Blog
Praca IT
Governance, Risk & Compliance Specialist (IT Security Team)
Praca w miastach:Praca IT WarszawaPraca IT KrakówPraca IT WrocławPraca IT SzczecinPraca IT PoznańPraca IT LublinPraca IT KatowicePraca IT BydgoszczPraca IT ŁódźPraca IT BiałystokPraca IT ToruńPraca IT Gdańsk
Stanowiska:Grafik komputerowy pracaTester gier pracaProgramista pracaTester oprogramowania pracaFrontend Developer pracaData scientist pracaTester manualny pracaTester pracaAnalytics pracaTester aplikacji pracaProgramista java pracaWeb developer praca
Technologie i narzędzia:Python pracaCyberbezpieczeństwo pracaJava pracaBazy danych pracaCisco pracaC++ pracaJavascript pracaSQL pracaBusiness Intelligence pracaDelphi pracaWordpress pracaTestowanie aplikacji pracaC# pracaPHP praca
Specjalizacje:Devops pracaMobile pracaTestowanie pracaSecurity pracaBig data science pracaHelpdesk pracaIT admin pracaPO/PM pracaScrum master pracaUX/UI pracaAnalityka pracaSAP & ERP pracaAgile praca
Sylvamo Global Business Services Center

Sylvamo Global Business Services Center

Governance, Risk & Compliance Specialist (IT Security Team)

Offer parameters

salary not specified

contract of employment (full-time)

hybrid work
mid
valid for 24 days
(until 27 Jun)
Kraków, Lesser Poland (Poland)
Lubicz 23

Technologies we use

Expected

Microsoft Azure
Microsoft Excel

Optional

Proofpoint
Security Scorecard

Operating system

Windows

About the project

You will analyze IT Security concerns in terms of business objectives, audit recommendations and industry regulations to drive Sylvamo’s Cyber Governance program. Your primary responsibility will include developing, managing, and communicating IT/Cyber policies and standards in support of industry and regulatory needs as well as general IT/Cyber practices. You will have a chance to use your communication skills and demonstrate the ability to build relationships within a diverse team environment. You will perform and improve the current control environment, promoting security awareness and monitoring metrics to measure control effectiveness and other projects based on specialized plans. You will help maintain standards and documentation.

Your responsibilities

  • Create and participate in the execution of self-assessments and other business assurance activities to provide a more accurate picture of criteria and gap areas against standards and expectation
  • Liaise with Legal and Compliance on various compliance, privacy and security initiatives, thus building a strong knowledge of Governance, Risk and Compliance functions
  • Assist with internal and external security reviews, audits, and controls evaluations
  • Create and execute Phishing exercises and security awareness communications
  • Develop and enhance Cyber Security training
  • Provide input to the company risk management process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and training materials)
  • Lead meetings with business partners to ensure remediation efforts adhere to corporate standards and policies
  • Provide expert level analysis/validation of remediation actions taken, opportunities for improvements and out of the box thinking for optimizations and solving roadblocks
  • Create reports and dashboard to support Cyber Security metrics
  • Demonstrate flexibility to meet the needs of external and internal customers regarding changes in work volume, scheduling changes, planned and unplanned changes
  • Work as part of a team to collaborate on ideas and solutions
  • Solve challenging cases while providing high level platform uptime and availability

Our requirements

  • Bachelor’s Degree in Information Technology, Information Security/Assurance, Computer Science, Engineering, or related field of study, or any combination of relevant equivalent experience, education and training
  • 3+ years of overall IT work experience (with at least 3 years in an Information Security role)
  • Proven leadership skills with the ability to manage conflict, deal with ambiguity, negotiate and make timely decisions
  • Advanced understanding and practical application experience in Governance, Risk & Compliance and Security related technologies and services
  • Experience with Security Awareness, policy creation and phishing concepts
  • Understanding of a variety of technical concepts such as: networking, system administration, application development, cloud computing and IT Security best practices
  • Ability to assess and communicate risk within a business context and to provide concise business communication for multiple levels (management, technical, and user)
  • Experience with data analytics with the ability to provide qualitative analysis and recommendations
  • Strong attention to detail, data accuracy, and data analysis
  • Self-motivation with a high level of integrity and a high sense of urgency
  • The ability to learn and apply new concepts quickly
  • Comfort in dealing with internal or external organizations regarding security policy and standards violations, security controls failure and incident response situations

    Optional

  • Security Certification preferred: CISSP, CISM, GIAC or CISA or similar

Division of working time

  • 50%
    Security consulting & assesment
  • 30%
    Analysis (e.g. configure phishing, reporting, metrics)
  • 10%
    Security Awareness Content development
  • 10%
    Compliance and Privacy

This is how we organize our work

This is how we work

in houseyou develop several projects simultaneouslyyou have influence on the choice of tools and technologiesagile
Company Image

Benefits

  • sharing the costs of sports activities
  • private medical care
  • sharing the costs of foreign language classes
  • sharing the costs of professional training & courses
  • remote work opportunities
  • integration events
  • corporate library
  • coffee / tea
  • leisure zone
  • extra social benefits
  • pre-paid cards
  • sharing the costs of tickets to the movies, theater
  • holiday funds
  • sharing the costs of holidays for kids
  • christmas gifts
  • sharing the costs of a streaming platform subscription
  • employee referral program
  • charity initiatives
  • family picnics

Recruitment stages

  • 1.
    SENDING THE APPLICATION ONLINE
  • 2.
    PHONE CALL IN ENGLISH
  • 3.
    INTERVIEW (OFFLINE/ONLINE)
  • 4.
    2ND INTERVIEW (ONLINE)
  • 5.
    DECISION

Sylvamo Global Business Services Center

At Sylvamo, we’re a team on a mission. When you work for us, you’ll be helping to sustain and renew ecosystems, while delivering on the promise of paper to educate, communicate and entertain the world. We are the world’s paper company. Our purpose is to produce the paper the world relies on in the most responsible and sustainable ways. Come grow with us.
I apply to:
Sylvamo Global Business Services Center
Sylvamo Global Business Services Center
Kraków, Lubicz 23, Lesser Poland (Poland)
Pracodawca zbiera zgłoszenia przez swój system. Przejdziesz na jego formularz.

Klikając w przycisk „Aplikuj” potwierdzasz, że zapoznałeś(-łaś) się i akceptujesz Regulamin serwisu.

Grupa Pracuj S.A. jest administratorem Twoich danych m.in. dla celów świadczenia Ci usług w the:protocol oraz w celach analitycznych i marketingowych. Jeżeli masz pytania lub chcesz skorzystać ze swoich praw (dostępu do danych, ich sprostowania, usunięcia, ograniczenia przetwarzania, przeniesienia, sprzeciwu lub skargi do PUODO), skontaktuj się z nami: [email protected] lub z naszym inspektorem ochrony danych: [email protected]. Więcej informacji w Polityce Prywatności.

Wszystkie informacje o przetwarzaniu danych osobowych w tej rekrutacji znajdziesz w formularzu aplikacyjnym, po kliknięciu w przycisk "Aplikuj Teraz".

Need more information?

You can ask the recruiter a casual question. You will receive a reply within three business days.

Check first if the answer to your question is not already in the body of the offer.
An employer may not respond to your question, particularly if there are less than 3 business days remaining before the offer ends.

Wybraliśmy dla Ciebie