IT Security Specialist

a { text-decoration: none; color: #464feb; } tr th, tr td { border: 1px solid #e6e6e6; } tr th { background-color: #f5f5f5; }

The main responsibility of the Information Security Specialist is to execute and supervise group IT Security initiatives and help ensure that our IT security requirements are implemented in our systems, with our partners, and in our projects. The person in this position will coordinate and execute the implementation of our security roadmap in our company to provide support in the development of business requirements, technical specifications, and security assessment.
You will independently conduct security audits of our partners and service providers and, if necessary, find pragmatic solutions to protect our data and systems.

Responsibilities:

• Ensure compliance with SG Group standards and regularly review and update security documentation and procedures.
• Identify potential security risks and manage vulnerabilities within systems and processes.
• Respond to security incidents, perform root cause analysis, and implement corrective actions.
• Perform and assist in internal and external audits related to information security.
• Promote security awareness among employees and provide guidance and training on SGIP policies and best practices.
• Work closely with business units to understand operational needs and embed security requirements into processes and projects.
• Collaborate with the ASSU security team to ensure security standards and share best practices.
• Cooperate with technical teams (infrastructure, application) to implement secure configurations and resolve vulnerabilities.
• Support the development and maintenance of IT continuity plans aligned with SG Group and business continuity requirements.
• Coordinate IT continuity testing and exercises to validate recovery capabilities.

a { text-decoration: none; color: #464feb; } tr th, tr td { border: 1px solid #e6e6e6; } tr th { background-color: #f5f5f5; }

• At least high school diploma or higher education in progress
• Language skills: fluent English (Polish or German would be a nice-to-have)
• 3 years of experience and enough professional expertise in the areas of responsibility described to contribute immediately and make the team better
• Practical experience with ISO 27001, penetration testing, security audits, and ability to support these fields right away
• Certification such as CISM, CISSP or similar is a plus; if not, willingness and motivation to obtain one soon
• Interest in understanding not only technology but also the business context of systems; prior knowledge of the financial sector is helpful but not mandatory
• High autonomy and ability to take initiative, prioritize, and organize actions
• Excellent communication skills
• Intercultural competency
• Strong team player
• Good analytical skills
• Enthusiastic, cooperative, and positive attitude

a { text-decoration: none; color: #464feb; } tr th, tr td { border: 1px solid #e6e6e6; } tr th { background-color: #f5f5f5; }

• Work in a multicultural environment within a professional team
• Trainings and professional development opportunities in an international financial group
• Competitive salary
• Friendly work environment
• Benefits package including: private health care, Benefit Systems card, Sodexo lunch pass, additional days off (after one year in the company – 1 additional day of holidays; after 3 years – 3 additional days of holidays; additional 16 hours per year for charity activities; company closed on May 2nd and December 24th), fruits in the office once a week
• Sharing the costs of sports activities
• Private medical care
• Sharing the costs of professional training and courses
• Life insurance
• Induction events