Senior Cybersecurity Engineer (Defence)
Project description:
We're looking for a Senior Cybersecurity Engineer with a strong background in designing, implementing, and validating security mechanisms across diverse systems and environments. The ideal candidate will have deep expertise in cybersecurity engineering principles, secure architecture, risk assessment, and vulnerability management, supported by strong analytical and problem‑solving skills. Experience with embedded systems security is highly desirable and considered a significant advantage. This role requires excellent communication skills to translate complex technical risks into clear, actionable recommendations for engineering teams and stakeholders.
Tech stack:
Secure boot, firmware security, OTA
Cryptography (AES, RSA, ECC) & hardware security (TPM, HSM, TrustZone)
Embedded interfaces & protocols: CAN, LIN, Modbus, BLE, Wi-Fi, TCP/IP, NFC
Hardware interfaces: JTAG, UART, SPI, I²C
Cloud IoT platforms & secure communication: AWS/Azure/GCP IoT, TLS/DTLS, MQTT(S), SSH, TLS, IPSEC
Secure code review (C/C++, Rust, Python) & DevSecOps / CI/CD security
Requirements:
Proven experience in designing security solutions for embedded systems, IoT devices, and cloud-connected architectures
Strong background in identifying, exploiting, and documenting security weaknesses across a broad range of environments
Deep understanding of embedded security attack vectors: side-channel attacks, fault injection, firmware tampering, replay attacks, MITM Experience with vulnerability scanning, fuzzing, exploit development, and hardware-level security assessment
Solid knowledge of secure communication protocols, cryptography, secure mechanisms used in embedded, secure firmware design, cybersecurity testing
Ability to translate complex technical findings into clear, actionable recommendations for both technical and non-technical stakeholders
Familiarity with risk assessment frameworks such as ISO 21434, IEC 62443, ISO 27005, IEC 81001-5-1, UL 2900, DO‑326A
Understanding of data protection requirements (GDPR / HIPAA) in cloud-integrated IoT ecosystems
Experience with secure SDLC, DevSecOps, and CI/CD security practices
Strong analytical, problem-solving, and communication skills
Relevant certifications is must, such as OSCE, OSCP, GPEN, CompTIA PenTest+
Willingness to work in a hybrid model from our office in Wrocław
Willingness to complete security clearance procedure
- Department
- Software Delivery
- Role
- Security Engineer
- Locations
- Wroclaw (PL)
- Monthly salary
- PLN20,000 - PLN25,000
- Employment type
- Full-time
- Experience
- Senior, Lead
- Area
- Security
About Spyrosoft
Spyrosoft is an authentic, cutting-edge software engineering company, established in 2016. In 2021 and 2022, we were among the fastest growing technology companies in Europe, according to the Financial Times. We were founded by a group of tech experts with established backgrounds in software engineering, who created an ‘engineer-to-engineer’ workplace, powered by enthusiasm, fairness and authentic relationships. Having a unique offering, which bridge the gap between technology and business, we specialise in technology solutions for industry 4.0, automotive, geospatial, healthcare & life sciences, employee experience & education and financial services industries.