Information Security Officer (ISO)

About Us

ERGO Technology & Services S.A. (ET&S S.A.) was established in January 2021 following the integration of ERGO Digital IT and Atena into one entity, leveraging both companies’ strengths and best practices. As a part of ERGO Technology & Services Management AG, the technology holding of ERGO Group AG, we support millions of internal and external customers with state-of-the-art IT solutions to everyday problems.

In October 2022, ET&S S.A. expanded its scope of operations by creating a Business Services unit to contribute in a new way to the growth of ERGO’s business. Acting as a co-partner and internal consultant, it adds non-IT value and supports the development of the entire ERGO Group, currently offering skills in reporting, analysis, actuarial, and input management. We are committed to fostering innovation and meeting the evolving needs of our clients worldwide.

Discover how we implement AI, IoT, Voice Recognition, Big Data science, advanced mobile solutions, and business-related services to anticipate and address our customers’ future needs.

About the role

The Information Security Officer supports the development, maintenance, review and improvement of the strategic information security plan and risk management across the organisation, as well as supporting ERGO Group's global activities in this area.

How you will get the job done

• ensuring that Information Security requirements are effectively implemented and adapted
• ensuring that Information Security norms and procedures are effectively implemented and adhered to
• identifying local regulatory and entity-specific requirements on Information Security, and adopt them
• ensuring a proper identification and management of Information Security risks on entity level
• ensuring adherence to Information Security requirements and proper management of Information Security risks in projects and third-party relationships
• designing and implementing Information Security awareness measures and monitor their effectiveness
• providing guidance and support to the local management and staff on the implementation of security requirements, assessment and management of Information Security risks
• taking part in task forces, providing an opinion on the risk
• authorizing or obtaining appropriate authorization from senior management
• supporting in timely evaluating business and financial impact from the affected legal entities for major incidents
• planning, coordinating, performing and reporting 2nd Line reviews

Skills and experience you will need

• fluency in English (C1)
• completed university degree, preferably in information technology (IT) or business information systems technology
• at least 7 years of operational experience in the 1st, 2nd and/or 3rd LoD for information security and information technology
• expertise in relevant security standards and Frameworks (e.g. NIST, ISO 2700x, COBIT)
• certified at least in one of the following areas: information security management, information risk management or IT auditor (e.g. ISO, CISSP, CISM, CRISC, CISA)
• knowledge of relevant legislative or regulatory requirements in area of information security and IT
• experience in data analysis and performance reporting at various management levels (including executive level)
• experience working with various international stakeholders
• excellent analytical thinking skills and attention to detail
• very high level of commitment, results and performance orientation
• experience managing multiple objectives, schedules and deliverables
• experience working in teams located in multiple locations
• excellent negotiation, decision-making, communication and training skills
• knowledge of supervisory regulations and recommendations of the KNF and/or FSC for the insurance market sector
• knowledge of the ISO 31000 family of standards
• understanding of the IT services industry and a statement in IT risk management

Nice to have

• operational experience in working for an IT Service Provider
• knowledge of supervisory regulations and recommendations of the BaFin for the insurance market sector

Perks & Benefits

Let's be healthy

Medical package, sports card, and numerous sports sections – these are some of the benefits that help our employees stay in good shape.

Let's be balanced

Work-life balance is a key aspect of a healthy workplace. We offer our employees flexible working hours, a confidential employee assistant program, as well as the possibility of remote working. However, staying at home with our in-office gaming room and dog-friendly office in Warsaw won’t be easy.

Let's be smart

We organize numerous workshops and training courses. Thanks to hackathons and meetups, our specialists share their expertise with others. Additionally, we have a wide range of digital learning platforms and language courses.

Let's be responsible

Each year, we participate in several CSR activities, during which, together with our colleagues, we do our best to create a better future.

Let's be fun

Company-wide bike races and soccer matches, film marathons in our cinema room or other engaging team-building activities – we got it covered!

Let's be diverse

Every team member is valued, regardless of gender, nationality, religious beliefs, disability, age, and sexual orientation or identity. Your qualifications, experience, and mindset are our greatest benefit!