with the Head of Information Security to maintain and develop Security Operations capability
Manage Security Operations activity, including the design and operation of security controls
Develop Cyber Asset Attack Surface Management capability
Collaborate with technical teams to configure and maintain hardware and network security infrastructure
Perform security incident response and root cause analysis
Assess vulnerabilities and threats, and define mitigating controls
Implement technical Information Security policies
Work closely with project teams to develop new functionality and products, ensuring that Security by Design is built-in
Coordinate alignment with established security frameworks
Maintain and develop security KRIs and KPIs
Coordinate vulnerability and penetration test mitigation
You'll receive a fantastic reward package :
Base salary reviewed annually (the starting range for this role will be 17 000 PLN - 24 000 PLN per month to fit your level of experience and the local market standard)
A success-sharing bonus scheme, so we recognise and reward your effort
Unlimited annual paid holiday, because we trust our people to manage their own time off
Flexible working options : you can choose to work from home, at the office, or both - whatever is best for you
Flexibility around working hours, as long as you’re delivering what’s needed
Annual allowance to help you make the best of your home working environment
Enhanced family leave provisions
Personal learning and development opportunities (we dedicate budget for this)
Spot rewards, so we can say thanks when you do a really great bit of work
Referral bonus if we hire someone great who you’ve recommended to us
Employee of the Month and Employee of the Year awards
Private medical care packages : individual, partner or family
Life insurance package
Interested? Great! This is what you’ll need for the role :
Ideally, you’ll have :
Previous experience in a Security Operations role
Previous experience with cloud computing environments and container based technologies
Previous experience with AWS environments
Previous network security experience
Previous experience with security tooling
Bonus points if you also have :
Good working knowledge of industry standard security control frameworks
Experience working with tooling to support :
Cyber Attack Surface Management
AWS resource configuration
Manual scanning and deployment
Experience developing Identity and Access Management (IAM), Single Sign On (SSO), Role Based Access Control (RBAC) and Privileged Access Management (PAM) functionality
Experience with CIDC
Important point : If you currently can’t tick all the above boxes, please don’t let it put you off applying. We review all applications with real interest, and we believe in supporting people’s personal development.
We’re not necessarily looking for the perfect candidate’ with years of experience, gold medals and superpowers!