Global IT Security Expert

Global IT Security Expert

Position of broad specialization. In this role employee will lead and advance the strategic security operations and engineering initiatives across GGH, ensuring robust protection of digital assets, infrastructure, and operational continuity. The Security Expert will drive innovation, influence global security posture, and serve as a key advisor on risk mitigation and complianceensure continuous operating and management on IT Security across GGH global environment.

This role will closely cooperate with varius internal teams (OT, Infrastructure) and with business stakeholders. Also, role will be responsible for contact with external stakeholders (clients, vendors).

On daily basis will be responsible globally for IT Security related work and support including security incidents response and handling, cooperation with MSSP team, work with Data Loss Prevention, Privilege Access Management, Vulnerability Management, Security Awareness and other IT Security systems.

Tasks:

• Design and govern enterprise-wide security architecture integrating cutting-edge technologies (e.g., zero trust, AI-driven threat detection) to proactively mitigate risks across hybrid environments.
• Lead global security transformation programs, aligning with executive leadership and regulatory bodies to ensure strategic resilience and compliance.
• Drive threat intelligence operations, including predictive analytics, adversary simulation, and coordination to anticipate and neutralize emerging threats.
• Establish and evolve governance frameworks for security and business continuity, embedding risk-based decision-making into enterprise processes.
• Oversee incident response orchestration, ensuring rapid containment, root cause analysis, and executive-level reporting for high-impact events.
• Mentor and develop security thinking across regional and global IT teams.
• Continuously assess and optimize security tooling and platforms, including local and cloud-native controls, ensuring scalability and performance.
• Lead strategic vendor and partner engagements, driving innovation in third-party risk management and secure supply chain practices.
• Champion enterprise-wide security awareness and behavioral change programs, influencing culture through targeted campaigns and executive engagement.
• Represent the organization in external forums, including industry working groups, regulatory consultations, and cybersecurity alliances.
• Conduct advanced risk modeling and scenario planning, integrating geopolitical, technological, and operational factors into business continuity strategies.
• Serve as escalation point for complex or unresolved security issues, providing strategic guidance and technical oversight to resolution teams.
• Initiate and lead internal audits and maturity assessments, benchmarking against global standards (e.g., ISO 27001, NIST CSF, MITRE ATT&CK).
• Perform other strategic duties as assigned, contributing to enterprise resilience, innovation, and competitive advantage.

Core Competencies & Expertise

• Strategic Alignment: Ability to align global security programs with long-term enterprise risk management and business growth objectives.
• Leadership & Influence: Demonstrated success in leading and scaling international security teams while influencing executive and cross-functional stakeholders.
• Risk Management: Skilled in evaluating and mitigating multi-dimensional security risks, including geopolitical, supply chain, and emerging threat vectors.
• Security Architecture: Deep expertise in designing resilient security architectures that integrate threat intelligence, adversary simulation, and automated incident response.
• Innovation in Operations: Proven ability to drive innovation in security operations by adopting disruptive technologies and evolving defense strategies.
• Executive Communication: Exceptional skill in translating complex security insights into actionable guidance for senior leadership and non-technical audiences.
• Regulatory Compliance: Comprehensive understanding of global regulatory ecosystems, embedding compliance into enterprise-wide governance and operations.
• Global Implementation: Advanced capability to orchestrate cross-departmental and cross-border security implementations, ensuring consistency, scalability, and agility.

Qualfications:

• Master's degree in IT-related field or Security
• English level B2
• 5–10 years of relevant experience

Other qualifications:

• IT Security Certificates (i.e. CEH, CISSP, SCCP, CCSP, CompTia Security+, OCSP, etc.)
• Knowledge in area of ISO27001, NIST, etc.

IT Skills:

• Understanding of concepts and hands-on experience for Endpoint & Infrastructure security
• Cloud security (Azure, MS365 stack)
• DLP
• CASB
• SIEM
• PAM
• VM
• Security Awareness (KnowBe4)

We offer:

• Being part of a fast-growing, dynamic company, recognized as one of the foremost global packaging manufacturers.
• Great professional growth opportunities.
• Annual bonus.
• Private medical care & insurance plan for you to keep an eye on your health.
• MyBenefit program.
• Flexible and hybrid work arrangement: We offer a flexible hybrid work model – 2 days a week in the Krakow office, or fully remote if you're located elsewhere.
• Parking space for all employees.
• Comfortable working environment (library, relaxation area with a view of the Wawel castle and city center, casual dress code

Jeśli jesteś aktualnie pracownikiem CANPACK, aplikuj na ogłoszenie przez

swoje konto w systemie Workday

.

Grupa CANPACK dokłada wszelkich starań, aby zapewnić równe szanse zatrudnienia wszystkim kandydatom i pracownikom. Decyzje o zatrudnieniu opierają się na względach zawodowych, niezależnie od narodowości, koloru skóry, religii, wieku, płci, orientacji seksualnej, tożsamości płciowej, pochodzenia, niepełnosprawności lub innego statusu chronionego prawem, chyba że ewentualne rozróżnienie jest wymagane prawem.