CRYP Senior Controls SME

Our requirements

• Technical Background: Strong understanding of technology security principles (cryptography knowledge strongly preferred or ability to learn quickly)
• Risk & Controls Expertise: Hands-on experience with governance frameworks and risk management processes
• Communication & Leadership: Ability to translate complex technical security concepts for senior non-technical stakeholders
• Stakeholder Management: Proven track record managing relationships with compliance, audit, business units, and regulators
• Problem-Solving: Skilled at identifying control gaps, defining remediation plans, and streamlining processes collaboratively
• Excellent verbal and written English communication

Optional

• Familiarity with Helios, WoW documentation, and internal control standards
• Knowledge of financial services risk and control practices
• Experience in cybersecurity environments or cryptography-driven projects

Your responsibilities

• Controls Governance: Maintain cryptographic controls within the Risk Control Framework and review key governance documents (WoW, Helios updates)
• Continuous Monitoring: Evaluate control effectiveness, review Mandatory Procedures (MPs) and Operating Instructions (OIs), and ensure ongoing improvements
• Risk & Compliance: Ensure that cryptography policies align with regulatory frameworks and internal audit requirements
• Stakeholder Engagement: Act as the primary contact for control queries, collaborate with risk owners, 2LoD/3LoD reviewers, and regulators
• Reporting: Manage and track key metrics (KCIs, KRIs, GRAS) to inform senior management, audit, and compliance
• Cross-Team Collaboration: Engage with multiple control owners to manage dependencies and ensure consistent risk mitigation strategies
• Training & Awareness: Develop training materials and awareness programs to promote adoption of cryptography control policies globally
• Note: Detailed project information will be shared during the recruitment process.

About the project

This is how we organize our work

This is how we work on a project

• Continuous Deployment
• Continuous Integration

What we offer

• Flexible cooperation model – choose the form that suits you best (B2B, employment contract, etc.)
• Hybrid work setup – remote days available depending on the client’s arrangements – 6 days a month from the office in Kraków
• Collaborative team culture – work alongside experienced professionals eager to share knowledge
• Continuous development – access to training platforms and growth opportunities
• Comprehensive benefits – including Interpolska Health Care, Multisport card, Warta Insurance, and more
• High quality equipment – laptop and essential software provided

Benefits

• sharing the costs of sports activities
• private medical care
• sharing the costs of professional training & courses
• life insurance

Mindbox Sp. z o.o.