Pracodawca zakończył zbieranie zgłoszeń na tę ofertę

Governance, Risk & Compliance Specialist (IT Security Team)

Sylvamo Global Business Services Center

  • Lubicz 23, Grzegórzki, Kraków
    Kraków, Lesser Poland
  • offer expired 3 months ago
  • contract of employment
  • full-time
  • specialist (Mid / Regular)
  • hybrid work
  • Immediate employment

Sylvamo Global Business Services Center

Lubicz 23



Technologies we use


  • Microsoft Azure

  • Microsoft Excel


  • Proofpoint

  • Security Scorecard

Operating system

About the project

You will analyze IT Security concerns in terms of business objectives, audit recommendations and industry regulations to drive Sylvamo’s Cyber Governance program. Your primary responsibility will include developing, managing, and communicating IT/Cyber policies and standards in support of industry and regulatory needs as well as general IT/Cyber practices. You will have a chance to use your communication skills and demonstrate the ability to build relationships within a diverse team environment. You will perform and improve the current control environment, promoting security awareness and monitoring metrics to measure control effectiveness and other projects based on specialized plans. You will help maintain standards and documentation.

Your responsibilities

  • Create and participate in the execution of self-assessments and other business assurance activities to provide a more accurate picture of criteria and gap areas against standards and expectation

  • Liaise with Legal and Compliance on various compliance, privacy and security initiatives, thus building a strong knowledge of Governance, Risk and Compliance functions

  • Assist with internal and external security reviews, audits, and controls evaluations

  • Create and execute Phishing exercises and security awareness communications

  • Develop and enhance Cyber Security training

  • Provide input to the company risk management process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and training materials)

  • Lead meetings with business partners to ensure remediation efforts adhere to corporate standards and policies

  • Provide expert level analysis/validation of remediation actions taken, opportunities for improvements and out of the box thinking for optimizations and solving roadblocks

  • Create reports and dashboard to support Cyber Security metrics

  • Demonstrate flexibility to meet the needs of external and internal customers regarding changes in work volume, scheduling changes, planned and unplanned changes

  • Work as part of a team to collaborate on ideas and solutions

  • Solve challenging cases while providing high level platform uptime and availability

Our requirements

  • Bachelor’s Degree in Information Technology, Information Security/Assurance, Computer Science, Engineering, or related field of study, or any combination of relevant equivalent experience, education and training

  • 3+ years of overall IT work experience (with at least 3 years in an Information Security role)

  • Proven leadership skills with the ability to manage conflict, deal with ambiguity, negotiate and make timely decisions

  • Advanced understanding and practical application experience in Governance, Risk & Compliance and Security related technologies and services

  • Experience with Security Awareness, policy creation and phishing concepts

  • Understanding of a variety of technical concepts such as: networking, system administration, application development, cloud computing and IT Security best practices

  • Ability to assess and communicate risk within a business context and to provide concise business communication for multiple levels (management, technical, and user)

  • Experience with data analytics with the ability to provide qualitative analysis and recommendations

  • Strong attention to detail, data accuracy, and data analysis

  • Self-motivation with a high level of integrity and a high sense of urgency

  • The ability to learn and apply new concepts quickly

  • Comfort in dealing with internal or external organizations regarding security policy and standards violations, security controls failure and incident response situations


  • Security Certification preferred: CISSP, CISM, GIAC or CISA or similar

Division of working time

Security consulting & assesment


Analysis (e.g. configure phishing, reporting, metrics)


Security Awareness Content development


Compliance and Privacy

This is how we organize our work

Team size

  • 2

This is how we work

  • in house
  • you develop several projects simultaneously
  • you have influence on the choice of tools and technologies
  • agile


  • sharing the costs of sports activities

  • private medical care

  • sharing the costs of foreign language classes

  • sharing the costs of professional training & courses

  • remote work opportunities

  • integration events

  • corporate library

  • coffee / tea

  • leisure zone

  • extra social benefits

  • pre-paid cards

  • sharing the costs of tickets to the movies, theater

  • holiday funds

  • sharing the costs of holidays for kids

  • christmas gifts

  • sharing the costs of a streaming platform subscription

  • employee referral program

  • charity initiatives

  • family picnics

Recruitment stages










Sylvamo Global Business Services Center

At Sylvamo, we’re a team on a mission. When you work for us, you’ll be helping to sustain and renew ecosystems, while delivering on the promise of paper to educate, communicate and entertain the world. We are the world’s paper company. Our purpose is to produce the paper the world relies on in the most responsible and sustainable ways. Come grow with us.

Scroll to the company’s profile