We are VML Enterprise Solutions - a group of talented engineers, tech experts, and creators who combine our passions and contribute to the IT world. You may know us better as Wunderman Thompson Technology – in 2024 we changed our name, but at the same time, we remained a great team of people who deliver our best. We design, build, manage and run complex technology platforms and help our clients to benefit from our work and creativity.
The opportunity
We are seeking a diligent and detail-oriented Information Security & Privacy Specialist to join our team. The role will be responsible for identifying, assessing, and mitigating risks related to information security and privacy, and will focus on protecting data, ensuring compliance with relevant regulations, and implementing security measures to prevent security incidents. The ideal candidate will have ability and proficiency in information security and privacy principles and a willingness to learn and grow in the field.
What you’ll get to do:
- Understand processes and procedures used within the organisation’s information security and privacy framework to safeguard the organisation's infrastructure, applications, and data.
- Support company in maintaining the SOC2 certificate and other departments in following the standard.
- Perform annual reviews of local processes and ensure compliance with SOC2 and group standards.
- Propose changes to information security and privacy policies and procedures to ensure continuous improvement.
- Respond to queries from the business and stakeholders on privacy and information security related matters.
- Respond appropriately to security incidents, under the guidance of senior team members.
- Provide support during security incident response activities, including investigations, analysis, and resolution of security incidents.
- Conduct internal audits/assess potential risk to ensure compliance with information security and privacy processes and standards, identifying gaps and recommending improvements.
- Manage relationships with local vendors, ensuring they comply with the Company's privacy and information security standards.
- Ensure compliance with local privacy and group requirements. Use Privacy Management tools to manage privacy processes.
- Provide Privacy and Information Security training and awareness programs for employees.
- Collaborate with cross-functional teams to support security initiatives and projects being undertaken.
- Stay up-to-date on the latest information security and privacy trends, and technologies to continuously improve the organisation's security posture.
- Offer guidance to less experienced members of the team.
What you should have:
- Proven experience working in information security and privacy roles, with at least 3 years of experience or any related role e.g. in IT that has experience in working with regulations and standards.
- Understanding of principles and associated technologies that are used for information security and privacy, including network, physical, cloud, application security, anonymisation and pseudonimisation
- Understanding of data privacy principles and terminology used to manage data privacy within the organisation.
- Knowledge of relevant local privacy legislation and regulatory bodies (e.g. , GDPR,UODO)
- Understanding of requirements for reporting privacy incidents and breaches to senior team members
- Good understanding of business processes and objectives
- Strong problem-solving skills and attention to detail
- Effective communication and interpersonal skills, with the ability to work effectively in a team environment and communicate technical information to non-technical stakeholders
- Eagerness to learn and explore new technologies and tools relevant to information security and privacy
- Continuously seeking opportunities to pursue further education and training in information security and privacy
- Certifications such as Internal Auditor ISO27001 or Lead Auditor ISO27001 and postgraduate studies related to cybersecurity or privacy are welcome
- Relevant certifications such as CompTIA+, ISMS IA, CIPP, CIPM or equivalent are a plus, but not required
- ITIL certifications/exposure beneficial
- Interest in a career as an information security and privacy specialist or similar role
- Effective communication skills, both written and verbal
- Active listening skills
- Ability to articulate messages to a variety of audiences
- Good stakeholder management skills
- Ability to work towards a common vision or goal
- Flexibility and adaptability; ability to work in ambiguous situations
- Resilience with a propensity to persevere
- Forward-looking with a comprehensive approach
- Organisational skills with a natural inclination for planning strategy and tactics.
- Problem-solving skills
- Ability to work effectively at all levels in an organization
- Team player approach and ability to work collaboratively with and through others
- Good understanding of organisational issues and challenges is a plus
What we offer:
- Salary depending on presented skills: X – Y PLN gross (Contract of Employment)
- Hybrid work style and flexible working hours
- Additional paid days off as an anniversary reward
- Annual bonus dependent on company profit
- Luxmed VIP package
- Cafeteria system (MyBenefit)
- Lunch compensation (Pyszne Pay)
- Budget for training and development (conferences, certifications, workshops and other)
- English lessons during work hours
- Co-financing your holidays, kindergarten, Multisport Plus, and others
- Group insurance and travel insurance
- Office and online integration events and team building activities
- Internal knowledge sharing and team initiatives
- A designated mentor supporting you through your whole career at VML
- Work equipment with delivery to your door
We are a part of VML Enterprise Solutions. Learn more about our us on dedicated social media:Instagram VML Enterprise Solutions, our LinkedIn page and YouTube channel.