Details

Contract

Full-Time

Location

Krakow, Poland

Department

Information Technology

Openings

1

Job ID

51962338

MAKE HISTORY WITH US! At PMI, we’ve chosen to do something incredible. We’re totally transforming our business and building our future on smoke-free products with the power to improve the lives of a billion smokers worldwide. With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and the space to move your career forward in endlessly different directions. The total transformation we’re going through means that there are unique IT projects here to match all levels of skills and ambitions – from pace-setting global pilot projects to vital local updates. Whether you want to pursue a personal passion or build an international career, there’s space here to develop in any number of directions. Join us in this role and you’ll be part of our Infosec Project Advisory Team. JOIN US! WHO ARE WE LOOKING FOR? • Minimum 6 years of experience in IT security, IT risk management, IT audit or IT controls, preferably in a large organization or consulting companies with at least 2 years in a leadership role • Excellent track record of Senior Leadership and Board level communications • Demonstrable experience in leading and managing global IT teams • Professional certifications in IT systems security and auditing (e.g. CISA, CISSP, CRISC, CISM) (required) • Proven track record in performing IT security assessments or IT audits for large scale solutions • Demonstrable experience with industy-leading practices in cyber security and regulatory compliance (e.g. SOX, GDPR, GxP, HIPAA) • Solid understanding of modern application architectures including microservices, containers, APIs, design patterns, serverless technologies and cloud environment (AWS) • Knowledge of basic identity and access management concepts (e.g. single-sign on, identity federation) and standards (e.g. SAML, OAuth 2.0, OpenID) • Sound knowledge of impact and remediation techniques for vulnerabilities from and outside of OWASP Top 10 • Considerable technical writing proficiency and oral presentation skills, in English • Practical experience in Agile/DevOps organizations and cultures WHAT WE OFFER YOU? • Wide range of trainings, optional language classes, further education and professional qualification support possibility (eg. Acca, cima, cfa) • Remote work opportunity and flexible working arrangements • Employee pension plan • Private medical and dental care, life insurance • Subsidized meals (sodexo card) and multisport program • Mybenefit cafeteria HOW CAN YOU MAKE HISTORY WITH US? • Manage and mentor a global team of Information Security Analysts based in multiple locations • Manage information security assessments activities, e.g. compliance assessments, architecture review, access model review, interfaces and configuration reviews for the whole PMI IT landscape • Act as the technical lead responsible for developing security standards and supporting complex information security assessments • Create PMI information security standards and practices to enable advanced capabilities. • Support key partners in effectively embedding security in the systems development life cycle. • Describe identified issues in the form of reports and ensure that relevant partners understand the risk that those vulnerabilities pose to the Company • Follow up with third parties on any inconsistency and ambiguity in the reports to have a reasonable level of assurance over security testing work provided by vendors • Advise IT teams on how to replicate identified cybersecurity issues and remediate them in the most effective and cost-efficient way • Partner with other Information Security leaders to ensure that PMI follows standard methodologies in the application security testing domain by continuously optimizing tools, techniques and methodologies • Keep up to date with the constantly evolving cyber threat landscape and the latest developments in IT risk management and contribute to PMI’s security standards Please note that only on-line applications will be taken into consideration. Only selected candidates will be contacted. #LIJobs

Apply