• Analiza
  • Architektura
  • Badania i rozwój
  • Budownictwo i Geodezja
  • Energetyka i Gazownictwo
  • Geologia i Hydrologia
  • Informatyka/Administracja
  • Informatyka/Programowanie
  • Instalacja i Serwis
  • Internet / E-commerce
  • Inżynieria/Elektronika/Technologia
  • Kontrola jakości/BHP
  • Logistyka i transport
  • Motoryzacja
  • Nieruchomości/Budownictwo
  • Ochrona środowiska
  • Produkcja / Przemysł
  • Rolnictwo i Hodowla
  • Telekomunikacja

System Security Champion

Polska, Kraków, małopolskie
Stefanini PoIand Sp. z o.o.

Delivers solutions in compliance with regulations, internal policies and standards. Performs risks assessments and implements technical measures to minimize exposures. Ensures risks and security requirements are clear for stakeholders. Maintains tracking of progress and provides status report regularly

Job Duties:

  • Identification and assessment of risks for IS solutions
  • Evaluates vendors and brings recommendation to mitigate risks
  • Establishes strategies for the implementation of internal policies, standards and best practices
  • Clarifies security requirements and advises on implementation strategies
  • Maintains track of security deliverables and escalates on identified high risks
  • Defines and implements access and authorization models
  • Establishes system controls and levels of access with proper segregation of duties
  • Develops security awareness by providing orientation, educational programs, and on-going communication
  • Updates job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations
  • Accomplishes information systems and organization mission by completing related results as needed.

Necessary Skills and Qualifications:

  • BS or MS in Computer Science, Engineering, or a related technical discipline, or equivalent experience
  • 3+ years of experience in IT security, IT risk management, IT audit and IT controls
  • 2+ years of experience with industry compliance and security standards including one or more of the following: SOX, PCI, GxP, NIST, TÜV cloud security
  • Demonstrated experience with data protection regulation and practices (with a strong emphasis on personal data protection - e.g. GDPR)
  • Working know-how about authentication and encryption, including leverage of SSL/TLS protocols, PKI and key management
  • Experience on Risk Management on Cloud environments (IaaS, PaaS, SaaS)
  • Understanding of Active Directory, Identity Access Management, SAML and similar tools and protocols
  • Strong verbal and written communications skills and ability to lead effectively across organizations
  • Self-organization and objective oriented
  • Get the job done attitude with drive for results quick solutions
  • Good documentation practices
  • ITIL knowledge
  • Highly appreciated skills and experiences:
  • Certifications (CISSP, CCSP, CISM, CISA, CCSK, others)
  • Experience managing initiatives across teams and geographies
  • Practical experience with implementing DevSecOps concepts
  • Experience working in a fast-paced matrix organization applying Agile principles (Kanban)
  • Experience with static and dynamic application security testing tools (e.g. HPE Fortify, Veracode) and performance testing routines

Our offer:

  • Full time job, stability of employment
  • Competitive salary package
  • Benefits package
  • Private medical healthcare

For more information about Stefanini, please have a look at our website:  


wszystkie oferty