Information Security Analyst Ref. No: 7787

The Security Architect position is part of the Global Information Security (GIS) organization within Information Technology.  The position has global responsibility for developing and sustaining the secure architecture and design of company's IT infrastructure and reports to the Manager of Security Architecture. This position will assist in defining strategic information security directions and following through on implementations across the organization.

Region: Kraków, małopolskie

---

Requirements:

Knowledge and Experience:

• Technical Degree or equivalent experience
• 6+ years of Information Security experience required
• 2 years of infrastructure experience is required
• (ISC)² or ISACA Security certification would be strongly recommended
• Well-established IT Security experience, technical design and blueprinting
• In-depth knowledge of firewalls and supporting hardware and software, working knowledge of host and network-based intrusion detection technologies, experience with both commercial and underground vulnerability scanning tools, experience with maintaining a SIEM, Information Security Software/Console management
• Hands-on experience with cyber security techniques, information security techniques in Cloud environments,  and social engineering concepts
• Ability to understand a broad variety of systems
• Ability to produce, modify and utilize tools utilizing dominant scripting technologies
• Solid analytical and problem-solving skills with the ability to formulate security solutions based on business requirements
• Requires strong reporting skills and great attention to detail
• Customer focus with strong communication skills
• Ability to work under pressure from both an internal and external environment
• Excellent verbal and written communication in English, any other European language would be an advantage
• Accuracy, dependability, timeliness and completeness of assigned work

---

Responsibilities:

Key Accountabilities:

• Work with various departments such as Legal, HR, Audit and Finance, as well as in close cooperation with our businesses to develop, implement and maintain Information Security architectures, policies, standards 
• All company employees and contractors in all facilities across all businesses that require network, systems or data access
• External partners that access systems, such as customers or vendors
• External partners that provide IT services

 

Key Challenges:

• Perform risk assessments for all IT projects to maintain alignment with Global Information Security policies and standards
• Consult on projects that need security technical expertise to maximize their success and achieve Security approval for project state changes
• Perform high-level application security analysis and consulting
• Perform high-level security analysis and consulting for cloud infrastructures
• Perform high-level security analysis and consulting for manufacturing operational technologies
• Lead technical projects aligned with the security program and vision
• Communicate and coordinate with other architecture groups and business units
• Develop high-level strategic plans and roadmaps
• Develop long-term threat horizons and roadmaps
• Research and write GIS Technical Security Standards, Guidelines and review policies for all areas of information security
• Provide technical expertise as part of Cyber Incident Response
• Keep up to speed with Cyber Security trends and implement and automate
• Participate in on-call duties as necessary within the global team structure

Scope: 

Assist all functions and departments within the enterprise to manage risk in a secure manner within an assigned process. Create new guidelines and follow the existing ones; use existing solutions to resolve problems within/beyond your scope, if no existing solution is in place, recommend industry standard to fill the gap. Work independently via collaboration/knowledge share with team members, as well as other IT departments. Project work – act as a track leader and key Information Security resource. Audit work in a daily/monthly cycle. Create, innovate, challenge and implement Information Security’s, as well as other departments’ processes.

---