Consultant for cybersecurity and compliant software development supporting medical device manufacturers. Creating security documentation and facilitating workshops in a hybrid or remote setting.
About the role
- Head of Information Security at Testronic overseeing security strategy, governance, and compliance in global operations. Ensuring robust security controls aligning with client requirements and regulatory standards.
Responsibilities
- Develop and maintain the company’s information security strategy and roadmap, continuously improving our security posture while supporting business and client needs.
- Own and maintain the ISO 27001 certification program, including internal and external audits and compliance activities.
- Ensure compliance with internal policies, GDPR, and client contractual security requirements across all locations.
- Act as the custodian of security policies and standards, ensuring alignment with ISO 27001 and evolving business needs.
- Oversee incident management, vulnerability management, and SIEM monitoring, ensuring effective processes and controls are in place.
- Coordinate penetration testing, vulnerability remediation, and internal security assessments together with IT teams.
- Manage risk management processes, including maintaining risk registers and reporting to senior leadership.
- Support client security audits and assessments, providing transparency and assurance regarding our security environment.
- Act as a security advisor for internal projects, ensuring that security requirements are integrated into IT and business initiatives.
- Drive security awareness across the organization, supporting stakeholders in understanding and following security requirements.
- Maintain documentation and evidence required for compliance, audits, and reporting.
- Establish and track security KPIs and KRIs to monitor the effectiveness of the security program.
Requirements
- Strong experience in information security, cybersecurity, or security governance, including leadership or ownership of security programs in global organizations.
- Proven experience owning and managing an ISO 27001 certification program and working with security audits.
- Strong understanding of security architecture and controls, including areas such as network security, SIEM monitoring, vulnerability management, and cloud security.
- Solid knowledge of modern cyber threats, hacking techniques, and data exfiltration risks, and how to mitigate them.
- Experience managing security compliance frameworks, risk management processes, and security governance programs.
- Ability to balance security requirements with business needs in a fast-moving and client-focused environment.
- Strong stakeholder management and communication skills, including the ability to work with both technical and non-technical teams.
- Education & Certifications
- University degree in Cybersecurity, Information Technology, or a related field.
- Relevant certifications such as CISSP, CISM, CEH, or similar.
- Audit-related certifications such as ISO 27001 Lead Auditor or CIA are a plus.
Benefits
- Full-time contract.
- Hybrid work model (Warsaw).
- Medical healthcare and Multisport card.
- Stable employment and professional growth in an international environment.
- Opportunity to shape and further develop the company’s global information security program.
- Friendly and open-minded teams.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
IT - Systemadministrator managing network infrastructure and security solutions for MONTANA. Responsible for optimizing firewalls and coordinating IT projects with external partners in a growing energy company.
Senior IT - Security Manager responsible for IT security and compliance in Hamburg office. Overseeing development, implementation, and continuous improvement of information security management systems.
EHS&S Specialist managing compliance and data systems for global animal - health services. Ensuring EHS standards and documentation across North America locations with hybrid work model.
Senior Manager, IAM Control Assurance supporting identity and access management compliance within a global financial organization. Collaborating with cross - functional teams for regulatory and audit compliance.
Senior Security Engineer focusing on application security for Relativity software products. Collaborating with teams to implement security best practices and address security vulnerabilities.
Senior Security Analyst supporting Certification and Assurance at Mastercard. Managing certifications and conducting control testing against various security standards and frameworks.
Senior Information Security Engineer designing and maintaining security solutions for Utica National Insurance Group. Collaborating across teams to defend against cyber threats and ensure compliance.
Program Manager driving strategic alignment and overseeing enterprise - wide transformation programs at St Vincent's Health Australia. Leading cross - functional teams and ensuring programs deliver value within scope and timelines.
Cloud Security Architect shaping security architecture for scalable cloud solutions at GRAYOAK. Collaborating with cross - functional teams to ensure secure software development and architecture.