Chief information security officer (CISO)

G-Force is a leading provider of permanent recruitment and outsourcing services. Our Clients are global companies from the following sectors: IT & telecommunications, finance & banking, media, business process outsourcing. We are looking for Candidates interested in career development, working in specialist and manager positions located on the Polish market and abroad.

For our Client, we are looking for candidates to new Security Center on position:

CISO

Location: Kraków
Region: małopolskie
Ref. number: CISO/KRK/2016

Responsibilities and challenges:

• Lead the information Security team to ensure continuous improvement in the area of Information Security,
• Build up and manage the new security center and the coming team within the security center,
• Provide advice and guidance within the organization regarding Information Security related topics,
• Create and maintain security guidelines, secure coding standards, IT-security requirements and IT-security processes,
• Ensure compliancy to the ISO27001 standard as well as applicable standards, laws, regulations and policies,
• Coordinate vulnerability assessments and testing,
• Facilitate security audits/reviews and threat/risk analyses.
• Support the organization in risk identification and management activities,
• Support and coordinate business impact analysis and continuity planning,
• Represent Shared Technologies in the Global Information Security Council and coordinate activities driven by the Group,
• Build and maintain relations and partnership with security companies that provide services like security reviews, penetration tests, code reviews, security educations etc.,
• Coordinate and work with continuous learning for all employees at Shared Technologies within the Information Security area,
• Decide and evaluate different types of security tools.

Preferred Qualifications:

• 5 years + of relevant experience in Information Security, with at least 2 years of management experience (Management, Project Management, Security Management),
• 2 years + of relevant experience in software development, firmware development, application security and firmware security,
• Previous experience from managing an ISO27001 certified ISMS,
• Experience from building up a security organization and implementing/delivering a security assurance program, and managing a business continuity planning program,
• Experience with threat modeling, risk assessments and security reviews,
• Familiarity with secure coding frameworks and best practices such as BSIMM, OWASP and OpenSAMM,
• Knowledge of agile project management methodologies (Kanban/Scrum/Lean),
• Experience with high-level programming languages (e.g. Java, IOS, Android, C, C#, Python),
• Demonstrate excellent presenting and communication skills, good judgment, analytical ability and successfully lead security teams,
• Experience of building and maintaining good working relationships with both external and internal parties,
• Experience of leading and motivating people, goals setting and monitoring achievements in delivering quality security services,
• Degree in Computer Science, Information Security disciplines or similar,
• CISSP, ISSMP, CISM or equivalent.

Our Client offer:

• Flexible working hours,
• Stable employment in a friendly international atmosphere,
• Private Medical Care,
• Multisport & Benefit cards,
• Mobile phone contract,
• In-house free English classes,
• Training budget,
• Ergonomic workplaces with all necessary tools and equipment.