Security Service Manager

For Digital Hub Warsaw, we are looking for:

Security Service Manager

You will be responsible for ensuring internal and external IT-Services, delivered in compliance with the global security requirements. The position is in the “Cyber Security Risk Management” of Bayer and belongs to the Security Alliance Team. The position holder takes over the role as Security Service Manager with a strong focus on reviewing and ensuring IT-Services are delivered compliant with all security requirements. The candidate will collaborate with internal and external IT partners on global level, analyze security related reports, KPI, SLA and additional information on IT-Security in strong alignment with internal Cyber Security Experts.

Key Tasks & Responsibilities:

• Partner with Cyber Security Risk Management stakeholders, Information Technology (IT) and Services partners to ensure IT Services are delivered compliant to defined Security requirements.

• Partner with internal and external providers to ensure security controls are in place and enforced.

• Collaborate with IT Management, Service Delivery and Provider Management to ensure the monitoring and remediation of security capabilities and controls within expected SLA’s and parameters

• Regularly check and validate security related reports to identify security gaps, anomalies & areas of improvements.

• Update job knowledge constantly by tracking and understanding emerging security technologies, solutions, practices, and standards, participating in educational opportunities, reading professional publications.

• Update job knowledge constantly by tracking and understanding the Threat Landscape for Enterprise IT and Cloud Services.

• Manage IT Security, legal and regulatory risks by performing IT Security Risk Assessments and recommending the appropriate security controls to service providers to address the gaps that are not in line with Bayer Policies and regulatory requirements.

• Provide support and recommendations for the selection, security review, and lifecycle management of third-party services, products, and solutions; Provide IT Security consulting services to stakeholders, IT, Business Teams, and projects.

• Contribute to translation of security risks resulting from usage of information technology which are internally and externally regulated into the digital environment.

• Understanding of emerging technologies in IT such as a Cloud Platform as well as the associated security risks.

Qualifications & Competencies (education, skills, experience):

• Bachelor’s degree with 5 years of relevant Information Technology/Security experience or 7 years of relevant Information Technology/Security experience;

• Strong foundational knowledge of all domains of security and Enterprise IT solutions;

• Good analytics skills and ability to assess complex IT environments

• Experience in multi-provider managed IT-Environments

• Possess clear understanding of security methodologies and standards and have experience with software and security architectures.

• Knowledge of cloud networking architecture, cloud operations, security concepts and solutions.

• Experience with reviewing network, firewall and endpoint architectures, configurations, policies, procedures, and technical capabilities as well as physical devices such as servers and IoT.

• Solid understanding of Service Management and ITIL Processes (Incident-, Problem-, Change- & Request-Management) and Tools (ServiceNow).

• Solid understanding of NIST (National Institute of Standards and Technology) and ISO (International Organization for Standardization) standards.

• Strong collaboration, negotiation and consulting skills and ability to work in cross-functional and global environments.

• Good knowledge and ability to develop and maintain open and honest business relationships with internal and external stakeholders.

• High degree self-learning and self-motivation.

• Ability to take action for continuous improvement

• Experience with working in intercultural teams and environments.

• Negotiation-level English skills; German language skills is a plus.

• Certifications in any of the following is a plus – CISSP, CCSP, ISSAP, ISSEP, ISSMP, CISM, CISA 

What do We offer:

• A flexible, remote-hybrid work model

• Great workplace in a new modern office in Warsaw

• Career development, 360° Feedback & Mentoring programme

• Wide access to professional development tools, trainings, & conferences

• Company Bonus & Reward Structure

• VIP Medical Care Package (including Dental & Mental health)

• Holiday allowance (“Wczasy pod gruszą”)

• Life & Travel Insurance

• Pension plan

• Co-financed sport card - FitProfit

• Meals Subsidy in Office

• Additional days off

• Budget for Home Office Setup & Maintenance

• Access to Company Game Room equipped with table tennis, soccer table, Sony PlayStation 5 and Xbox Series X consoles setup with premium game passes, and massage chairs

• Tailored-made support in relocation to Warsaw when needed

• Please send your CV in English