Full-Time IT Security Governance Engineer

We are seeking an IT Security Governance Engineer to join our Global Security Team as a replacement for a period of 18 months.

Ideal candidate will have a background in security, testing, vulnerability management, workload coordination, audits, procurement and security trainings.

Familiarity with technologies like JIRA, KnowBe4, SAP, M365 would be desirable.

Strong experience with Office Package is mandatory.

Key Responsibilities:

1. Security Awareness:
   • Development and oversight of the whole Security Awareness Program.
   • Preparing training and phishing campaigns and materials.
   • Reconciling them in accordance with the training schedule.
   • Preparing on-demand, monthly, quarterly, and annual reports.
   • Administrative support and maintenance of the security training platform.
   • Assisting other teams with the use of the platform.
2. Security Tests:
   • Development and oversight of whole Security Testing stream.
   • Managing the penetration testing process.
   • Scheduling tests with external companies.
   • Supervising the execution of tests.
   • Overseeing the remediation of identified vulnerabilities.
   • Approving or rejecting production deployments.
   • Reconciling test costs.
   • Managing the Bug Bounty program.
   • Handling periodic vulnerability scans.
3. Procurement:
   • Managing the SAP system.
   • Preparing purchase requests and reconciling invoices.
   • Describing invoices according to the budget line.
   • Cooperation with Purchasing, Controlling and Invoicing departments.
   • Security costs allocation and re-invoicing.
4. Third-Party Risk Management (TPRM):
   • Reviewing supplier contracts.
   • Completing security questionnaires for external entities.
5. Security workflow coordination and communication:
   • Co-managing the department's email inboxes and ticketing systems.
   • Coordination support for internal and external audits.
   • Preparing communication in accordance with internal communication guidelines.
   • Single point of contact for all Security communication on all Markets.

Qualifications:

• Bachelor's or postgraduate degree in computer science, Information Technology, or a comparable experience.
• 2+ years of experience in IT Security or related domain.
• Strong understanding of IT Security concepts, tools, and processes.
• Experience with security testing and vulnerability management.
• Excellent communication and collaboration skills.
• Fluent in English (B2/C1 level).
• Command of French language would be a big plus.

Nice to have:

• Experience with training campaigns, purchasing processes, executive presentations.

Benefits:

• Professional growth within the company.
• Excellent working environment.
• Flexible working hours.
• Possibility of remote work in Poland.

What is the last date for applying to the job?

Which countries are accepted for this remote job?