Oferta pracy

Cyber Security Assurance Manager

JTI GBS POLAND Sp. z o.o.

JTI GBS POLAND Sp. z o.o.

Prosta 20

Wola

Warszawa

Technologies we use

Expected

  • Security assurance

  • DevOps

Your responsibilities

  • Continuous Assurance verification using DevOps automated testing tools. Definition of operating model and analysis of further solutions to automate runtime protection (RASP) in continuous Integration environments (Gitlab, Azure DevOps, Github, etc.) used by different teams in JTI.

  • Continuous Assurance verification in containerized environments in which dockers/Kubernetes are used. Continuous definition/review of policies/settings to perform continuous workload protection, continuous Kubernetes protection and continuous containers/microservices protection.

  • Continuous Web and mobile-based application Security Assurance. Define methodology and criteria to assess the security of constantly changing, business-critical web-based/mobile-based applications). Analysis of tools to provide continuous assurance (threat management, verification of the effectiveness of the applied application hardening measures, etc.).

  • Continuous Network Security Assurance. Definition of a plan based on what to test, how and environments to be tested.

  • Continuous Third-party Security assurance. Define framework and procedures for continuous third-party assurance and analysis/definition/implementation of automation tools to support in conducting security assessments where possible such as third-party technical security assessments based on projects, services provided, and IT products delivered.

  • Security solutions periodical checks or technical auditing (ASM / APM WAF rules, TM Security Workload protection rules, TME email protection rules, WD for endpoints/ for identity rules/policies, etc.)

  • Continuous assurance checks to verify security design and architecture and requirements are in place before production implementations take place.

  • IoT security Continuous assurance evaluation. Evaluate IoT device's connectivity, potential losses, and threats yields an objective set of priorities for a development team to tackle.

  • Perform multi-vector simulations and security diagnostics (both on-demand attack simulations or targeted attack simulations) based on critical assets and security solutions in JTI automating the process using solutions which can help provide results on overall security posture so as to take action(s) accordingly. Development of short and long-term strategic security technology roadmaps which support our enterprise technology roadmaps and key business objectives

Our requirements

  • University degree in Computer Engineering, Information Systems, or related field or relevant experience.

  • 5 years of Pen Testing / Application, Network, System Security Assessment, Ethical Hacking, Vulnerability Management

  • Experience in cyber security assessments of an international corporation in a multicultural environment.

  • Preferably manage their own blog, be active as security evangelist or in publishing discovered vulnerabilities.

  • Analytical, organized and efficient team player

  • Knowledge of Security Management standards such as OWASP, NIST, ISO, Cloud Alliance, PCI DSS.

  • Expertise on the following: evaluation of effectiveness of internal controls, breach and attack simulation solution implementation, integration of defense tactics in offensive strategies, security metrics regarding offensive/defensive activities.

  • Fluent English written and spoken.

  • Excellent team leadership, excellent analytical and communication skills.

What we offer

  • a competitive pay (together with annual bonus) and an attractive benefits package including medical care, Multisport card, life insurance, pension plan

  • ambitious goal to set up new Global Business Center

  • complex environment of working with multiple stakeholders, professional support and possibility to share knowledge and best practices

  • on-going development opportunities in a multinational environment that will inspire you to grow professionally and personally

  • wide variety of projects and tasks, ambitious goals and independence in achieving them

  • dynamic and innovative spirit with a constant quest to do things better

  • flexible working conditions

  • modern office in a convenient location

  • Benefits

  • sharing the costs of sports activities

  • private medical care

  • sharing the costs of foreign language classes

  • life insurance

  • remote work opportunities

  • flexible working time

  • retirement pension plan

  • no dress code

  • sharing the costs of holidays for kids

  • charity initiatives

  • JTI Family Leave Benefit - additional paternity leave

  • Anniversary awards

  • JTI Benefit Platform

Recruitment stages
1

Apply!

2

Phone call - recruiter's screen

3

Online meeting with HR Specialist

4

Online meeting with Manager

5

Offer

JTI GBS POLAND Sp. z o.o.

We’re JTI, Japan Tobacco International and we believe in freedom. We think that the possibilities are limitless when you’re free to choose. And we’ve spent the last 20 years innovating, creating new and better products for our consumers to choose from.

But our business, isn’t just business. Our business is our people. Their talent. Their potential. We believe when they’re free to be themselves, grow, travel and develop, amazing things can happen for our business. That’s why our employees, from around the world, choose to be a part of JTI and why 9 out of 10 would recommend us to a friend.

So when you’re ready to choose a career you’ll love, in a company you’ll love, feel free to #join the idea!

Scroll to the company’s profile

What are the next steps – Recruitment process:

Thank you very much for your interest in the role. You are welcome to apply.

We will make sure every candidate will receive a reply within 2 weeks after the application

deadline.