Your daily tasks:
* Identifying, assessing, and monitoring risks related to IT, cybersecurity, data protection, and business continuity.
* Advising cross-functional teams on risk-aware decision-making in projects and operations.
* Coordinating audits, security reviews, compliance checks, and data protection impact assessments (DPIAs).
* Overseeing implementation and tracking of security, IT, and data governance controls.
* Maintaining risk registers, control matrices, and mitigation plans.
* Managing third-party risk through vendor assessments and reviews.
* Ensuring compliance with relevant standards and regulations (e.g., ISO 27001, GDPR, NIST).
* Supporting and coordinate incident response, including internal communication during critical events.
* Leading post-incident reviews and ensure integration of findings into risk management plans.
* Acting as liaison between Security, IT, Legal, and Executives during high-impact incidents.
Nice to have:
* Proven experience in cybersecurity, IT governance or enterprise risk management.
* Familiarity with security frameworks (ISO 27001, NIST CSF, SOC 2) and risk management standards (e.g. ISO 31000).
* Understanding of security controls in cloud, endpoint, infrastructure and application environments.
* Experience participating in or coordinating security incident response efforts.
* Ability to assess business impact during security events and help prioritize response actions.
* Familiarity with incident response processes, escalation paths and post-incident reviews (RCA, lessons learned).
* Comfortable working under pressure and facilitating structured communication between stakeholders during incidents.
* Understanding of incident lifecycle, from detection to containment, recovery and root cause analysis.
* Excellent communication skills – ability to work across departments and present risk contextually.
* Comfortable with documentation, controls tracking, audit evidence and policy management.
* Solid understanding of GDPR and other data protection regulations.
* Very good command of English.
What we can offer:
* A wide array of benefits: private medical care, life insurance, pro-health campaigns, gifts for different occasions.
* An outstanding work atmosphere in a highly-skilled team of professionals, with flexible working hours, no dress code, and full support of the dedicated HR Business Partner.
* Many opportunities for personal development: a dedicated development budget for each employee, extra two paid days for training and CSR, stable career paths, extensive internal and external training, and financing of English and Polish language classes.
* State-of-the-art offices filled with chillout zones, a fully equipped kitchen, a gym (Wrocław office), and a free car park (Warsaw limited amount of space).