Senior Frontend Engineer (Security)

For our Client we are looking for an experienced Senior Frontend Engineer.

The role holder’s primary responsibility is to adopt `Engineering Excellence’ across the Software Security platform. This position plays an instrumental role in driving technical delivery and best in class design & code across agile teams in the Cross Functions Teams within Security Space. Our Client is moving away from high-cost vendor-based platforms to a custom, Next.js-driven open-source architecture deployed on GCP. 

📍 Location: Kraków, hybrid work model – 2 days per week in the office, 3 days remote
🕒 Cooperation model: [Full-time / B2B]
📍 Project for our Client from the financial sector

Key Responsibilities:

• Implement and maintain robust Content Security Policies (CSP) and secure cookie management
• Building secure authentication flows using OAuth2/OpenID Connect within Next.js Middleware
• Expertise in preventing XSS, CSRF, and clickjacking at the architectural level
• Build and lead communities that ‘raise the bar’ on delivering quality and efficiency

Requirements:

• 5+ professional experience in similar posision
• Advanced proficiency in at least one modern frontend ecosystem (React, Angular or Vue) with the ability to justify architectural choices between them
• Proven track record of identifying and mitigating frontend vulnerabilities (XSS, CSRF, Supply-Chain attacks) at the code level
• Experience connecting frontend architectures to GCP-based microservices via type-safe API contracts (REST, GraphQL, or gRPC).
• Strong mastery of TypeScript, unit/e2e testing (Cypress, Playwright), and CI/CD integration
• Someone who can think few steps forward of technology and guide the team to a new direction
• Hands on passionate technologist who is still delivering code to production and understands React Server Components (RSC), Server Actions, and Partial Pre-rendering (PPR)
• Deep expertise in modern Component-Based Frameworks (e.g., React, Angular, or Vue) and a strong grasp of Server-Side Rendering (SSR) and Static Site Generation (SSG) strategies
• Implement and maintain robust Content Security Policies (CSP) and secure cookie management
• Building secure authentication flows using OAuth2/OpenID Connect within Next.js Middleware
• A problem solver that can translate business opportunities into technical solutions
• Build and lead communities that ‘raise the bar’ on delivering quality and efficiency
• Be able to constructively challenge existing thinking and develop improved paths forward
• Maintains a strong knowledge of IT development methodology, architecture design, engineering solutions, and technical standards
• Mentor and share knowledge with others on the team, and outside teams where required
• Always consider automation for a solution from the start. Help to reduce the toil and time-consuming portions of the technology to help developers become more agile and deliver solutions quickly and securely.
• Fluent English

Benefits:

• Private medical care (Luxmed)

• Multisport card

• Collaborative team culture and modern tech stack