Information Systems Security Manager

Technologies we use

About the project

Your responsibilities

• Develop and maintain the security strategy and roadmap for the consortium organization, in alignment with business objectives, regulatory requirements, and industry best practices.
• Use your mandatory Project Management skills to organize the Security Office team to ensure smooth delivery and process-based relationship with technical squads.
• Establish and enforce security policies, standards, and procedures across squads and chapters, ensuring compliance with relevant laws, regulations, and contractual obligations.
• Provide strategic guidance and recommendations to senior leadership and the Security Office on the organization's security posture and risk management.
• Define and maintain the security architecture and design principles for IT systems, applications, and infrastructure, incorporating security-by-design principles into development processes.
• Collaborate with architecture and engineering teams to evaluate, select, and implement security technologies, tools, and solutions to mitigate risks and enhance security posture.
• Conduct security architecture reviews, assessments, and audits of systems and applications, identifying vulnerabilities and recommending remediation measures.
• Develop and deliver security awareness and training programs for employees, contractors, and stakeholders, promoting a culture of security awareness and compliance.
• Provide guidance and support to squads and chapters on security best practices, secure coding principles, and threat mitigation techniques.
• Monitor and measure the effectiveness of security awareness and training initiatives, adjusting strategies as needed to address evolving threats and risks.
• Collaborate with internal audit, compliance, and legal teams to ensure adherence to security requirements and contractual obligations.
• Maintain security documentation, evidence, and artifacts to demonstrate compliance with security standards and regulations.
• Lead the Security Incident Response Team (SIRT), coordinating efforts to investigate and mitigate security incidents in a timely and effective manner.
• Develop and maintain incident response plans, playbooks, and procedures, conduct regular tabletop exercises and simulations to test and improve response capabilities.
• Security Governance, Risk Management, Security Architecture, SIEM/SOAR, Vulnerability Management, Incident Response, Secure SDLC, Security-by-Design, Threat Modeling, Security Awareness Programs.

Our requirements

• Bachelor's degree in Information Security, Computer Science, or a related field; advanced degree or relevant certifications (e.g., CISSP, CISM, CISA) are a plus.
• Proven experience (min 5 years) in information security, with a focus on security strategy, governance, operations, and compliance.
• Strong understanding of security frameworks, standards, and best practices (e.g., NIST Cybersecurity Framework, CIS Controls, OWASP Top 10).
• Experience in leading and managing cross-functional security teams in a dynamic and fast-paced environment
• EU citizenship.
• Fluent English: B2/C1.
• Being open to occasional business trips abroad and visits in our office in Katowice.

Optional

• Clerance

This is how we organize our work

This is how we work

This is how we work on a project

What we offer

• BENEFITS (UoP): Luxmed, Medicover Sport, Worksmile, educational platforms, languages learning platform, referral bonus, life insurance, workation
• DEVELOPMENT OPPORTUNITIES (UoP and B2B): certifications (paid by the company), conferences, Tech Lunches, possibility to join our Communities (Project Management, Architecture, Security, Process Management, Leadership, AI and Cloud)

Benefits

Additional Information