![Philip Morris International](https://contents.bebee.com/companies/pl/philip-morris-international/avatar-IhM9F.png)
Information Security Engineer Assessments
1 miesiąc temu
We're totally transforming our business and building our future on smoke-free products with the power to deliver a smoke-free future.
With huge change, comes huge opportunity.So, wherever you join us, you'll enjoy the freedom to dream up and deliver better, brighter solutions and you will have the space to move your career forward in many different areas/directions.
IT at PMIPMI's journey to a smoke-free future implies a shift from a tobacco manufacturer to a science and technology-based consumer facing organisation.
Such a shift creates an abundance of outstanding and transformative IT projects to match all levels of skills and ambitions.
You'll feel like you're working in a start-up – with the freedom to shape and define the future of digital, but with the support and scope of a vast global business.
You'll get a chance to work with ground breaking technologies (e.g., Cloud, APIs, AI) as well as management practices (e.g., Agile, Design Thinking, Product Management).
Our environment is fast-paced and highly collaborative.If you want the freedom to find new ways to connect with consumers, there's no better place to progress your career.
Digital at PMI is dynamic and diverse.Join us and become a part of a top talent team where you can bring new insights to life in a global function that is a key driver of the success of our business.
IT HUB KrakowWith a team of over 300 and more than 20 nationalities, the IT HUB Krakow plays a critical role in creating a smoke-free future around the world.
Become a part of a team of engineers, technicians, experts, IT freaks, researchers and innovators and create new IT work standards with usJoining Information SecurityRunning at the forefront of PMI's Digital Transformation, Information Security offers guidance, solutions and advisory all across PMI, supporting our secure journey towards a smoke-free future.
Our scope ranges from security assessments, architecture, governance and risk advisory, through resilience, cyber threat intelligence and incident response, to supporting PMI Functions, Markets, and Platforms (e.g. Finance, People & Culture, Operations, Consumer or Product) and building an organizational security culture.JOIN USWHO ARE WE LOOKING FOR?
Proven experience, preferably in a large organization or consulting companies, in at least one of the areas:o
IT assurance: IT security, IT risk management, IT audit, IT controls,o
offensive security: ethical hacking, penetration testing, vulnerability assessment, red teamingosecure software development: S-SDLC, DevSecOps
- Professional certifications in at least two of the following domains:oIT systems security and auditing (e.g. CISA, CISSP, CRISC, CISM)ocloud technologies (e.g. AWS, Azure, Salesforce)oethical hacking (e.g. OSCP, GIAC Penetration Tester, CEH)
- Proven track record in performing IT security assessments or IT audits for large scale solutions
- Good knowledge of typical application design patterns and their attack vectors (e.g. web, mobile, thick client, etc.)
- Strong understanding of modern application architectures including microservices, containers, APIs, serverless technologies and cloud environments
- Knowledge of basic identity and access management concepts (e.g. single-sign on, identity federation) and standards (e.g. SAML, OAuth 2.0, OpenID)
- Sound knowledge of impact and remediation techniques for vulnerabilities from and outside of OWASP Top 10
- Considerable technical writing proficiency and oral presentation skillsWHAT WE OFFER YOU
- Wide range of trainings, optional language classes, further education and professional qualification support possibility
- Private medical and dental care, life insurance
- Lunch card (Sodexo), Multisport & Cafeteria program
- Hybrid model of work and flexible working arrangements
- Employee pension plan
- Free bike and car parking for all employeesHOW CAN YOU MAKE HISTORY WITH US?
- Identify cybersecurity gaps in PMI applications and systems using a wide variety of methods, e.g. threat modeling, architecture reviews, access model reviews, configuration reviews, static and dynamic application security testing
- Evaluate the security posture of the third party solutions using TPCRM methodologies with cybersecurity focus
- Analyze the scope, methodology and results of cybersecurity activities (e.g. ethical hacking) performed by third parties around the presence of vulnerabilities in systems used or to be used by PMI
- Follow up with third parties on any inconsistency and ambiguity in the reports to have a reasonable level of assurance over security testing deliverables provided by vendors
- Describe and demonstrate identified issues in various forms (e.g. reports, technical debt definitions) and ensure that relevant collaborators understand the risk that those vulnerabilities pose to the Company
- Advise IT teams on how to replicate identified cybersecurity issues and remediate them in the most effective and cost-efficient way
- Partner with other Information Security leaders to ensure that PMI follows standard processes in the application security testing domain by continuously optimizing tools, techniques and methodologies
- Keep up to date with the constantly evolving cyber threat landscape and the latest developments in IT risk management and contribute to PMI's security standards
- Who we're looking for
IT assurance:
IT security, IT risk management, IT audit, IT controls,
offensive security:
ethical hacking, penetration testing, vulnerability Please note that only on-line applications will be taken into consideration.
