Global Information Security Officer

• Review the current implementation of IT Security services;
• Identification and driving the IT security services improvements;
  
• Development of conceptual models for delivery of security services;
  
• Development and maintenance of IT security policies and procedures, and their implementation level per region;
  
• Support and promote cybersecurity awareness building;
  
• Becoming a trusted advisor and subject matter expert (SME) on security architecture;
  
• Performing gap analysis for specific domains, identifying gaps in existing capabilities, service maturity;
  
• Participate in definition, prototyping and continuous development of Company IT security reference architecture, methodology, models and security controls; aligning requirements from the architecture teams, technology teams and Global IT Security colleagues;
  
• Providing deep architectural expertise on complex cloud and on-premise projects;
  
• Delivering workable risk/threat-driven solutions with cost/benefit analysis;
  
• Communicating with both technical and non-technical stakeholders, providing guidance on proper security architectural patterns;
  
• Identifying missing cybersecurity and cyber-resilience capabilities in alignment with changing business needs, threat land scape and technical requirements to increase the quality of the selected solutions also including topics such as products' convergence over time and products decommissioning;
  
• Analysing market trends and threat landscape, providing meaningful insights, opportunities, and risks.

Requirements

• Minimum 5 years of professional experience as an Information Security Architect and/or Security Officer;
• Proven knowledge of international security standards and methodologies as well as additional qualification (CISSP, CISA, CISM, SABSA, TOGAF or equivalent);
  
• Understanding business process context;
  
• Hands-on experience and superior technical knowledge in: Windows, Networking, Databases, Public cloud (Azure);
  
• Ability to translate business requirements into technical solutions;
• Handling vulnerabilities and information security incidents;
• Conducting regular security assessments and audits to identify vulnerabilities and recommend solutions;
  
• Defining, implementing and maintaining the processes required to establish a secure SDLC;
  
• Collaborating with cross-functional teams to integrate security best practices throughout the organization;
  
• Providing internal security consultations;
  
• Staying up-to-date on the latest cybersecurity threats and trends;
  
• Documenting all technical procedures and user guides for reference and reporting purposes;
  
• Providing security awareness training to employees and promoting a culture of security awareness;
  
• Supervision and coordination of security incidents;
  
• Coordinate vendors and security service providers;
  
• Good analytical and conceptual skills;
• Ability to deal with ambiguity while working in a continually changing environment under indirect supervision;
  
• Excellent experience in security solution evaluation (e.g. Proof of Concept) and recommendation;
  
• Excellent communication skills, ability to explain/present complex topics to both technical and non-technical audiences (including C-level management);
  
• High cultural awareness and working experience in a complex and multicultural environment;
  
• Fluent English language (at least C1 equivalent).
  

• Knowledge of ITIL service management;
  
• Practical knowledge of Zero-Trust architecture;
  
• Modern encryption and key management methods for both in-transit and at- rest data protection.
  

Benefits

• Competitive salary based on contract of employment;
  
• Great company culture and work-life balance;
  
• Flexible working arrangements according to role;
  
• Joining a team that is at the forefront of innovation and excellence in ground support and rock reinforcement;
  
• Remote work.
  

LOOK4IT SP. Z O. O. (KRAZ: 7880)