Head of Middleware Platform Security
📍 Location: Kraków / Warszawa ( 6days per month from office)
Area: Cybersecurity / Technology
Level: Senior Leadership
Model: B2B
About the role
We are looking for an experienced Head of Middleware Platform Security to join a global organization in the financial sector. This role is responsible for defining and driving the security strategy for middleware platforms at a global scale.
It combines deep technical expertise, leadership responsibilities, and close collaboration with stakeholders across technology, cybersecurity, and business functions.
Key responsibilities
- Define and maintain secure configuration baselines for middleware platforms, including:
- IBM WebSphere Application Server, WebSphere MQ, WebSphere Portal
- Apache HTTP Server, Apache Tomcat
- Oracle WebLogic Server
- nginx, Node.js
- Collaborate with middleware subject matter experts to:
- establish security standards
- develop and implement compliance checks
- define remediation guidance
- Develop and execute a middleware security strategy aligned with:
- enterprise and security architecture
- regulatory expectations
- industry best practices
- Own and prioritize the capability backlog based on business value
- Monitor performance through KPIs and security metrics
- Work closely with:
- Service Owners and Technology/Platform Owners
- Cybersecurity and Architecture teams
- Audit and regulatory stakeholders
- Manage vendor relationships for owned technologies
- Support and respond to security incidents
- Own and manage selected risk, audit, and regulatory items
Leadership & collaboration
- Lead and develop a team of security professionals
- Foster a culture of innovation, collaboration, and continuous improvement
- Partner with senior leadership to align cybersecurity initiatives with business goals
- Manage budget and ensure effective resource allocation
- Influence global technology and security decisions
Requirements
- Minimum 5 years of hands-on experience with middleware technologies (e.g., WebSphere, WebLogic, Apache, nginx, Node.js)
- Proven experience in middleware platform security
- At least 2 years of experience leading technical teams
- Strong understanding of security standards, including CIS benchmarks
- Excellent stakeholder management skills
- Ability to translate complex technical topics into business-friendly language
- Strong analytical and problem-solving skills
- Experience managing budgets and resources
- Proactive, adaptable, and comfortable delegating and empowering teams
Nice to have
- Experience in regulated environments (e.g., financial services)
- Familiarity with global data protection regulations (e.g., GDPR)
- Experience working with auditors and regulators
What we offer
- A key leadership role in a global organization
- Real impact on cybersecurity strategy and platform security
- International, collaborative work environment
- Opportunity to build and grow a high-performing team
- Competitive compensation and benefits package - Luxmed and Multisport