Intern assisting in the development of AI tools for validating crash simulations at BMW Group. Collaborating in creating methods for airbag deployment analysis and machine learning.
About the role
- Head of Information Security at Testronic overseeing security strategy, governance, and compliance in global operations. Ensuring robust security controls aligning with client requirements and regulatory standards.
Responsibilities
- Develop and maintain the company’s information security strategy and roadmap, continuously improving our security posture while supporting business and client needs.
- Own and maintain the ISO 27001 certification program, including internal and external audits and compliance activities.
- Ensure compliance with internal policies, GDPR, and client contractual security requirements across all locations.
- Act as the custodian of security policies and standards, ensuring alignment with ISO 27001 and evolving business needs.
- Oversee incident management, vulnerability management, and SIEM monitoring, ensuring effective processes and controls are in place.
- Coordinate penetration testing, vulnerability remediation, and internal security assessments together with IT teams.
- Manage risk management processes, including maintaining risk registers and reporting to senior leadership.
- Support client security audits and assessments, providing transparency and assurance regarding our security environment.
- Act as a security advisor for internal projects, ensuring that security requirements are integrated into IT and business initiatives.
- Drive security awareness across the organization, supporting stakeholders in understanding and following security requirements.
- Maintain documentation and evidence required for compliance, audits, and reporting.
- Establish and track security KPIs and KRIs to monitor the effectiveness of the security program.
Requirements
- Strong experience in information security, cybersecurity, or security governance, including leadership or ownership of security programs in global organizations.
- Proven experience owning and managing an ISO 27001 certification program and working with security audits.
- Strong understanding of security architecture and controls, including areas such as network security, SIEM monitoring, vulnerability management, and cloud security.
- Solid knowledge of modern cyber threats, hacking techniques, and data exfiltration risks, and how to mitigate them.
- Experience managing security compliance frameworks, risk management processes, and security governance programs.
- Ability to balance security requirements with business needs in a fast-moving and client-focused environment.
- Strong stakeholder management and communication skills, including the ability to work with both technical and non-technical teams.
- Education & Certifications
- University degree in Cybersecurity, Information Technology, or a related field.
- Relevant certifications such as CISSP, CISM, CEH, or similar.
- Audit-related certifications such as ISO 27001 Lead Auditor or CIA are a plus.
Benefits
- Full-time contract.
- Hybrid work model (Warsaw).
- Medical healthcare and Multisport card.
- Stable employment and professional growth in an international environment.
- Opportunity to shape and further develop the company’s global information security program.
- Friendly and open-minded teams.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Infrastructure & Security Engineer in Ciudad de México managing on - prem critical payment systems while ensuring security and operational continuity. Collaborate on technical decisions impacting financial infrastructure.
Junior Product Analyst focused on vehicle safety developments and experimental component designs at EDAG. Engaging in testing and administrative management for vehicle safety systems and collaboration.
Senior Security Product Manager at BlinkOps transforming customer implementations into scalable solutions. Collaborating with multi - functional teams and driving product development for security applications.
Cybersecurity Architecture Manager at Grifols designing secure infrastructures and integrating cybersecurity measures across business units. Leading the Information Security Office to protect digital services.
Safety Technician ensuring the improvement of work safety and health conditions at Nestlé. Conducting evaluations, trainings, and compliance with legal requirements in a factory environment.
Safety Technician ensuring safe workplace practices and compliance with regulations. Collaborating on safety training and conducting regular inspections for risk assessment.
Senior Security Architect at Kainos responsible for security practices in digital platforms. Leading teams and ensuring agile environments uphold strong security standards.
Security Architect designing and applying good security practices for Kainos healthcare platforms. Working with Agile teams, mentoring staff and solving challenging security problems.
InfoSec Engineer developing and managing secure cloud engineering designs for a defense technology platform. Supporting the implementation and compliance of cybersecurity standards in cloud - based systems.