Information Security Lead

About us 

bolttech is an international insurtech with a mission to build the world’s leading, technology-enabled ecosystem for protection and insurance. With a full suite of digital and data-driven capabilities, bolttech powers connections between insurers, distributors, and customers to make it easier and more efficient to buy and sell insurance and protection products.

A part of Pacific Century Group, bolttech serves customers in multiple markets across North America, Asia and Europe.

In this position you will…

Be responsible for overseeing and implementing security measures for bolttech Poland, in line with bolttech Information Security standards, policies and roadmaps.

You will be responsible for…

• Contributing to, implementing and enforcing bolttech’s information security program, aligned with bolttech’s roadmap, standards, procedures and policies.

• Working closely with bolttech’s Group Security to provide updates on current initiatives and issues concerning bolttech Poland, as well as gather relevant feedback and updates.

• Working closely with the local and Group IT teams, as well as other stakeholders, to foster a cooperative working relationship.

• Organizing and participating in security audits.

• Responding to local security incidents and breaches.

• Conducting local risk assessments aligned with bolttech’s Technology and Enterprise Risk programs.

• Staying up to date on emerging threats and security technologies.

• Developing recommendations and requirements for the security of IT systems.

• Implementing corrective and preventive actions.

• Reviewing and providing feedback on security clauses within contracts and other agreements.

For you to be successful…

…we expect you to be able to demonstrate the following key competencies:

• A solid understanding of IT systems, security protocols, and the ability to align security measures with overall business objectives.

• Strong ability to lead cross-functional complex projects, and make decisions based on risk management principles.

• Knowledge of cloud security, information systems and application security.

• You work successfully with all business functions to drive implementation of new approaches and technologies.

• You feel the need to be challenged and you are driven to reach your full potential. 

• Willingness to work outside standard business hours.

• Knowledge of cybersecurity frameworks, incident management, and vulnerability assessment.

• You are eager to be part of an international project, spanning multiple regions.

You will require the following qualifications and skills

• At least 5 years of experience in cybersecurity.

• Good knowledge of security policies, standards, and regulations, such as NIST, ISO 27001/2, and PCI DSS.

• Strong project management skills.

• Up-to-date knowledge of the latest security threats and vulnerabilities, as well as emerging trends in the security industry.

• Good technical knowledge of security technologies and tools.

• Strong analytical skills and the ability to effectively manage security risks within an organization.

• Relevant certifications such as CISSP, CISM, CISA, or CRISC.

• Understanding of current technology and regulatory trends affecting information security programs.

• Demonstrated exceptional written and verbal English communication skills, including the ability to explain complex technical issues to non-technical stakeholders and collaborate with different departments and levels of an organization.

Our values