Only selected candidates will be contacted#LI-Hybrid
-
Information Security
2 tygodni temu
Kraków, Lesser Poland Motorola Solutions Pełny etatJob DescriptionWe are searching for a skilled Security Risk Analyst to join our Information Security team. The Security Risk Analyst will be in charge of identifying, assessing, and mitigating potential security vulnerabilities within our products. This position requires a solid understanding of information security principles and practices, as well as the...
-
Information Security
2 tygodni temu
Kraków, Lesser Poland Motorola Solutions Pełny etatInformation Security - Security Risk Analyst (REMOTE) page is loaded Information Security - Security Risk Analyst (REMOTE) Apply locations Krakow, Poland Krakow, Poland Krakow, Poland time type Full time posted on Posted Yesterday job requisition id R45855 Company Overview At Motorola Solutions, we're guided by a shared purpose - helping people be their...
-
Information Security
2 tygodni temu
Kraków, Lesser Poland Remotework Pełny etatInformation Security - Security Risk Analyst (REMOTE)At Motorola Solutions, we're guided by a shared purpose - helping people be their best in the moments that matter - and we live up to our purpose every day by solving for safer. Because people can only be their best when they not only feel safe, but are safe. We're solving for safer by building the best...
-
Information Security Officer
2 tygodni temu
Kraków, Lesser Poland Experis ManpowerGroup Sp. z o.o. Pełny etatWe are seeking a highly motivated and organized individual to join our team as an Information Security Officers (ISO) Assistant. In this role, you will provide crucial support in overseeing and managing the organization's Global Security program for the EU region. The ideal candidate will have a strong understanding of cybersecurity principles, exceptional...
-
Information Security Analyst III
2 tygodni temu
Kraków, Lesser Poland Westinghouse Electric Company LLC. Pełny etatAn Information Security Analyst III **will be responsible for** identifying, assessing, and mitigating vulnerabilities in an organization's systems and applications as part of **our Vulnerability Management team**. The identified candidate will work closely with **other members of the IT and various business units** to provide expertise to help identify and...
-
Information Security Analyst III
2 tygodni temu
Kraków, Lesser Poland Cloudsecurityexpo Pełny etatAn Information Security Analyst III will be responsible for identifying, assessing, and mitigating vulnerabilities in an organization's systems and applications as part of our Vulnerability Management team. The identified candidate will work closely with other members of the IT and various business units to provide expertise to help identify and prioritize...
-
InfoSec Engineer Assessments
2 tygodni temu
Kraków, Lesser Poland Philip Morris International Management SA Pełny etatMAKE HISTORY WITH USAt PMI, we've chosen to do something incredible.We're totally transforming our business and building our future on smoke-free products with the power to deliver a smoke-free future.With huge change, comes huge opportunity. So, wherever you join us, you'll enjoy the freedom to dream up and deliver better, brighter solutions and you will...
-
Security Engineer
2 tygodni temu
Kraków, Lesser Poland AirHelp Pełny etatSecurity EngineerDepartment: EngineeringEmployment Type: Full TimeLocation: KrakówReporting To: Head of SecurityDescriptionAre you excited about delivering reliable services to clients and are proactive about risk management and strategic security initiatives? Then join us as a Security Engineer. As a team, we are here to implement and manage security...
-
Security Engineer
2 tygodni temu
Kraków, Lesser Poland Certara Pełny etatOverview Security Engineer plays a key part for correlation rules and dashboard creation and support the rest of the team. The Security Engineer works in a team with an investigative spirit, good perception, and judgment of the security landscape. The Security Engineer will help develop our strategy for finding innovative ways to monitor our...
