About the Role
<p><span><strong>Your responsibilities:</strong></span></p><ul><li><p><span>Act as a Group technical authority for ICT regulatory compliance (e.g. DORA, GDPR, PSD2, EBA guidelines).</span></p></li><li><p><span>Ensure ongoing alignment of the ISMS with legal, regulatory and contractual obligations.</span></p></li><li><p><span>Perform ICT compliance assessments, control effectiveness reviews and maturity evaluations.</span></p></li><li><p><span>Identify compliance gaps and prioritise remediation actions in cooperation with IT, Risk and Security SMEs.</span></p></li><li><p><span>Define, monitor and report compliance KPIs and KRIs at Group and local level.</span></p></li><li><p><span>Act as Security Business Partner for the local market (Poland) and single point of contact for Information Security.</span></p></li><li><p><span>Advise senior management on ICT and third party risk, control deficiencies and remediation plans.</span></p></li><li><p><span>Provide senior oversight of major ICT and cyber incidents, including escalation, regulatory notification and post incident reviews.</span></p></li><li><p><span>Lead interaction with local regulators and supervisory authorities on security related matters.</span></p></li><li><p><span>Promote a strong cybersecurity and risk aware culture within the local organisation.</span></p></li></ul><p></p><p><span><strong>Our requirements:</strong></span></p><ul><li><p><span>Proven experience in ICT security, technology risk and regulatory compliance within financial services.</span></p></li><li><p><span>Strong knowledge of DORA, GDPR, PSD2, EBA guidelines and ICT risk frameworks.</span></p></li><li><p><span>Hands on experience with ISMS design, implementation or oversight.</span></p></li><li><p><span>Ability to interpret regulatory requirements and translate them into practical controls.</span></p></li><li><p><span>Strong understanding of ICT, cloud, outsourcing and third party risk.</span></p></li><li><p><span>Experience engaging with senior management, regulators and auditors.</span></p></li><li><p><span>Very good spoken and written English (additional languages an advantage).</span></p></li></ul><p></p><p><strong>What we can offer:</strong></p><ul><li><p>Stable employment – 93% of people are employed under an employment contract for an indefinite period.</p></li><li><p>Safety – we have been on the Polish market for 29 years.</p></li><li><p>Friendly work environment – we have received the Top Employer award 13 times in a row.</p></li><li><p>Hybrid work – we usually meet in the office twice a week (Dworzec Gdański metro station).</p></li><li><p>Extra 3 days of paid leave – if you use all your leave in a given calendar year.</p></li><li><p>Private medical care with appointment guarantee service (Medicover).</p></li><li><p>Full implementation under the supervision of a mentor, including a package of professional implementation training.</p></li><li><p>Access to the development platform, including e-learning training, podcasts and webinars.</p></li><li><p>Activities supporting development in the organization, e.g. the "Effective Manager" training series for people holding managerial positions.</p></li><li><p>Business telephone (also for private use).</p></li><li><p>Access to the ProviBenefity cafeteria platform, which is supplied with a monthly amount to be used, or subsidies for your Multisport card - you choose from 5 types of cards.</p></li><li><p>Life insurance (UNUM Życie TUiR S.A.) on preferential terms.</p></li><li><p>Christmas benefits and co-financing for the "Holidays under the pear tree" holiday for you and your children.</p></li><li><p>Psychological support for employees, including: care of a psychologist (including children's), psychotherapist, dietician, coaching.</p></li></ul>