Head of Security

The Head of Security will be responsible for developing, implementing, and continuously improving the organization's information security, cyber resilience, risk management, and compliance capabilities. The successful candidate will play a key leadership role in ensuring alignment with NIS2 requirements while establishing governance frameworks for the secure adoption of Artificial Intelligence technologies. 

This position reports directly to IT Director and works closely with IT Teams, Legal and Business stakeholders. 

Key responsibilities:

• Define and execute the organization's cybersecurity strategy and roadmap. 

• Lead the development and maintenance of security policies, standards, and procedures. 

• Ensure compliance with NIS2 and other applicable cybersecurity, privacy, and regulatory requirements. 

• Establish and oversee cybersecurity governance, risk management, and reporting processes. 

• Manage security incident response, crisis management, and cyber resilience programs. 

• Oversee vulnerability management, threat detection, and security monitoring activities. 

• Lead third-party risk management and supplier security assessments. 

• Collaborate with business leaders to integrate security into digital transformation initiatives. 

• Develop and maintain security awareness and training programs. 

• Define and monitor security KPIs and executive-level reporting. 

• Advise senior leadership on emerging cyber threats, regulatory developments, and strategic risks. 

AI governance and security responsibilities: 

• Develop and maintain governance frameworks for the security at Group 

• Establish policies for AI adoption, risk assessment, data protection, model governance, and ethical AI usage. 

• Assess security and compliance risks associated with Data.

Required qualifications:

• 5+ years of experience in cybersecurity, information security,  

• Proven leadership experience managing security programs and cross-functional teams. 

• Strong understanding of cybersecurity frameworks such as ISO 27001, NIST, CIS Controls, and related standards. 

• Demonstrated experience implementing or supporting compliance with NIS2 or similar regulatory frameworks. 

• Experience managing security within Microsoft-centric environments, including:  

  • Microsoft 365 

  • Microsoft Azure 

  • Microsoft Defender  

  • Microsoft Sentinel 

• Strong knowledge of cloud security, identity and access management, security operations, and incident response. 

• Experience presenting security strategies and risk assessments to executive leadership and boards. 

• Excellent communication and stakeholder management skills. 

Preferred qualifications:

• CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor, or equivalent certifications. 

• Experience leading security transformation programs. 

• Familiarity with AI governance frameworks and standards. 

• Experience with Microsoft Security Copilot,  

• Knowledge of European cybersecurity regulations and digital resilience requirements. 

What we offer:

• Opportunity to work with modern Microsoft security technologies.

• Participation in large-scale cloud and security transformation projects.

• Professional development and certification support.

• Competitive salary and benefits package.

• Bonuses according to the Remuneration Regulations and MBO Regulations

• Additional benefits (including Multisport card, medical insurance, lunch vouchers, Cafeteria, and others)

• Contract on B2B terms or Employment Contract

• Biannual feedback sessions

• Working hours: full-time

• Office work in Warsaw (Hybrid)

About our recruitment process:

The first stage of the recruitment process is a 1-hour online interview via the MS Teams platform. The entire recruitment process consists of several stages which we will be happy to talk about during our first meeting.

Benefit Systems International reserves the right to contact only selected candidates.