Senior GRC & Cybersecurity Manager

Employer requirements

• 10+ years of relevant experience in security engineering and GRC-focused security solutions development.
• Deep understanding of security standards and frameworks such as NIST, ISO 27001, CIS Controls, and industry compliance regulations (NYDFS, GDPR, HIPAA, PCI-DSS).
• Proven ability to manage complex timelines and deliverables, ensuring alignment with organizational goals and regulatory requirements.
• Strong leadership and communication skills, with a track record of engaging stakeholders and guiding security teams toward shared objectives.
• Preferred Certifications: CISSP, CISM, CISA, GIAC, CEH, CRISC.

Your responsibilities

• We are seeking a seasoned GRC leader with deep expertise in global cybersecurity frameworks, regulatory compliance, and risk management. The ideal candidate will be a strategic thinker and hands-on contributor, capable of driving security initiatives across diverse regions and jurisdictions.
• Strong command of internationally recognized GRC frameworks such as ISO 27001, NIST CSF, and COBIT, with proven ability to harmonize technical and administrative controls across multiple regulatory environments and audit regimes worldwide.
• Extensive experience with global regulatory frameworks and standards, including GDPR (EU), PCI-DSS, SOC 2, SOX, and other regional data protection and cybersecurity laws (e.g., APAC, LATAM). Must stay current with evolving international compliance obligations and cross-border data transfer requirements.
• Demonstrated ability to lead cross-functional teams across geographies, mentor global security professionals, and serve as a subject matter expert in security technologies, tools, and frameworks. Exceptional communication skills to engage effectively with technical and non-technical stakeholders in multicultural settings.
• Drive Global Security Awareness Programs: Develop and implement security awareness initiatives tailored to diverse cultures and languages, ensuring employees worldwide understand phishing risks, data protection practices, and compliance responsibilities.
• Support SOX Compliance Across Regions: Oversee implementation and testing of IT General Controls (access reviews, change management, segregation of duties) for international systems. Ensure timely evidence collection and remediation to meet audit and IPO readiness requirements.

What employer offers

• Annual bonus: 10-15%
• Private medical care
• Life insurance
• Multisport
• Opportunity to work in a large organisation within the business services industry.
• Permanent role based in Gdańsk with a focus on innovation and security.
• A supportive and collaborative company culture.

Recruitment for