-
Information Security Engineer
2 tygodni temu
Kraków, Lesser Poland Ocado Group Pełny etatAs a Information Security Engineer, you'll be part of the InfoSec team in a highly dynamic and innovative environment committed to enhancing businesses' security posture and improving their infrastructure's security on cloud platforms. How you contribute to this goal will be determined by your skills and interests, whether this could be writing code for...
-
Information Security Engineer
2 tygodni temu
Kraków, Lesser Poland Crossweb Pełny etatWork from almost any location for up to 30 calendar days a yearHome office equipment: additional screens, office chairs and other needed accessoriesbreakfasts and a lot of different occasions to celebrate togethermeet-upsIT conferences - good discount when Ocado is a sponsorO'Reilly Online Learning platformself-learning library and training budgetInternal...
-
Information Security Engineer
2 tygodni temu
Kraków, Lesser Poland Ocado Group Pełny etatAs a Information Security Engineer , youll be part of the InfoSec team in a highly dynamic and innovative environment committed to enhancing businesses' security posture and improving their infrastructure's security on cloud platforms. How you contribute to this goal will be determined by your skills and interests, whether this could be writing code for...
-
Information Security Engineer
2 tygodni temu
Kraków, Lesser Poland Ocado Technology Group Pełny etatAs a Information Security Engineer, you'll be part of the InfoSec team in a highly dynamic and innovativeenvironment committed to enhancing businesses' security posture and improving their infrastructure's security on cloud platforms. How you contribute to this goal will be determined by your skills and interests, whether this could be writing code for...
-
Security Engineer
2 tygodni temu
Kraków, Lesser Poland Verisk Pełny etatVerisk The world's most effective and responsible data analytics company in pursuit of our customers' most strategic opportunities. View company page We help the world see new possibilities and inspire change for better tomorrows. Our analytic solutions bridge content, data, and analytics to help business, people, and society become stronger, more...
-
Security Engineer
2 tygodni temu
Kraków, Lesser Poland Verisk Pełny etatJoin Verisk's Global Enterprise Information Security Team and be part of the new Center of Excellence in Poland.As a Security Engineer, you'll have a great opportunity to enhance your security automation skills using Artificial Intelligence. Your role is vital in strengthening cybersecurity resilience and protecting our systems from evolving threats.Main...
-
Senior Cyber Security Analyst
2 tygodni temu
Kraków, Lesser Poland FLYR, Inc. Pełny etatFlight Itinerary (About The Role)The Cyber Security Analyst will play a crucial role in our team, combining technical expertise with the ability to collaborate effectively with engineering and DevOps teams. This position involves hands-on analysis of network and host data, identifying and documenting cybersecurity events or potential threats to ensure the...
-
Security Analyst
2 tygodni temu
Kraków, Lesser Poland Software Mind Pełny etatSoftware Mind A software house that provides software development services to boost product engineering and digital transformation capabilities. View company page We are Software Mind, an awesome team of engineers who are ready to ramp up any top-notch company's projects Our aim? To always be one step ahead. Become part of a multicultural company in...
-
Security Engineer – Antimalware Endpoint Security
2 tygodni temu
Kraków, Lesser Poland ITDS Business Consultants Pełny etatSecurity Engineer – Antimalware Endpoint SecurityJoin us, and enhance security across global infrastructuresKrakow-based opportunity with the possibility to work 100% remotelyAs a Security Engineer – Antimalware Endpoint Security, you will be working for our client, a global financial services organization focused on safeguarding its vast network and...
-
Cloud Security Engineer
2 tygodni temu
Kraków, Lesser Poland Euroclear Pełny etatExpected, Cloudflare, HTTP, HTTPS, SSL, TLS/mTLS, PythonOptional, Agile, Scrum, DevOpsOperating system, Windows, LinuxAbout the project, As a global critical financial infrastructure, the protection of Euroclear information and assets is fundamental to the companys' business. Security is at the core of our services, firmly embedded in the management systems...
-
Security Risk Analyst
2 tygodni temu
Kraków, Lesser Poland Experis ManpowerGroup Sp. z o.o. Pełny etatConducting risk assessments (ideally of third-party vendors) against security standards, such as ISO 27001 and NIST Understanding of concepts of cyber security controls in IT areas (e.g. Access management, Application security) Knowledge of security assessments methodology Analyzing and evaluating security controls and documentation policies (evidence) ...