from Ukraine
See my story
from Portugal
See my story
from Colombia
See my story
from Italy
See my story
from Mexico
See my story
from Denmark
See my story
beign your career journey with accenture

PMI Service Center Europe
PMI Service Center Europe
location iconLocations: Kraków
level iconLevel: specialist
(Senior) Application Security Specialist
Location: Kraków
At PMI, we’ve chosen to do something incredible. We’re totally transforming our business and building our future on smoke-free products with the power to improve the lives of a billion smokers worldwide.

With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and the space to move your career forward in endlessly different directions.

PMI’s journey to a smoke-free future is fueled by technology.

The total transformation we’re going through means that there are unique IT projects here to match all levels of skills and ambitions – from pace-setting global pilot projects to vital local updates. Whether you want to pursue a personal passion or build an international career, there’s space here to develop in any number of directions.

Join us in this role and you’ll be part of our IT Information Security & Data Privacy international team in the beautiful city of Krakow, Poland.

Your “day to day”

• Support IT teams on information security related topics during the design, development and maintenance of new or existing systems
• Perform detailed security assessments of applications and systems from multiple perspectives, e.g. by reviewing their overall architecture and attack surface, validating trust boundaries and data flows, understanding the integration with external systems, etc.
• Describe identified issues to relevant stakeholders in the form of reports and ensure that they understand the risk that those issues pose to the Company
• Embed cybersecurity into the systems development life cycle process, e.g. by leading the execution of threat modeling activities and fostering the adoption of DevSecOps principles
• Support hands-on the integration of security tools (e.g. SAST, DAST) within the continuous integration/continuous delivery (CI/CD) pipelines of the development teams
• Create and maintain secure application development patterns and secure coding standards to help IT teams minimizing the number of cybersecurity issues in their products
• Raise awareness across the organization by delivering trainings, webinars or similar activities that reduce the number of repeated application security weaknesses and technical vulnerabilities
• Keep up to date with the constantly evolving cyber threat landscape and the latest developments in application security

Who we’re looking for

• Minimum 5 years of experience in web/mobile application security, preferably within a large organization
• Professional certifications in Information Security or Cybersecurity (e.g. CISSP, CISM)
• Proven track record in supporting development teams throughout all phases of systems development life cycle (design, threat modelling, development, maintenance)
• Hands-on experience with integration of SAST, DAST and SCA tools into CI/CD pipelines
• Strong understanding of cloud computing architectures (e.g. SaaS, IaaS, PaaS, FaaS) and their corresponding characteristics in terms of information security
• Practical knowledge on modern application architectures including microservices, containers, APIs and serverless technologies
• Sound knowledge of impact and remediation techniques for vulnerabilities from and outside of OWASP Top 10
• Considerable technical writing proficiency and oral presentation skills, in English
• Practical experience in Agile/DevOps organizations and cultures
• Highly collaborative, with ability to build relationships with colleagues from different cultures throughout the organization
• Experience with any of the following technologies/tools not mandatory but strongly preferred: AWS WAF, Salesforce Shield, HashiCorp Vault, Terraform, Ansible, Artifactory, Splunk, ELK

What we offer

Our success depends on the men and women who come to work every single day with a sense of purpose and an appetite for progress. Join PMI and you too can:

• Seize the freedom to define your future and ours – we’ll empower you to take risks, experiment and explore
• Be part of an inclusive, diverse culture, where everyone’s contribution is respected; collaborate with some of the world’s best people and feel like you belong
• Pursue your ambitions and develop your skills with a global business – our staggering size and scale provides endless opportunities to progress
• Take pride in delivering our promise to society: to improve the lives of a billion smokers


PMI is the world’s leading international tobacco company, with six of the world's top 15 international brands and products sold in more than 180 markets. In addition to the manufacture and sale of cigarettes, including the number one global cigarette brand, and other tobacco products, PMI is engaged in the development and commercialization of Reduced-Risk Products (“RRPs”). RRPs is the term we use to refer to products that present, are likely to present, or have the potential to present less risk of harm to smokers who switch to these products versus continued smoking. We have a range of RRPs in various stages of development, scientific assessment and commercialization. Because our RRPs do not burn tobacco, they produce far lower quantities of harmful and potentially harmful compounds than found in cigarette smoke. For more information, see and

This job is no longer available

Recruitment process for this position has ended.

Jobs that may interest you:

Senior IT Analyst
Solution Architect Supply Chain
Project Manager/Lead IT Finance*


  • iconIT
  • iconKraków, małopolskie

Company profile

  • About us
  • Job offers (37)
  • Recruitment process
  • Benefits

Do you want to be always up to date?

Create job alert and start getting similar offers directly to your mailbox!