Security Engineer – AI Application & Infrastructure
ITDS
This is a specialized security engineering role focused on AI application and infrastructure security within a global banking environment. You'll act as a security consultant, performing secure code reviews, threat modeling, and evaluating AI/ML systems for vulnerabilities. You'll also build PoCs, review AI platform configurations, and contribute to security policies. The role combines hands-on security engineering with advisory responsibilities, requiring deep knowledge of AI/ML security risks (OWASP LLM Top 10, adversarial ML) and experience in regulated financial sectors. You'll work in a hybrid model (at least 2 days in office) as part of an outsourcing arrangement with a major bank.
Brakuje: recruitment process not described (number of stages, assignments, etc.), team size and structure not mentioned.
This is a specialized security engineering role focused on AI application and infrastructure security within a global banking environment. You'll act as a security consultant, performing secure code reviews, threat modeling, and evaluating AI/ML systems for vulnerabilities. You'll also build PoCs, review AI platform configurations, and contribute to security policies. The role combines hands-on security engineering with advisory responsibilities, requiring deep knowledge of AI/ML security risks (OWASP LLM Top 10, adversarial ML) and experience in regulated financial sectors. You'll work in a hybrid model (at least 2 days in office) as part of an outsourcing arrangement with a major bank.
- ✓Cutting-edge focus on AI security in a global banking leader
- ✓Diverse responsibilities from hands-on PoCs to strategic threat modeling
- ✓Opportunity to shape secure AI practices and influence cross-functional teams
- ✓Mentoring and knowledge sharing culture emphasized
- ✓High demand for AI security skills
- −Hybrid model requires at least 2 days per week in the Krakow office (up to 3 remote days may be flexible but not guaranteed)
- !EU work authorization required, limiting candidate pool
- !Outsourcing arrangement (ITDS to bank client) may reduce autonomy
- !Specific 6+ years experience requirement is strict
- !Description mentions 'up to 3 days remote per week' which may indicate potential changes
- •Conduct secure code reviews for engineering teams and provide actionable security findings
- •Evaluate large language models for vulnerability detection and automated remediation
- •Build proof-of-concept and proof-of-value implementations for new security solutions
- •Review AI platform configurations, access controls, and deployment settings for compliance
- •Identify and mitigate AI/ML-specific risks such as prompt injection and data leakage
- •Develop technical documentation and security patterns for knowledge sharing
- •Mentor colleagues and promote best security practices in AI development
Oferta skierowana do developerów z doświadczeniem komercyjnym (Mid).
A security engineer with at least 6 years of experience in cybersecurity, including hands-on secure code review and vulnerability analysis. Has foundational knowledge of AI/ML security risks, is skilled in Python scripting, and has experience in financial services or other regulated sectors. Must be eligible to work in the EU.
Junior or mid-level engineers with less than 6 years of cybersecurity experience, or those without a background in AI/ML security. Also not for candidates who prefer fully remote work, as the role requires at least 2 days in the Krakow office per week.
- ?How many engineers are on the AI security team?
- ?What specific security tools (SAST, SCA, etc.) are currently in use?
- ?Is there any on-call rotation or incident response expectation?
- ?What opportunities exist for professional development (certifications, conferences)?
- ?How does the team interact with the bank's AI/ML development teams?
- ?What is the expected timeline for the hiring process?
- ?Are there opportunities to transition to the client directly?
- ?What is the typical split between security reviews and hands-on implementation work?
- −Recruitment process not described (number of stages, assignments, etc.)
- −Team size and structure not mentioned
- −Specific on-call or after-hours duties not addressed
- −Budget for training or certifications not disclosed
- −Contract duration for B2B engagement not specified
A collaborative and learning-oriented team focused on cutting-edge AI security, with emphasis on mentoring and continuous improvement.