Information Technology Security Analyst

Why join us?

Blupace is a world-class IT development company that strives to improve its processes constantly. The company has been in business since 2008 and employs over 160+ people in more than 4 countries. Blupace provides innovative software solutions for businesses of all sizes, with a focus on Web & Mob Applications, e-commerce websites, data & Analytics , Field services and more. We are passionate about developing innovative technology solutions that make a difference. We have the expertise and experience to provide custom-tailored solutions for your business, whatever your field may be. Our team is dedicated to providing you with the best possible service, and we are always looking for new ways to improve our products and services. We operate in different locations which includes UK, France, Germany and Belgium.

Where you’ll be working:

• It is Poland based contractual opportunity-IT Security Analyst
• No Sponsorship provided for this role.
• Its a contractual opportunity for 8 months possible extension to 2027 based on performance
• Experience: 5+ years

Job Description

Supports the enterprise-wide implementation of the Secrets & Credential Management project by analyzing current-state processes, identifying security and control gaps, defining requirements, and driving the secure governance of technical and workforce secrets. Ensures that secrets such as passwords, SSH keys, API keys, certificates, tokens and non-personal credentials are identified, classified, documented and prepared for controlled lifecycle management in line with security, compliance and operational requirements.

Tasks & Responsibilities

• Conduct end-to-end analysis of existing secret and credential management practices across applications, infrastructure, platforms and operational processes.
• Identify, classify and document technical and workforce secrets, including ownership, usage, storage location, criticality, lifecycle stage, access model and associated risks.
• Assess current-state control weaknesses such as unmanaged SSH keys, hardcoded credentials, shared accounts, undocumented secret usage, insufficient rotation and weak auditability.
• Define and document detailed functional and non-functional requirements for centralized secrets management capabilities.
• Support the design of compliant lifecycle processes for creation, storage, access, usage, rotation, revocation, emergency access and decommissioning of secrets.
• Analyze dependencies across systems, applications, service accounts, technical users and operational teams to support onboarding and migration planning.
• Prepare clear and defensible security analysis deliverables, including gap assessments, process documentation, risk assessments, control requirements and remediation recommendations.
• Facilitate and document workshops with technical, operational and business stakeholders to gather requirements, validate findings and resolve ambiguities.
• Contribute to tool evaluation activities by translating operational and security needs into concrete assessment criteria and use cases.
• Validate whether proposed solution approaches meet defined security, compliance and operational expectations.
• Support reporting and governance activities by maintaining traceability of findings, risks, requirements, remediation items and implementation dependencies.
• Ensure analysis outputs are audit-ready, internally consistent and suitable for decision-making at project and stakeholder governance level.
• Operations / Support Teams

Requirements

• At least 5 years of experience in a similar position.
• At least 2 years of experience in working with IAM projects.
• Strong experience in IT security analysis, security requirements engineering, control assessment or security governance in complex enterprise environments.
• Proven knowledge of secrets and credential types, including passwords, SSH keys, API keys, tokens, certificates, service accounts and privileged credentials.
• Experience in analyzing IT processes, identifying control gaps and translating findings into implementable security requirements.
• Strong understanding of IAM, PAM, least privilege, segregation of duties, auditability and secure access governance.
• Ability to work across technical and non-technical stakeholder groups and drive structured analysis in ambiguous environments.
• Strong documentation, workshop facilitation and communication skills in English.
• Experience in regulated, global or highly controlled environments.

Nice to Have

• Experience with CyberArk, HashiCorp Vault, Azure Key Vault, AWS Secrets Manager, GCP Secret Manager or similar platforms.
• Knowledge of ISO 27001, NIST, CIS Controls or enterprise security governance frameworks.
• Experience in transformation or migration projects involving credential centralization and legacy cleanup.

Relevant security certifications.

The Package

• We offer a competitive salary and a great benefits package. Blupace is committed to promoting a diverse, open and collaborative work environment – a place where we can be ourselves and succeed on merit. We believe an environment like this is where ideas can truly flourish and balanced with a healthy dose of fun, it ensures that our people stay and develop.