Security Risk Officer

Your daily tasks: * Identifying, assessing, and monitoring risks related to IT, cybersecurity, data protection, and business continuity. * Advising cross-functional teams on risk-aware decision-making in projects and operations. * Coordinating audits, security reviews, compliance checks, and data protection impact assessments (DPIAs). * Overseeing implementation and tracking of security, IT, and data governance controls. * Maintaining risk registers, control matrices, and mitigation plans. * Managing third-party risk through vendor assessments and reviews. * Ensuring compliance with relevant standards and regulations (e.g., ISO 27001, GDPR, NIST). * Supporting and coordinate incident response, including internal communication during critical events. * Leading post-incident reviews and ensure integration of findings into risk management plans. * Acting as liaison between Security, IT, Legal, and Executives during high-impact incidents. Nice to have: * Proven experience in cybersecurity, IT governance or enterprise risk management. * Familiarity with security frameworks (ISO 27001, NIST CSF, SOC 2) and risk management standards (e.g. ISO 31000). * Understanding of security controls in cloud, endpoint, infrastructure and application environments. * Experience participating in or coordinating security incident response efforts. * Ability to assess business impact during security events and help prioritize response actions. * Familiarity with incident response processes, escalation paths and post-incident reviews (RCA, lessons learned). * Comfortable working under pressure and facilitating structured communication between stakeholders during incidents. * Understanding of incident lifecycle, from detection to containment, recovery and root cause analysis. * Excellent communication skills – ability to work across departments and present risk contextually. * Comfortable with documentation, controls tracking, audit evidence and policy management. * Solid understanding of GDPR and other data protection regulations. * Very good command of English. What we can offer: * A wide array of benefits: private medical care, life insurance, pro-health campaigns, gifts for different occasions. * An outstanding work atmosphere in a highly-skilled team of professionals, with flexible working hours, no dress code, and full support of the dedicated HR Business Partner. * Many opportunities for personal development: a dedicated development budget for each employee, extra two paid days for training and CSR, stable career paths, extensive internal and external training, and financing of English and Polish language classes. * State-of-the-art offices filled with chillout zones, a fully equipped kitchen, a gym (Wrocław office), and a free car park (Warsaw limited amount of space).