Overview Due to our expanding global business and the increasing scope of our information security assessors, we're seeking an exceptional individual to join our Information Security Assessment (ISA) Lead Team, managed by Mohammed. This role is within the Risk Management Leadership Tower, part of the Governance, Risk, and Compliance (GRC) organization of InfoSec. Your primary responsibility will be to conduct security risk assessments, identify cyber risks, and ensure our business solutions are secure and compliant before deployment. You will align business solutions with our Information Security Policy and Standards, aiding in the effective management and mitigation of risks. Why should you join this team? You will collaborate with a highly skilled global team and gain exposure to cutting-edge security technologies, products, and frameworks. You will play a pivotal role in evaluating and enabling key businesses to securely lead in the market within a multinational environment. What kind of manager is Mohammed? Working with Mo and the ISA Lead Team means joining a team that values innovation, creativity, and collaboration. Our leadership promotes open communication, supports professional growth, encourages calculated risks, and fosters a culture of continuous learning to solve complex security challenges. How do we work and what do we offer? We work in a hybrid model (2 days from the office in Warsaw, Plac Konesera, 3 days from home) The most important benefits of this position: annual bonus, private healthcare, life insurance, Multisport, private pension plan, employee assistance program, company car or equivalent Responsibilities What are your daily tasks? You’re reviewing, assessing, and evaluating technology solutions to ensure compliance with our security policy, standards, and industry standards. You’re managing the end-to-end process of security assessments, your queue, meetings, while meeting SLAs and ensuring cyber risks are evaluated and communicated to customers. You’re translating identified security risks in ISA reviews for both technical and non-technical stakeholders, including security scan and penetration test results, and privacy concerns. You’re proactively identifying and prioritizing potential security risks in customer solutions. You’re collaborating across InfoSec, IT, and Business teams to resolve security challenges and educate stakeholders on minimizing cyber risks. You’re levaraging ServiceNow, Power BI, and other tools to automate processes, tracking metrics, and using data to drive security decisions. You’re continuously monitoring and improving processes, integrating Agile and DevSecOps methodologies, and staying up-to-date with emerging threats. Qualifications What will you bring to the team? You have proven expertise in applying security frameworks such as NIST 800-53, ISO 27002, CIS, and OWASP. You have strong analytical skills to interpret security scan and penetration test results, influencing the drive for remediation. You’re experienced automating risk assessments using ServiceNow and reporting, with familiarity using Power BI. You’re experienced in threat modeling and cloud platforms such us: Azure, AWS, Alibaba, ensuring robust defenses across diverse environments. You have excellent communication and influencing skills, capable of educating stakeholders and building a strong security culture. You have a track record of integrating security into the project lifecycle, utilizing Agile and DevSecOps practices. You have proactive, problem-solving mindset, dedicated to continuous improvement and staying ahead of emerging threats.