Informacje o stanowisku

about-project :

• In this role, you will lead the Governance, Risk, and Controls (GRC) function within the Information Security Team. You will develop and maintain our global organizations information security policies, assess compliance (internal and external), and deliver security awareness programs across the entire company. You will also assess, communicate, and manage information security risks in a structured framework.

• Manage the information protection policy process, including ongoing process improvements
• Identify the need for new or updated policies, and draft content for same
• Advise and consult with internal and external entities regarding information security policy issues.
• Actively manage and participate in audit readiness and audit conduct activities, including internal self-assessment, and continually improve these processes
• Escalate and expedite potential compliance and audit issues
• Liaison with internal and external auditors
• Liaison with related functions such as Physical Security, Legal, HR, and IT
• Manage information security reviews for third-party providers
• Regularly measure compliance with internal and external requirements and frameworks
• Build and maintain an information security risk management framework
• Proactively identify risks and propose remediation activities and risk treatments
• Measure and report on all information security risk, policy, compliance, and audit items
• Build and maintain the overall Information Security Scorecard

• Have 5+ years of relevant experience in a similar position within Information Security, with a focus on governance, risk management, and compliance
• Demonstrate experience in developing and implementing IT security policies, procedures, and standards
• Have a proven track record of conducting risk assessments and managing IT security risks
• Possess relevant security certifications such as CISSP, CISM, or CISA
• Are proficient in designing and implementing security controls and measures
• Have experience with security frameworks and best practices
• Possess strong knowledge of global regulatory requirements and industry standards (e.g., GDPR, ISO 27001, NIST)
• Demonstrate the ability to collaborate effectively with various departments and stakeholders, including external providers
• Are familiar with OneTrust (desired), MS Office
• Hold bachelors degree or equivalent work experience
• Speak fluent English

• A chance to shape GRC policies within a global organization
• Being part of a fast-growing, dynamic company, one of leading global packaging manufacturers
• Fast-paced, challenging environment with great professional growth opportunities
• Collaborative culture with strong quality and innovation focus
• Flexible hybrid work arrangement (2 days/week in the office preferred)

• sharing the costs of sports activities
• private medical care
• sharing the costs of foreign language classes
• sharing the costs of professional training & courses
• life insurance
• flexible working time
• retirement pension plan
• parking space for employees
• extra social benefits
• employee referral program
• charity initiatives

Kraków - Oferty pracy w okolicznych lokalizacjach